Prosím o kontrolu z logu - Zasekaný a zpomalený PC

daniel6134 · Příspěvekod **daniel6134** » 20 úno 2013 19:09

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:07:30, on 20.2.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG\AVG PC Tuneup 2011\BoostSpeed.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AVG\AVG2013\avgfws.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AVG\AVG2013\avgidsagent.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVG\AVG2013\avgnsx.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator\Dokumenty\Downloads\HiJackThis.exe
C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 5764 bytes

Reklama

Příspěvekod **memphisto** » 20 úno 2013 19:14

v logu fixni:
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

daniel6134 · Příspěvekod **daniel6134** » 20 úno 2013 19:23

prosimtě k tomu ATF cleaner , co když používám Google Ch. ??

Příspěvekod **memphisto** » 20 úno 2013 19:26

Tak nic. Pokračuj dále.

daniel6134 · Příspěvekod **daniel6134** » 20 úno 2013 19:59

1. LOG
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.70.0.1100
www.malwarebytes.org

Verze: v2013.02.20.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
Administrator :: MICHAL-E2561234 [administrátor]

Ochrana: Povolena

20.2.2013 19:39:57
mbam-log-2013-02-20 (19-39-57).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 191955
Uplynulý čas: 16 minut, 11 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

daniel6134 · Příspěvekod **daniel6134** » 20 úno 2013 20:02

2. LOG
# AdwCleaner v2.112 - Logfile created 02/20/2013 at 20:01:33
# Updated 10/02/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Administrator - MICHAL-E2561234
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Administrator\Dokumenty\Downloads\adwcleaner0.exe
# Option [Search]

***** [Services] *****

***** [Files / Folders] *****

Folder Found : C:\Documents and Settings\All Users\Data aplikací\boost_interprocess

***** [Registry] *****

Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\Ask.com.tmp
Key Found : HKCU\Software\PIP
Key Found : HKLM\SOFTWARE\Classes\toolband.eb_explorerbar
Key Found : HKLM\SOFTWARE\Classes\toolband.eb_explorerbar.1
Key Found : HKLM\SOFTWARE\Classes\toolband.fh_hookeventsink
Key Found : HKLM\SOFTWARE\Classes\toolband.fh_hookeventsink.1
Key Found : HKLM\SOFTWARE\Classes\toolband.ipm_printlistitem
Key Found : HKLM\SOFTWARE\Classes\toolband.ipm_printlistitem.1
Key Found : HKLM\SOFTWARE\Classes\toolband.pm_dialogeventshandler
Key Found : HKLM\SOFTWARE\Classes\toolband.pm_dialogeventshandler.1
Key Found : HKLM\SOFTWARE\Classes\toolband.pm_launcher
Key Found : HKLM\SOFTWARE\Classes\toolband.pm_launcher.1
Key Found : HKLM\SOFTWARE\Classes\toolband.pm_printmanager
Key Found : HKLM\SOFTWARE\Classes\toolband.pm_printmanager.1
Key Found : HKLM\SOFTWARE\Classes\toolband.pr_bindstatuscallback
Key Found : HKLM\SOFTWARE\Classes\toolband.pr_bindstatuscallback.1
Key Found : HKLM\SOFTWARE\Classes\toolband.pr_cancelbuttoneventhandler
Key Found : HKLM\SOFTWARE\Classes\toolband.pr_cancelbuttoneventhandler.1
Key Found : HKLM\SOFTWARE\Classes\toolband.pr_printdialogcallback
Key Found : HKLM\SOFTWARE\Classes\toolband.pr_printdialogcallback.1
Key Found : HKLM\SOFTWARE\Classes\toolband.tbtoolband
Key Found : HKLM\SOFTWARE\Classes\toolband.tbtoolband.1
Key Found : HKLM\SOFTWARE\Classes\toolband.useroptions
Key Found : HKLM\SOFTWARE\Classes\toolband.useroptions.1
Key Found : HKLM\Software\PIP

***** [Internet Browsers] *****

-\\ Internet Explorer v6.0.2900.5512

[OK] Registry is clean.

-\\ Mozilla Firefox v [Unable to get version]

File : C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\jtaenlzh.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v24.0.1312.57

File : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [2538 octets] - [20/02/2013 20:01:33]

########## EOF - C:\AdwCleaner[R1].txt - [2598 octets] ##########

Příspěvekod **jaro3** » 20 úno 2013 20:12

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Delete“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

daniel6134 · Příspěvekod **daniel6134** » 21 úno 2013 13:57

log z ADW cleaner :
# AdwCleaner v2.112 - Logfile created 02/21/2013 at 13:50:09
# Updated 10/02/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Administrator - MICHAL-E2561234
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Administrator\Dokumenty\Downloads\adwcleaner0.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\boost_interprocess

***** [Registry] *****

Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\PIP
Key Deleted : HKLM\SOFTWARE\Classes\toolband.eb_explorerbar
Key Deleted : HKLM\SOFTWARE\Classes\toolband.eb_explorerbar.1
Key Deleted : HKLM\SOFTWARE\Classes\toolband.fh_hookeventsink
Key Deleted : HKLM\SOFTWARE\Classes\toolband.fh_hookeventsink.1
Key Deleted : HKLM\SOFTWARE\Classes\toolband.ipm_printlistitem
Key Deleted : HKLM\SOFTWARE\Classes\toolband.ipm_printlistitem.1
Key Deleted : HKLM\SOFTWARE\Classes\toolband.pm_dialogeventshandler
Key Deleted : HKLM\SOFTWARE\Classes\toolband.pm_dialogeventshandler.1
Key Deleted : HKLM\SOFTWARE\Classes\toolband.pm_launcher
Key Deleted : HKLM\SOFTWARE\Classes\toolband.pm_launcher.1
Key Deleted : HKLM\SOFTWARE\Classes\toolband.pm_printmanager
Key Deleted : HKLM\SOFTWARE\Classes\toolband.pm_printmanager.1
Key Deleted : HKLM\SOFTWARE\Classes\toolband.pr_bindstatuscallback
Key Deleted : HKLM\SOFTWARE\Classes\toolband.pr_bindstatuscallback.1
Key Deleted : HKLM\SOFTWARE\Classes\toolband.pr_cancelbuttoneventhandler
Key Deleted : HKLM\SOFTWARE\Classes\toolband.pr_cancelbuttoneventhandler.1
Key Deleted : HKLM\SOFTWARE\Classes\toolband.pr_printdialogcallback
Key Deleted : HKLM\SOFTWARE\Classes\toolband.pr_printdialogcallback.1
Key Deleted : HKLM\SOFTWARE\Classes\toolband.tbtoolband
Key Deleted : HKLM\SOFTWARE\Classes\toolband.tbtoolband.1
Key Deleted : HKLM\SOFTWARE\Classes\toolband.useroptions
Key Deleted : HKLM\SOFTWARE\Classes\toolband.useroptions.1
Key Deleted : HKLM\Software\PIP

***** [Internet Browsers] *****

-\\ Internet Explorer v6.0.2900.5512

[OK] Registry is clean.

-\\ Mozilla Firefox v [Unable to get version]

File : C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\jtaenlzh.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v24.0.1312.57

File : C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [2667 octets] - [20/02/2013 20:01:33]
AdwCleaner[S1].txt - [2611 octets] - [21/02/2013 13:50:09]

########## EOF - C:\AdwCleaner[S1].txt - [2671 octets] ##########

Další logy sem hodím za chvíly :)

daniel6134 · Příspěvekod **daniel6134** » 21 úno 2013 14:33

TDSSkiller Log :
14:06:10.0062 3768 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:06:11.0562 3768 ============================================================
14:06:11.0562 3768 Current date / time: 2013/02/21 14:06:11.0562
14:06:11.0562 3768 SystemInfo:
14:06:11.0562 3768
14:06:11.0562 3768 OS Version: 5.1.2600 ServicePack: 3.0
14:06:11.0562 3768 Product type: Workstation
14:06:11.0562 3768 ComputerName: MICHAL-E2561234
14:06:11.0562 3768 UserName: Administrator
14:06:11.0562 3768 Windows directory: C:\WINDOWS
14:06:11.0562 3768 System windows directory: C:\WINDOWS
14:06:11.0562 3768 Processor architecture: Intel x86
14:06:11.0562 3768 Number of processors: 1
14:06:11.0562 3768 Page size: 0x1000
14:06:11.0562 3768 Boot type: Normal boot
14:06:11.0562 3768 ============================================================
14:06:12.0984 3768 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
14:06:12.0984 3768 ============================================================
14:06:12.0984 3768 \Device\Harddisk0\DR0:
14:06:12.0984 3768 MBR partitions:
14:06:12.0984 3768 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C0681
14:06:12.0984 3768 ============================================================
14:06:13.0015 3768 C: <-> \Device\Harddisk0\DR0\Partition1
14:06:13.0015 3768 ============================================================
14:06:13.0015 3768 Initialize success
14:06:13.0015 3768 ============================================================
14:06:17.0312 0920 ============================================================
14:06:17.0312 0920 Scan started
14:06:17.0312 0920 Mode: Manual;
14:06:17.0312 0920 ============================================================
14:06:18.0875 0920 ================ Scan system memory ========================
14:06:18.0875 0920 System memory - ok
14:06:18.0875 0920 ================ Scan services =============================
14:06:19.0156 0920 Abiosdsk - ok
14:06:19.0171 0920 abp480n5 - ok
14:06:19.0281 0920 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:06:19.0281 0920 ACPI - ok
14:06:19.0328 0920 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
14:06:19.0328 0920 ACPIEC - ok
14:06:19.0484 0920 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:06:19.0484 0920 AdobeFlashPlayerUpdateSvc - ok
14:06:19.0500 0920 adpu160m - ok
14:06:19.0562 0920 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
14:06:19.0578 0920 aec - ok
14:06:19.0687 0920 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
14:06:19.0687 0920 AFD - ok
14:06:19.0703 0920 Aha154x - ok
14:06:19.0718 0920 aic78u2 - ok
14:06:19.0734 0920 aic78xx - ok
14:06:19.0765 0920 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
14:06:19.0765 0920 Alerter - ok
14:06:19.0812 0920 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
14:06:19.0812 0920 ALG - ok
14:06:19.0828 0920 AliIde - ok
14:06:19.0875 0920 [ 99BD5596B5D06C2EAD3CECC6F11999F5 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
14:06:19.0875 0920 AmdK8 - ok
14:06:19.0890 0920 amsint - ok
14:06:19.0968 0920 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
14:06:19.0984 0920 AppMgmt - ok
14:06:20.0000 0920 asc - ok
14:06:20.0015 0920 asc3350p - ok
14:06:20.0031 0920 asc3550 - ok
14:06:20.0203 0920 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
14:06:20.0203 0920 aspnet_state - ok
14:06:20.0265 0920 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:06:20.0265 0920 AsyncMac - ok
14:06:20.0312 0920 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
14:06:20.0312 0920 atapi - ok
14:06:20.0328 0920 Atdisk - ok
14:06:20.0375 0920 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:06:20.0375 0920 Atmarpc - ok
14:06:20.0453 0920 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
14:06:20.0453 0920 AudioSrv - ok
14:06:20.0468 0920 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
14:06:20.0468 0920 audstub - ok
14:06:20.0531 0920 [ 8BE661C16FBF84A73BCEC84B6B4A9DB5 ] Avgfwdx C:\WINDOWS\system32\DRIVERS\avgfwdx.sys
14:06:20.0531 0920 Avgfwdx - ok
14:06:20.0546 0920 [ 8BE661C16FBF84A73BCEC84B6B4A9DB5 ] Avgfwfd C:\WINDOWS\system32\DRIVERS\avgfwdx.sys
14:06:20.0546 0920 Avgfwfd - ok
14:06:21.0046 0920 [ D0BE22C910E46550C6308D50DDA76B94 ] avgfws C:\Program Files\AVG\AVG2013\avgfws.exe
14:06:21.0062 0920 avgfws - ok
14:06:22.0796 0920 [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent C:\Program Files\AVG\AVG2013\avgidsagent.exe
14:06:22.0843 0920 AVGIDSAgent - ok
14:06:22.0953 0920 [ 7BB2C605094DBCA536D127B434214862 ] AVGIDSDriver C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
14:06:22.0968 0920 AVGIDSDriver - ok
14:06:23.0031 0920 [ 8F50F98686C9A397A19FCBAE284DB1C5 ] AVGIDSHX C:\WINDOWS\system32\DRIVERS\avgidshx.sys
14:06:23.0031 0920 AVGIDSHX - ok
14:06:23.0062 0920 [ A8DE230CC8536790CA07D37FBCD87A74 ] AVGIDSShim C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
14:06:23.0062 0920 AVGIDSShim - ok
14:06:23.0156 0920 [ D53D35031365A0ECCB1DC1BC1B15B18E ] Avgldx86 C:\WINDOWS\system32\DRIVERS\avgldx86.sys
14:06:23.0156 0920 Avgldx86 - ok
14:06:23.0234 0920 [ 95889A9D23F3133250FA8AD13C982D58 ] Avglogx C:\WINDOWS\system32\DRIVERS\avglogx.sys
14:06:23.0234 0920 Avglogx - ok
14:06:23.0281 0920 [ AF7AA9BA434CD28833A66E90993E8DFD ] Avgmfx86 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
14:06:23.0281 0920 Avgmfx86 - ok
14:06:23.0328 0920 [ F3D57358DE0B8B3491013C615754A7C7 ] Avgrkx86 C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
14:06:23.0328 0920 Avgrkx86 - ok
14:06:23.0437 0920 [ BA73B38E9033FC6018DB736B635706AE ] Avgtdix C:\WINDOWS\system32\DRIVERS\avgtdix.sys
14:06:23.0437 0920 Avgtdix - ok
14:06:23.0546 0920 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files\AVG\AVG2013\avgwdsvc.exe
14:06:23.0546 0920 avgwd - ok
14:06:23.0875 0920 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
14:06:23.0875 0920 Beep - ok
14:06:24.0031 0920 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
14:06:24.0046 0920 BITS - ok
14:06:24.0125 0920 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
14:06:24.0125 0920 Browser - ok
14:06:24.0156 0920 [ B279426E3C0C344893ED78A613A73BDE ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
14:06:24.0156 0920 BthEnum - ok
14:06:24.0171 0920 [ FCA6F069597B62D42495191ACE3FC6C1 ] BTHMODEM C:\WINDOWS\system32\DRIVERS\bthmodem.sys
14:06:24.0171 0920 BTHMODEM - ok
14:06:24.0218 0920 [ 80602B8746D3738F5886CE3D67EF06B6 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
14:06:24.0218 0920 BthPan - ok
14:06:24.0343 0920 [ F338662A6C1FC11DD9508F6DFF2C06A2 ] BTHPORT C:\WINDOWS\system32\Drivers\BTHport.sys
14:06:24.0359 0920 BTHPORT - ok
14:06:24.0421 0920 [ 70CA4B3F634C9DCA200832F8DA76E009 ] BthServ C:\WINDOWS\System32\bthserv.dll
14:06:24.0421 0920 BthServ - ok
14:06:24.0453 0920 [ 61364CD71EF63B0F038B7E9DF00F1EFA ] BTHUSB C:\WINDOWS\system32\Drivers\BTHUSB.sys
14:06:24.0453 0920 BTHUSB - ok
14:06:24.0500 0920 [ 04E1C782CF14B7282EBC633B0FD3ED16 ] Cardex C:\WINDOWS\system32\drivers\TBPANEL.SYS
14:06:24.0500 0920 Cardex - ok
14:06:24.0625 0920 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
14:06:24.0625 0920 cbidf2k - ok
14:06:24.0656 0920 cd20xrnt - ok
14:06:24.0703 0920 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
14:06:24.0703 0920 Cdaudio - ok
14:06:24.0765 0920 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
14:06:24.0765 0920 Cdfs - ok
14:06:24.0812 0920 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:06:24.0812 0920 Cdrom - ok
14:06:24.0828 0920 Changer - ok
14:06:24.0859 0920 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
14:06:24.0859 0920 CiSvc - ok
14:06:24.0890 0920 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
14:06:24.0906 0920 ClipSrv - ok
14:06:25.0015 0920 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:06:25.0015 0920 clr_optimization_v2.0.50727_32 - ok
14:06:25.0093 0920 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:06:25.0093 0920 clr_optimization_v4.0.30319_32 - ok
14:06:25.0109 0920 CmdIde - ok
14:06:25.0125 0920 COMSysApp - ok
14:06:25.0171 0920 Cpqarray - ok
14:06:25.0203 0920 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
14:06:25.0203 0920 CryptSvc - ok
14:06:25.0218 0920 dac2w2k - ok
14:06:25.0234 0920 dac960nt - ok
14:06:25.0390 0920 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
14:06:25.0406 0920 DcomLaunch - ok
14:06:25.0484 0920 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
14:06:25.0484 0920 Dhcp - ok
14:06:25.0546 0920 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
14:06:25.0546 0920 Disk - ok
14:06:25.0640 0920 dmadmin - ok
14:06:25.0906 0920 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
14:06:25.0921 0920 dmboot - ok
14:06:25.0968 0920 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
14:06:25.0968 0920 dmio - ok
14:06:25.0984 0920 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
14:06:26.0000 0920 dmload - ok
14:06:26.0031 0920 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
14:06:26.0046 0920 dmserver - ok
14:06:26.0078 0920 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
14:06:26.0078 0920 DMusic - ok
14:06:26.0140 0920 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
14:06:26.0140 0920 Dnscache - ok
14:06:26.0218 0920 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
14:06:26.0218 0920 Dot3svc - ok
14:06:26.0234 0920 dpti2o - ok
14:06:26.0250 0920 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
14:06:26.0250 0920 drmkaud - ok
14:06:26.0359 0920 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
14:06:26.0375 0920 dtsoftbus01 - ok
14:06:26.0390 0920 EagleNT - ok
14:06:26.0406 0920 EagleXNt - ok
14:06:26.0437 0920 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
14:06:26.0437 0920 EapHost - ok
14:06:26.0484 0920 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
14:06:26.0484 0920 ERSvc - ok
14:06:26.0640 0920 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
14:06:26.0640 0920 Eventlog - ok
14:06:26.0765 0920 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
14:06:26.0765 0920 EventSystem - ok
14:06:26.0828 0920 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
14:06:26.0843 0920 Fastfat - ok
14:06:26.0921 0920 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
14:06:26.0937 0920 FastUserSwitchingCompatibility - ok
14:06:26.0953 0920 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
14:06:26.0953 0920 Fdc - ok
14:06:27.0000 0920 [ 41561219A8C2D5CC17AA463ACFF0506F ] FETND5BV C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys
14:06:27.0000 0920 FETND5BV - ok
14:06:27.0046 0920 [ E9648254056BCE81A85380C0C3647DC4 ] FETNDIS C:\WINDOWS\system32\DRIVERS\fetnd5.sys
14:06:27.0046 0920 FETNDIS - ok
14:06:27.0109 0920 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
14:06:27.0109 0920 Fips - ok
14:06:27.0140 0920 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
14:06:27.0140 0920 Flpydisk - ok
14:06:27.0218 0920 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
14:06:27.0234 0920 FltMgr - ok
14:06:27.0296 0920 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
14:06:27.0296 0920 FontCache3.0.0.0 - ok
14:06:27.0328 0920 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:06:27.0328 0920 Fs_Rec - ok
14:06:27.0375 0920 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:06:27.0390 0920 Ftdisk - ok
14:06:27.0406 0920 [ 3A74C423CF6BCCA6982715878F450A3B ] gagp30kx C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
14:06:27.0406 0920 gagp30kx - ok
14:06:27.0468 0920 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:06:27.0468 0920 Gpc - ok
14:06:27.0515 0920 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:06:27.0531 0920 HDAudBus - ok
14:06:27.0703 0920 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:06:27.0703 0920 helpsvc - ok
14:06:27.0750 0920 [ 0D349DC78C6EE16E655557E325A67D9C ] HidBth C:\WINDOWS\system32\DRIVERS\hidbth.sys
14:06:27.0750 0920 HidBth - ok
14:06:27.0781 0920 [ 00E25EE90166B3E1BE6E74AEBF858306 ] HidServ C:\WINDOWS\System32\hidserv.dll
14:06:27.0781 0920 HidServ - ok
14:06:27.0812 0920 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:06:27.0812 0920 hidusb - ok
14:06:27.0875 0920 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
14:06:27.0875 0920 hkmsvc - ok
14:06:27.0890 0920 hpn - ok
14:06:28.0015 0920 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
14:06:28.0015 0920 HTTP - ok
14:06:28.0062 0920 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
14:06:28.0062 0920 HTTPFilter - ok
14:06:28.0078 0920 i2omgmt - ok
14:06:28.0093 0920 i2omp - ok
14:06:28.0140 0920 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\drivers\i8042prt.sys
14:06:28.0140 0920 i8042prt - ok
14:06:28.0437 0920 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:06:28.0437 0920 idsvc - ok
14:06:28.0484 0920 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
14:06:28.0484 0920 Imapi - ok
14:06:28.0578 0920 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
14:06:28.0578 0920 ImapiService - ok
14:06:28.0671 0920 ini910u - ok
14:06:30.0250 0920 [ A5D5B8C427F4B67580FB2B511291A89D ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
14:06:30.0296 0920 IntcAzAudAddService - ok
14:06:30.0312 0920 IntelIde - ok
14:06:30.0375 0920 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
14:06:30.0375 0920 Ip6Fw - ok
14:06:30.0421 0920 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:06:30.0421 0920 IpFilterDriver - ok
14:06:30.0437 0920 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:06:30.0437 0920 IpInIp - ok
14:06:30.0531 0920 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:06:30.0531 0920 IpNat - ok
14:06:30.0578 0920 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:06:30.0578 0920 IPSec - ok
14:06:30.0593 0920 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
14:06:30.0593 0920 IRENUM - ok
14:06:30.0718 0920 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:06:30.0718 0920 isapnp - ok
14:06:30.0750 0920 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:06:30.0750 0920 Kbdclass - ok
14:06:30.0765 0920 [ 86C8F23616C6C6E5B2776901C17B945B ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
14:06:30.0781 0920 kbdhid - ok
14:06:30.0843 0920 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
14:06:30.0843 0920 kmixer - ok
14:06:30.0921 0920 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
14:06:30.0921 0920 KSecDD - ok
14:06:30.0984 0920 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
14:06:30.0984 0920 lanmanserver - ok
14:06:31.0046 0920 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
14:06:31.0062 0920 lanmanworkstation - ok
14:06:31.0078 0920 lbrtfdc - ok
14:06:31.0140 0920 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
14:06:31.0140 0920 LmHosts - ok
14:06:31.0187 0920 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
14:06:31.0187 0920 MBAMProtector - ok
14:06:31.0359 0920 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:06:31.0375 0920 MBAMScheduler - ok
14:06:31.0578 0920 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
14:06:31.0593 0920 MBAMService - ok
14:06:31.0875 0920 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
14:06:31.0890 0920 MDM - ok
14:06:31.0937 0920 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
14:06:31.0937 0920 Messenger - ok
14:06:32.0000 0920 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
14:06:32.0000 0920 mnmdd - ok
14:06:32.0046 0920 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
14:06:32.0046 0920 mnmsrvc - ok
14:06:32.0109 0920 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
14:06:32.0109 0920 Modem - ok
14:06:32.0156 0920 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:06:32.0156 0920 Mouclass - ok
14:06:32.0187 0920 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:06:32.0187 0920 mouhid - ok
14:06:32.0218 0920 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
14:06:32.0218 0920 MountMgr - ok
14:06:32.0234 0920 mraid35x - ok
14:06:32.0296 0920 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:06:32.0296 0920 MRxDAV - ok
14:06:32.0468 0920 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:06:32.0468 0920 MRxSmb - ok
14:06:32.0515 0920 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
14:06:32.0515 0920 MSDTC - ok
14:06:32.0546 0920 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
14:06:32.0546 0920 Msfs - ok
14:06:32.0562 0920 MSIServer - ok
14:06:32.0578 0920 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:06:32.0578 0920 MSKSSRV - ok
14:06:32.0593 0920 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:06:32.0593 0920 MSPCLOCK - ok
14:06:32.0609 0920 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
14:06:32.0609 0920 MSPQM - ok
14:06:32.0640 0920 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:06:32.0640 0920 mssmbios - ok
14:06:32.0765 0920 [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor C:\WINDOWS\system32\DRIVERS\ASACPI.sys
14:06:32.0765 0920 MTsensor - ok
14:06:32.0828 0920 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
14:06:32.0828 0920 Mup - ok
14:06:32.0937 0920 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
14:06:32.0953 0920 napagent - ok
14:06:33.0031 0920 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
14:06:33.0031 0920 NDIS - ok
14:06:33.0062 0920 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:06:33.0062 0920 NdisTapi - ok
14:06:33.0093 0920 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:06:33.0093 0920 Ndisuio - ok
14:06:33.0140 0920 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:06:33.0140 0920 NdisWan - ok
14:06:33.0187 0920 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
14:06:33.0187 0920 NDProxy - ok
14:06:33.0562 0920 [ B90E093E7A7250906F1054418B5339C0 ] Nero BackItUp Scheduler 4.0 C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
14:06:33.0578 0920 Nero BackItUp Scheduler 4.0 - ok
14:06:33.0609 0920 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
14:06:33.0609 0920 NetBIOS - ok
14:06:33.0734 0920 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
14:06:33.0750 0920 NetBT - ok
14:06:33.0812 0920 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
14:06:33.0812 0920 NetDDE - ok
14:06:33.0859 0920 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
14:06:33.0859 0920 NetDDEdsdm - ok
14:06:33.0921 0920 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
14:06:33.0921 0920 Netlogon - ok
14:06:34.0000 0920 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
14:06:34.0000 0920 Netman - ok
14:06:34.0078 0920 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:06:34.0078 0920 NetTcpPortSharing - ok
14:06:34.0171 0920 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
14:06:34.0171 0920 Nla - ok
14:06:34.0234 0920 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
14:06:34.0234 0920 Npfs - ok
14:06:34.0406 0920 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
14:06:34.0406 0920 Ntfs - ok
14:06:34.0437 0920 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
14:06:34.0437 0920 NtLmSsp - ok
14:06:34.0578 0920 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
14:06:34.0593 0920 NtmsSvc - ok
14:06:34.0625 0920 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
14:06:34.0625 0920 Null - ok
14:06:37.0968 0920 [ 66165CF6DBC8ADB1B95354CDCAD8A736 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
14:06:38.0046 0920 nv - ok
14:06:38.0156 0920 [ CE8CCE2B9F96ACA02E5DED4298A7796D ] nvsvc C:\WINDOWS\system32\nvsvc32.exe
14:06:38.0156 0920 nvsvc - ok
14:06:38.0203 0920 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:06:38.0203 0920 NwlnkFlt - ok
14:06:38.0234 0920 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:06:38.0234 0920 NwlnkFwd - ok
14:06:38.0281 0920 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:06:38.0281 0920 ose - ok
14:06:38.0359 0920 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
14:06:38.0359 0920 Parport - ok
14:06:38.0390 0920 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
14:06:38.0390 0920 PartMgr - ok
14:06:38.0437 0920 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
14:06:38.0437 0920 ParVdm - ok
14:06:38.0484 0920 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
14:06:38.0484 0920 PCI - ok
14:06:38.0500 0920 PCIDump - ok
14:06:38.0531 0920 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
14:06:38.0531 0920 PCIIde - ok
14:06:38.0593 0920 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
14:06:38.0593 0920 Pcmcia - ok
14:06:38.0609 0920 PDCOMP - ok
14:06:38.0625 0920 PDFRAME - ok
14:06:38.0640 0920 PDRELI - ok
14:06:38.0656 0920 PDRFRAME - ok
14:06:38.0671 0920 perc2 - ok
14:06:38.0687 0920 perc2hib - ok
14:06:38.0859 0920 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
14:06:38.0859 0920 PlugPlay - ok
14:06:39.0109 0920 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
14:06:39.0109 0920 PolicyAgent - ok
14:06:39.0171 0920 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:06:39.0171 0920 PptpMiniport - ok
14:06:39.0234 0920 [ 9A10E4FD13824823DA50D4758BD0A645 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
14:06:39.0250 0920 Processor - ok
14:06:39.0265 0920 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
14:06:39.0265 0920 ProtectedStorage - ok
14:06:39.0312 0920 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
14:06:39.0312 0920 PSched - ok
14:06:39.0343 0920 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:06:39.0343 0920 Ptilink - ok
14:06:39.0359 0920 ql1080 - ok
14:06:39.0375 0920 Ql10wnt - ok
14:06:39.0390 0920 ql12160 - ok
14:06:39.0406 0920 ql1240 - ok
14:06:39.0421 0920 ql1280 - ok
14:06:39.0453 0920 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:06:39.0468 0920 RasAcd - ok
14:06:39.0515 0920 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
14:06:39.0515 0920 RasAuto - ok
14:06:39.0562 0920 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:06:39.0562 0920 Rasl2tp - ok
14:06:39.0656 0920 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
14:06:39.0671 0920 RasMan - ok
14:06:39.0703 0920 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:06:39.0703 0920 RasPppoe - ok
14:06:39.0718 0920 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
14:06:39.0718 0920 Raspti - ok
14:06:39.0875 0920 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:06:39.0875 0920 Rdbss - ok
14:06:39.0890 0920 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:06:39.0890 0920 RDPCDD - ok
14:06:39.0984 0920 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:06:39.0984 0920 rdpdr - ok
14:06:40.0078 0920 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
14:06:40.0078 0920 RDPWD - ok
14:06:40.0140 0920 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
14:06:40.0156 0920 RDSessMgr - ok
14:06:40.0203 0920 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
14:06:40.0203 0920 redbook - ok
14:06:40.0265 0920 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
14:06:40.0265 0920 RemoteAccess - ok
14:06:40.0328 0920 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
14:06:40.0328 0920 RemoteRegistry - ok
14:06:40.0390 0920 [ 851C30DF2807FCFA21E4C681A7D6440E ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
14:06:40.0390 0920 RFCOMM - ok
14:06:40.0437 0920 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
14:06:40.0437 0920 RpcLocator - ok
14:06:40.0578 0920 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\system32\rpcss.dll
14:06:40.0578 0920 RpcSs - ok
14:06:40.0656 0920 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
14:06:40.0656 0920 RSVP - ok
14:06:40.0687 0920 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
14:06:40.0687 0920 SamSs - ok
14:06:40.0734 0920 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
14:06:40.0750 0920 SCardSvr - ok
14:06:40.0812 0920 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
14:06:40.0828 0920 Schedule - ok
14:06:40.0875 0920 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:06:40.0875 0920 Secdrv - ok
14:06:40.0890 0920 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
14:06:40.0890 0920 seclogon - ok
14:06:40.0953 0920 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
14:06:40.0953 0920 SENS - ok
14:06:40.0968 0920 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
14:06:40.0968 0920 serenum - ok
14:06:41.0015 0920 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
14:06:41.0015 0920 Serial - ok
14:06:41.0078 0920 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
14:06:41.0078 0920 Sfloppy - ok
14:06:41.0234 0920 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
14:06:41.0234 0920 SharedAccess - ok
14:06:41.0296 0920 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:06:41.0296 0920 ShellHWDetection - ok
14:06:41.0312 0920 Simbad - ok
14:06:41.0421 0920 [ DB0405D9AAD62F0762E0876AC142B7E1 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
14:06:41.0421 0920 SkypeUpdate - ok
14:06:41.0453 0920 Sparrow - ok
14:06:41.0515 0920 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
14:06:41.0515 0920 splitter - ok
14:06:41.0578 0920 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
14:06:41.0578 0920 Spooler - ok
14:06:41.0609 0920 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
14:06:41.0625 0920 sr - ok
14:06:41.0718 0920 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
14:06:41.0718 0920 srservice - ok
14:06:41.0859 0920 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
14:06:41.0859 0920 Srv - ok
14:06:41.0921 0920 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
14:06:41.0921 0920 SSDPSRV - ok
14:06:41.0953 0920 Steam Client Service - ok
14:06:42.0062 0920 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
14:06:42.0062 0920 stisvc - ok
14:06:42.0109 0920 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
14:06:42.0109 0920 swenum - ok
14:06:42.0140 0920 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
14:06:42.0140 0920 swmidi - ok
14:06:42.0156 0920 SwPrv - ok
14:06:42.0187 0920 symc810 - ok
14:06:42.0203 0920 symc8xx - ok
14:06:42.0218 0920 sym_hi - ok
14:06:42.0234 0920 sym_u3 - ok
14:06:42.0265 0920 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
14:06:42.0265 0920 sysaudio - ok
14:06:42.0312 0920 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
14:06:42.0328 0920 SysmonLog - ok
14:06:42.0421 0920 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
14:06:42.0421 0920 TapiSrv - ok
14:06:42.0453 0920 [ 04E1C782CF14B7282EBC633B0FD3ED16 ] TBPanel C:\WINDOWS\system32\drivers\TBPanel.sys
14:06:42.0453 0920 TBPanel - ok
14:06:42.0609 0920 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:06:42.0609 0920 Tcpip - ok
14:06:42.0656 0920 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
14:06:42.0656 0920 TDPIPE - ok
14:06:42.0687 0920 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
14:06:42.0687 0920 TDTCP - ok
14:06:42.0703 0920 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
14:06:42.0703 0920 TermDD - ok
14:06:42.0921 0920 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
14:06:42.0921 0920 TermService - ok
14:06:42.0984 0920 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
14:06:43.0000 0920 Themes - ok
14:06:43.0062 0920 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
14:06:43.0062 0920 TlntSvr - ok
14:06:43.0078 0920 TosIde - ok
14:06:43.0140 0920 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
14:06:43.0140 0920 TrkWks - ok
14:06:43.0187 0920 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
14:06:43.0187 0920 Udfs - ok
14:06:43.0203 0920 ultra - ok
14:06:43.0359 0920 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
14:06:43.0359 0920 Update - ok
14:06:43.0453 0920 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
14:06:43.0453 0920 upnphost - ok
14:06:43.0500 0920 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
14:06:43.0500 0920 UPS - ok
14:06:43.0546 0920 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:06:43.0562 0920 usbccgp - ok
14:06:43.0578 0920 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:06:43.0578 0920 usbehci - ok
14:06:43.0609 0920 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:06:43.0609 0920 usbhub - ok
14:06:43.0671 0920 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
14:06:43.0671 0920 usbprint - ok
14:06:43.0718 0920 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:06:43.0718 0920 usbscan - ok
14:06:43.0750 0920 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:06:43.0750 0920 usbstor - ok
14:06:43.0781 0920 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:06:43.0781 0920 usbuhci - ok
14:06:43.0843 0920 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
14:06:43.0843 0920 VgaSave - ok
14:06:43.0875 0920 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
14:06:43.0875 0920 ViaIde - ok
14:06:43.0906 0920 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
14:06:43.0906 0920 VolSnap - ok
14:06:44.0031 0920 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
14:06:44.0031 0920 VSS - ok
14:06:44.0062 0920 [ C0F55CC0903CFDC819F6D857402B697C ] vulfnths C:\WINDOWS\System32\Drivers\vulfnth.sys
14:06:44.0062 0920 vulfnths - ok
14:06:44.0109 0920 [ 545D98A7F61AF1C7C4AD38B8F333E0B7 ] vulfntrs C:\WINDOWS\System32\Drivers\vulfntr.sys
14:06:44.0125 0920 vulfntrs - ok
14:06:44.0187 0920 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
14:06:44.0187 0920 W32Time - ok
14:06:44.0234 0920 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:06:44.0234 0920 Wanarp - ok
14:06:44.0250 0920 WDICA - ok
14:06:44.0296 0920 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
14:06:44.0296 0920 wdmaud - ok
14:06:44.0343 0920 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
14:06:44.0343 0920 WebClient - ok
14:06:44.0500 0920 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
14:06:44.0515 0920 winmgmt - ok
14:06:44.0593 0920 [ 6199B2AE3F9DB9CB6DB230471A1DC601 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
14:06:44.0593 0920 WmdmPmSN - ok
14:06:44.0828 0920 [ 0171CFF34BBA8C5977F18C48D8AEF8C6 ] Wmi C:\WINDOWS\System32\advapi32.dll
14:06:44.0828 0920 Wmi - ok
14:06:44.0890 0920 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
14:06:44.0890 0920 WmiApSrv - ok
14:06:45.0406 0920 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
14:06:45.0421 0920 WPFFontCache_v0400 - ok
14:06:45.0515 0920 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
14:06:45.0515 0920 wscsvc - ok
14:06:45.0531 0920 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
14:06:45.0531 0920 wuauserv - ok
14:06:45.0718 0920 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
14:06:45.0734 0920 WZCSVC - ok
14:06:45.0812 0920 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
14:06:45.0812 0920 xmlprov - ok
14:06:45.0859 0920 ================ Scan global ===============================
14:06:45.0906 0920 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
14:06:46.0031 0920 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
14:06:46.0125 0920 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
14:06:46.0171 0920 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
14:06:46.0187 0920 [Global] - ok
14:06:46.0187 0920 ================ Scan MBR ==================================
14:06:46.0218 0920 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
14:06:46.0453 0920 \Device\Harddisk0\DR0 - ok
14:06:46.0453 0920 ================ Scan VBR ==================================
14:06:46.0468 0920 [ 345FD5EF2244AE921AB8394F9B4ADCC5 ] \Device\Harddisk0\DR0\Partition1
14:06:46.0468 0920 \Device\Harddisk0\DR0\Partition1 - ok
14:06:46.0468 0920 ============================================================
14:06:46.0468 0920 Scan finished
14:06:46.0468 0920 ============================================================
14:06:46.0500 3744 Detected object count: 0
14:06:46.0500 3744 Actual detected object count: 0
14:06:50.0406 1524 Deinitialize success

Příspěvekod **Žbeky** » 21 úno 2013 21:06

A combofix?

daniel6134 · Příspěvekod **daniel6134** » 22 úno 2013 13:14

Combofix:

ComboFix 13-02-22.01 - Administrator 22.02.2013 12:59:41.1.1 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1023.671 [GMT 1:00]
Spuštěný z: c:\documents and settings\Administrator\Plocha\ComboFix.exe
AV: AVG Internet Security 2013 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG Internet Security 2013 *Enabled* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files\Internet Explorer\SET6EE.tmp
c:\program files\Internet Explorer\SET6EF.tmp
c:\windows\IsUn0405.exe
c:\windows\iun6002.exe
c:\windows\system32\SET6F6.tmp
c:\windows\system32\SET6F7.tmp
c:\windows\system32\SET6F8.tmp
c:\windows\system32\SET6F9.tmp
c:\windows\system32\SET6FA.tmp
c:\windows\system32\SET6FB.tmp
c:\windows\system32\SET6FC.tmp
c:\windows\system32\SET6FD.tmp
c:\windows\system32\SET6FE.tmp
c:\windows\system32\SET6FF.tmp
c:\windows\system32\SET700.tmp
c:\windows\system32\SET701.tmp
c:\windows\system32\SET702.tmp
c:\windows\system32\SET703.tmp
c:\windows\system32\SET705.tmp
c:\windows\system32\SET706.tmp
c:\windows\system32\SET707.tmp
c:\windows\system32\SET708.tmp
c:\windows\system32\SET709.tmp
c:\windows\system32\SET70A.tmp
c:\windows\system32\SET70B.tmp
c:\windows\system32\SET70C.tmp
c:\windows\system32\SET70D.tmp
c:\windows\system32\SET70E.tmp
c:\windows\system32\SET70F.tmp
c:\windows\system32\SET710.tmp
c:\windows\system32\SET711.tmp
c:\windows\system32\SET712.tmp
c:\windows\system32\SET713.tmp
c:\windows\system32\SET714.tmp
c:\windows\system32\SET715.tmp
c:\windows\system32\SET716.tmp
c:\windows\system32\SET728.tmp
c:\windows\system32\SET729.tmp
c:\windows\system32\SET72A.tmp
c:\windows\system32\SET72B.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-22 do 2013-02-22 )))))))))))))))))))))))))))))))
.
.
2013-02-20 18:36 . 2013-02-20 18:36 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\Malwarebytes
2013-02-20 18:35 . 2013-02-20 18:35 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-02-20 18:35 . 2013-02-20 18:36 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-02-20 18:35 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-02-20 17:19 . 2013-02-20 17:19 1075464 ----a-w- c:\windows\system32\nvdrsdb0.bin
2013-02-20 17:19 . 2013-02-20 17:19 1 ----a-w- c:\windows\system32\nvdrssel.bin
2013-02-20 17:19 . 2013-02-20 17:19 1075464 ----a-w- c:\windows\system32\nvdrsdb1.bin
2013-02-20 17:16 . 2013-02-20 17:17 -------- d-----w- c:\program files\NVIDIA Corporation
2013-02-20 16:28 . 2013-02-20 16:33 -------- d-----w- C:\Fraps
2013-02-20 16:02 . 2013-02-20 16:02 -------- d-----w- c:\program files\CPUID
2013-02-17 21:19 . 2013-02-17 21:19 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\VOS
2013-02-14 19:16 . 2013-02-14 19:17 -------- d-----w- c:\program files\SpeedItUpFree
2013-02-14 14:03 . 2013-02-14 14:03 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\driveridentifier
2013-02-13 19:20 . 2013-02-13 22:37 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\AVG
2013-02-13 19:18 . 2013-02-21 19:47 -------- d---a-w- c:\documents and settings\All Users\Data aplikací\TEMP
2013-02-13 18:46 . 2013-02-13 18:46 -------- d-----w- c:\windows\system32\config\systemprofile\Data aplikací\AVG2013
2013-02-13 18:45 . 2013-02-13 18:45 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\TuneUp Software
2013-02-13 18:44 . 2013-02-13 18:46 -------- d-----w- c:\documents and settings\All Users\Data aplikací\AVG2013
2013-02-13 18:44 . 2013-02-13 18:44 -------- d-----w- C:\$AVG
2013-02-13 18:41 . 2013-02-13 19:05 -------- d-----w- c:\windows\system32\config\systemprofile\Local Settings\Data aplikací\Avg2013
2013-02-13 18:41 . 2013-02-13 19:17 -------- d-----w- c:\program files\AVG
2013-02-13 18:31 . 2013-02-13 18:31 -------- d--h--w- c:\documents and settings\All Users\Data aplikací\Common Files
2013-02-13 18:31 . 2013-02-22 11:34 -------- d-----w- c:\documents and settings\All Users\Data aplikací\MFAData
2013-02-13 18:31 . 2013-02-13 20:32 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\Avg2013
2013-02-13 18:31 . 2013-02-13 18:31 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Data aplikací\MFAData
2013-02-12 22:02 . 2013-02-12 22:02 -------- d-----w- c:\documents and settings\Administrator\Data aplikací\YoudaGames
2013-02-02 01:22 . 2013-02-02 01:22 892704 ----a-w- c:\windows\system32\nvdispgenco32.dll
2013-02-02 01:22 . 2013-02-02 01:22 1017120 ----a-w- c:\windows\system32\nvdispco32.dll
2013-02-02 01:22 . 2013-02-02 01:22 6066176 ----a-w- c:\windows\system32\nvopencl.dll
2013-02-02 01:22 . 2013-02-02 01:22 17551360 ----a-w- c:\windows\system32\nvcompiler.dll
2013-01-30 17:26 . 2013-01-30 17:26 -------- d-----w- c:\program files\LucasArts
2013-01-27 15:22 . 2013-01-27 15:22 -------- d-----w- c:\program files\Firefly Studios
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-02 01:22 . 2009-07-03 03:11 7716864 ----a-w- c:\windows\system32\nvcuda.dll
2013-02-02 01:22 . 2009-07-03 03:11 19570688 ----a-w- c:\windows\system32\nvoglnt.dll
2013-02-02 01:22 . 2009-07-03 03:11 10714912 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
2013-02-02 01:22 . 2009-07-03 03:11 2450432 ----a-w- c:\windows\system32\nvapi.dll
2013-02-02 01:22 . 2009-07-03 03:11 4154880 ----a-w- c:\windows\system32\nv4_disp.dll
2013-02-02 01:22 . 2009-07-03 03:11 2725152 ----a-w- c:\windows\system32\nvcuvid.dll
2013-02-02 01:22 . 2009-07-03 03:11 1985824 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-01-26 03:55 . 2004-08-17 13:49 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-17 14:04 . 2012-05-11 15:13 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-17 14:04 . 2012-05-11 15:13 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-07 07:26 . 2004-08-17 15:45 2071936 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-07 07:26 . 2004-08-17 13:45 2195200 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-04 10:10 . 2004-08-17 13:44 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-01-02 06:49 . 2004-08-17 13:49 148992 ----a-w- c:\windows\system32\mpg2splt.ax
2013-01-02 06:49 . 2004-08-17 13:49 1294848 ----a-w- c:\windows\system32\quartz.dll
2012-12-27 10:31 . 2004-08-17 13:49 668160 ----a-w- c:\windows\system32\wininet.dll
2012-12-27 10:31 . 2004-08-03 20:59 61952 ----a-w- c:\windows\system32\tdc.ocx
2012-12-27 10:31 . 2012-03-28 19:52 81920 ----a-w- c:\windows\system32\ieencode.dll
2012-12-27 10:26 . 2004-08-17 13:44 370176 ----a-w- c:\windows\system32\html.iec
2012-12-16 12:23 . 2004-08-17 13:48 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-12-06 15:16 . 2012-06-10 13:34 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2012-05-07 879984]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2012-12-11 3147384]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2013\avgrsx.exe /sync /restart
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^McAfee Security Scan Plus.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-12-03 07:35 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2005-05-02 16:00 69632 ----a-r- c:\windows\ALCMTR.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]
2008-04-14 03:22 110592 ----a-w- c:\windows\system32\bthprops.cpl
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
2008-04-14 03:22 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2012-02-13 08:06 3481408 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GAINWARD]
2009-05-12 14:43 2181672 ----a-w- c:\program files\EXPERTool\TBPANEL.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2009-06-10 07:28 13758464 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2009-06-10 07:28 86016 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2009-06-10 07:29 1657376 ----a-w- c:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]
2006-10-11 11:45 75304 ----a-w- c:\program files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
2006-09-11 17:58 16264192 ----a-r- c:\windows\RTHDCPL.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2012-02-15 11:35 17146504 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
2006-05-15 19:04 2879488 ----a-r- c:\windows\SkyTel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2006-09-28 12:16 185896 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
2012-05-07 08:27 879984 ----a-w- c:\program files\uTorrent\uTorrent.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\Battle.net\\Agent\\Agent.524\\Agent.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\Battle.net\\Agent\\Agent.976\\Agent.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Documents and Settings\\All Users\\Data aplikací\\NexonEU\\NGM\\NGM.exe"=
"c:\\Program Files\\Valve\\Counter-Strike 1.6\\hl.exe"=
"c:\\Program Files\\Firefly Studios\\Stronghold Crusader\\Stronghold Crusader.exe"=
"c:\\Program Files\\LucasArts\\Star Wars JK II Jedi Outcast\\GameData\\jk2mp.exe"=
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [15.10.2012 3:48 55776]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [21.9.2012 3:46 177376]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [14.9.2012 3:05 35552]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [22.10.2012 13:02 179936]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [21.9.2012 3:45 19936]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2.10.2012 3:30 159712]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [21.9.2012 3:46 164832]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [29.3.2012 19:43 242240]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2013\avgwdsvc.exe [22.10.2012 13:05 196664]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [12.1.2012 19:52 30944]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [20.2.2013 19:35 21104]
S2 avgfws;AVG Firewall;c:\program files\AVG\AVG2013\avgfws.exe [10.12.2012 11:11 1342024]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2013\avgidsagent.exe [15.11.2012 23:34 5814904]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [20.2.2013 19:35 682344]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [15.2.2012 12:30 158856]
S3 21631865;21631865; [x]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [12.1.2012 19:52 30944]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\EagleXNt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-11 14:04]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 176.102.128.2 176.102.128.3
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-SpeedItUpEX - c:\program files\SpeedItUpExtreme\SpeedItUpEx.exe
MSConfigStartUp-Steam - c:\program files\Steam\steam.exe
AddRemove-Easy-WebPrint - c:\windows\IsUn0405.exe
AddRemove-SpeedItUpExtreme3.70 - c:\windows\iun6002.exe
AddRemove-SpeedItupFree4.01 - c:\windows\iun6002.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-02-22 13:09
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-220523388-764733703-725345543-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,7d,ba,d7,ca,e6,1e,fe,4b,8d,27,1b,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,7d,ba,d7,ca,e6,1e,fe,4b,8d,27,1b,\
.
[HKEY_USERS\S-1-5-21-220523388-764733703-725345543-500\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2013-02-22 13:11:50
ComboFix-quarantined-files.txt 2013-02-22 12:11
.
Před spuštěním: Volných bajtů: 127 732 805 632
Po spuštění: Volných bajtů: 128 600 911 872
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 2132C6781CC3061F3D035FFBE87E2FED

daniel6134 · Příspěvekod **daniel6134** » 22 úno 2013 16:34

Poradí mi tu někdo co teď ??? poslední log z Combofix už tu je

Prosím o kontrolu z logu - Zasekaný a zpomalený PC

Prosím o kontrolu z logu - Zasekaný a zpomalený PC

Re: Prosím o kontrolu z logu - Zasekaný a zpomalený PC

Re: Prosím o kontrolu z logu - Zasekaný a zpomalený PC

Re: Prosím o kontrolu z logu - Zasekaný a zpomalený PC

Re: Prosím o kontrolu z logu - Zasekaný a zpomalený PC

Re: Prosím o kontrolu z logu - Zasekaný a zpomalený PC

Re: Prosím o kontrolu z logu - Zasekaný a zpomalený PC

Re: Prosím o kontrolu z logu - Zasekaný a zpomalený PC

Re: Prosím o kontrolu z logu - Zasekaný a zpomalený PC

Re: Prosím o kontrolu z logu - Zasekaný a zpomalený PC

Re: Prosím o kontrolu z logu - Zasekaný a zpomalený PC

Re: Prosím o kontrolu z logu - Zasekaný a zpomalený PC

Kdo je online