Ahoj.
Prosím o kontrolu logu.
Poslední týden mně zpomalilo načítání pc při spuštění.
Taky při hraní World of tanks hrozně zpomalené načítání i samotné hraní.
Ještě nedávno vše ok.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:44:35, on 16.3.2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AIMP3\AIMP3.exe
C:\Program Files\Last.fm\Last.fm Scrobbler.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Varg\Dokumenty\Stažené soubory\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SetRefresh] C:\Program Files\Compaq\SetRefresh\SetRefresh.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files\Free Download Manager\dlall.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 8712413562
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe
--
End of file - 6703 bytes
prosím kontrolu logu Vyřešeno
- memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: prosím kontrolu logu
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Re: prosím kontrolu logu
Děkuji.
Tady oba logy.
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.70.0.1100
www.malwarebytes.org
Verze: v2013.03.16.08
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Varg :: HP12660283261 [administrátor]
Ochrana: Povolena
16.3.2013 18:13:18
mbam-log-2013-03-16 (18-13-18).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 191253
Uplynulý čas: 4 minut, 9 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)
(konec)
# AdwCleaner v2.114 - Logfile created 03/16/2013 at 18:18:43
# Updated 05/03/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Varg - HP12660283261
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Varg\Dokumenty\Stažené soubory\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
***** [Registry] *****
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Registry is clean.
-\\ Mozilla Firefox v19.0.2 (cs)
File : C:\Documents and Settings\Varg\Data aplikací\Mozilla\Firefox\Profiles\hfx0r1z8.default\prefs.js
[OK] File is clean.
-\\ Google Chrome v25.0.1364.172
File : C:\Documents and Settings\Varg\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [1321 octets] - [16/03/2013 18:18:43]
########## EOF - C:\AdwCleaner[R1].txt - [1381 octets] ##########
Tady oba logy.
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.70.0.1100
www.malwarebytes.org
Verze: v2013.03.16.08
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Varg :: HP12660283261 [administrátor]
Ochrana: Povolena
16.3.2013 18:13:18
mbam-log-2013-03-16 (18-13-18).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 191253
Uplynulý čas: 4 minut, 9 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)
(konec)
# AdwCleaner v2.114 - Logfile created 03/16/2013 at 18:18:43
# Updated 05/03/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Varg - HP12660283261
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Varg\Dokumenty\Stažené soubory\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
***** [Registry] *****
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Registry is clean.
-\\ Mozilla Firefox v19.0.2 (cs)
File : C:\Documents and Settings\Varg\Data aplikací\Mozilla\Firefox\Profiles\hfx0r1z8.default\prefs.js
[OK] File is clean.
-\\ Google Chrome v25.0.1364.172
File : C:\Documents and Settings\Varg\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [1321 octets] - [16/03/2013 18:18:43]
########## EOF - C:\AdwCleaner[R1].txt - [1381 octets] ##########
- Žbeky
- Moderátor
-
Guru Level 13
- Příspěvky: 22288
- Registrován: květen 08
- Bydliště: Vsetín - Pardubice
- Pohlaví:
- Stav:
Offline
Re: prosím kontrolu logu
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“)
Klikni na „ Delete“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt), jeho obsah sem celý vlož.
Jak to vypadá teď?
Klikni na „ Delete“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt), jeho obsah sem celý vlož.
Jak to vypadá teď?
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
Re: prosím kontrolu logu
uděláno zde je log:
# AdwCleaner v2.114 - Logfile created 03/16/2013 at 23:44:40
# Updated 05/03/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Varg - HP12660283261
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Varg\Dokumenty\Stažené soubory\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
***** [Registry] *****
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Registry is clean.
-\\ Mozilla Firefox v19.0.2 (cs)
File : C:\Documents and Settings\Varg\Data aplikací\Mozilla\Firefox\Profiles\hfx0r1z8.default\prefs.js
[OK] File is clean.
-\\ Google Chrome v25.0.1364.172
File : C:\Documents and Settings\Varg\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [1450 octets] - [16/03/2013 18:18:43]
AdwCleaner[S1].txt - [1389 octets] - [16/03/2013 23:44:40]
########## EOF - C:\AdwCleaner[S1].txt - [1449 octets] ##########
# AdwCleaner v2.114 - Logfile created 03/16/2013 at 23:44:40
# Updated 05/03/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Varg - HP12660283261
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Varg\Dokumenty\Stažené soubory\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
***** [Registry] *****
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Registry is clean.
-\\ Mozilla Firefox v19.0.2 (cs)
File : C:\Documents and Settings\Varg\Data aplikací\Mozilla\Firefox\Profiles\hfx0r1z8.default\prefs.js
[OK] File is clean.
-\\ Google Chrome v25.0.1364.172
File : C:\Documents and Settings\Varg\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [1450 octets] - [16/03/2013 18:18:43]
AdwCleaner[S1].txt - [1389 octets] - [16/03/2013 23:44:40]
########## EOF - C:\AdwCleaner[S1].txt - [1449 octets] ##########
- jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: prosím kontrolu logu
Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.
Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.
Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: prosím kontrolu logu
tady tds log:
10:44:45.0593 1528 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
10:44:45.0718 1528 ============================================================
10:44:45.0718 1528 Current date / time: 2013/03/17 10:44:45.0718
10:44:45.0718 1528 SystemInfo:
10:44:45.0718 1528
10:44:45.0718 1528 OS Version: 5.1.2600 ServicePack: 3.0
10:44:45.0718 1528 Product type: Workstation
10:44:45.0718 1528 ComputerName: HP12660283261
10:44:45.0718 1528 UserName: Varg
10:44:45.0718 1528 Windows directory: C:\WINDOWS
10:44:45.0718 1528 System windows directory: C:\WINDOWS
10:44:45.0718 1528 Processor architecture: Intel x86
10:44:45.0718 1528 Number of processors: 1
10:44:45.0718 1528 Page size: 0x1000
10:44:45.0718 1528 Boot type: Normal boot
10:44:45.0718 1528 ============================================================
10:44:47.0062 1528 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
10:44:47.0062 1528 Drive \Device\Harddisk1\DR2 - Size: 0x5D27216000 (372.61 Gb), SectorSize: 0x200, Cylinders: 0xBE01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:44:47.0078 1528 ============================================================
10:44:47.0078 1528 \Device\Harddisk0\DR0:
10:44:47.0078 1528 MBR partitions:
10:44:47.0078 1528 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A14BC1
10:44:47.0078 1528 \Device\Harddisk1\DR2:
10:44:47.0078 1528 MBR partitions:
10:44:47.0078 1528 \Device\Harddisk1\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2E937C82
10:44:47.0078 1528 ============================================================
10:44:47.0093 1528 C: <-> \Device\Harddisk0\DR0\Partition1
10:44:47.0546 1528 F: <-> \Device\Harddisk1\DR2\Partition1
10:44:47.0546 1528 ============================================================
10:44:47.0546 1528 Initialize success
10:44:47.0546 1528 ============================================================
10:44:53.0515 1080 ============================================================
10:44:53.0515 1080 Scan started
10:44:53.0515 1080 Mode: Manual;
10:44:53.0515 1080 ============================================================
10:44:54.0328 1080 ================ Scan system memory ========================
10:44:54.0343 1080 System memory - ok
10:44:54.0343 1080 ================ Scan services =============================
10:44:54.0484 1080 Abiosdsk - ok
10:44:54.0500 1080 abp480n5 - ok
10:44:54.0531 1080 [ 0F2D66D5F08EBE2F77BB904288DCF6F0 ] ac97intc C:\WINDOWS\system32\drivers\ac97intc.sys
10:44:54.0546 1080 ac97intc - ok
10:44:54.0578 1080 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:44:54.0593 1080 ACPI - ok
10:44:54.0609 1080 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
10:44:54.0609 1080 ACPIEC - ok
10:44:54.0703 1080 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:44:54.0703 1080 AdobeFlashPlayerUpdateSvc - ok
10:44:54.0734 1080 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
10:44:54.0734 1080 adpu160m - ok
10:44:54.0781 1080 [ 0EA9B1F0C6C90A509C8603775366ADB7 ] adpu320 C:\WINDOWS\system32\DRIVERS\adpu320.sys
10:44:54.0781 1080 adpu320 - ok
10:44:54.0828 1080 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
10:44:54.0843 1080 aec - ok
10:44:54.0875 1080 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
10:44:54.0890 1080 AFD - ok
10:44:54.0890 1080 Aha154x - ok
10:44:54.0921 1080 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
10:44:54.0921 1080 aic78u2 - ok
10:44:54.0953 1080 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
10:44:54.0953 1080 aic78xx - ok
10:44:55.0187 1080 [ 292CE6F164008E825D71C07FD0265943 ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS
10:44:55.0250 1080 ALCXWDM - ok
10:44:55.0296 1080 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
10:44:55.0296 1080 Alerter - ok
10:44:55.0343 1080 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
10:44:55.0343 1080 ALG - ok
10:44:55.0359 1080 AliIde - ok
10:44:55.0453 1080 [ E6A2299284013EC4DE3419481A62069F ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
10:44:55.0453 1080 AmdK8 - ok
10:44:55.0468 1080 amsint - ok
10:44:55.0484 1080 AppMgmt - ok
10:44:55.0500 1080 asc - ok
10:44:55.0515 1080 asc3350p - ok
10:44:55.0531 1080 asc3550 - ok
10:44:55.0640 1080 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
10:44:55.0640 1080 aspnet_state - ok
10:44:55.0687 1080 [ CCDA8D84FD02AEC52E62F296433AE9DC ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
10:44:55.0687 1080 aswFsBlk - ok
10:44:55.0718 1080 [ A6E20E62871A28A0F1C05B1681848FA7 ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
10:44:55.0718 1080 aswMonFlt - ok
10:44:55.0765 1080 [ C1A411B7CCD604554D96EFDAC2F83617 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
10:44:55.0765 1080 AswRdr - ok
10:44:55.0796 1080 [ 657A61979F40D67CA29716149766FFA7 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
10:44:55.0796 1080 aswRvrt - ok
10:44:55.0890 1080 [ 0E604867FC28F00D91CB0B00D2EC830D ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
10:44:55.0906 1080 aswSnx - ok
10:44:56.0015 1080 [ 6FC4AA106AA505394C908D37CCCB9148 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
10:44:56.0031 1080 aswSP - ok
10:44:56.0046 1080 [ 33E21FFB063CA6C7E00D568467DC72E4 ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
10:44:56.0046 1080 aswTdi - ok
10:44:56.0078 1080 [ EDB0C9BA44B748E420CCA989FD8B826E ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
10:44:56.0078 1080 aswVmm - ok
10:44:56.0109 1080 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:44:56.0125 1080 AsyncMac - ok
10:44:56.0140 1080 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
10:44:56.0140 1080 atapi - ok
10:44:56.0156 1080 Atdisk - ok
10:44:56.0218 1080 [ 471087B5E1E01CC82604E81EA14781D8 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
10:44:56.0234 1080 Ati HotKey Poller - ok
10:44:56.0281 1080 [ B979BA0120B6DB757196A8E2E873FE3C ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
10:44:56.0296 1080 ATI Smart - ok
10:44:56.0562 1080 [ C0B86ECB324E50F6BBD529F9D5C6B24B ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
10:44:56.0609 1080 ati2mtag - ok
10:44:56.0640 1080 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:44:56.0656 1080 Atmarpc - ok
10:44:56.0703 1080 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
10:44:56.0703 1080 AudioSrv - ok
10:44:56.0750 1080 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
10:44:56.0750 1080 audstub - ok
10:44:56.0859 1080 [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
10:44:56.0859 1080 avast! Antivirus - ok
10:44:56.0906 1080 [ 241474D01380E9ED41D4C07F4F5FD401 ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
10:44:56.0906 1080 b57w2k - ok
10:44:56.0937 1080 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
10:44:56.0953 1080 Beep - ok
10:44:57.0000 1080 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
10:44:57.0046 1080 BITS - ok
10:44:57.0078 1080 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
10:44:57.0093 1080 Browser - ok
10:44:57.0109 1080 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
10:44:57.0109 1080 cbidf2k - ok
10:44:57.0125 1080 cd20xrnt - ok
10:44:57.0156 1080 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
10:44:57.0156 1080 Cdaudio - ok
10:44:57.0203 1080 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
10:44:57.0203 1080 Cdfs - ok
10:44:57.0218 1080 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:44:57.0218 1080 Cdrom - ok
10:44:57.0234 1080 Changer - ok
10:44:57.0265 1080 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
10:44:57.0265 1080 CiSvc - ok
10:44:57.0312 1080 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
10:44:57.0312 1080 ClipSrv - ok
10:44:57.0359 1080 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:44:57.0359 1080 clr_optimization_v2.0.50727_32 - ok
10:44:57.0375 1080 CmdIde - ok
10:44:57.0390 1080 COMSysApp - ok
10:44:57.0406 1080 Cpqarray - ok
10:44:57.0453 1080 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
10:44:57.0453 1080 CryptSvc - ok
10:44:57.0468 1080 dac2w2k - ok
10:44:57.0484 1080 dac960nt - ok
10:44:57.0531 1080 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
10:44:57.0562 1080 DcomLaunch - ok
10:44:57.0593 1080 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
10:44:57.0609 1080 Dhcp - ok
10:44:57.0640 1080 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
10:44:57.0640 1080 Disk - ok
10:44:57.0656 1080 dmadmin - ok
10:44:57.0703 1080 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
10:44:57.0734 1080 dmboot - ok
10:44:57.0765 1080 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
10:44:57.0781 1080 dmio - ok
10:44:57.0796 1080 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
10:44:57.0796 1080 dmload - ok
10:44:57.0828 1080 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
10:44:57.0843 1080 dmserver - ok
10:44:57.0875 1080 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
10:44:57.0875 1080 DMusic - ok
10:44:57.0906 1080 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
10:44:57.0906 1080 Dnscache - ok
10:44:57.0953 1080 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
10:44:57.0953 1080 Dot3svc - ok
10:44:57.0984 1080 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
10:44:57.0984 1080 dpti2o - ok
10:44:58.0015 1080 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
10:44:58.0015 1080 drmkaud - ok
10:44:58.0046 1080 [ 866B8EE30E4504C11AE0D29ED6F8824B ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
10:44:58.0046 1080 E100B - ok
10:44:58.0078 1080 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
10:44:58.0093 1080 EapHost - ok
10:44:58.0125 1080 [ D71233D7CCC2E64F8715A20428D5A33B ] ElbyCDIO C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
10:44:58.0125 1080 ElbyCDIO - ok
10:44:58.0171 1080 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
10:44:58.0171 1080 ERSvc - ok
10:44:58.0218 1080 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
10:44:58.0234 1080 Eventlog - ok
10:44:58.0296 1080 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
10:44:58.0296 1080 EventSystem - ok
10:44:58.0343 1080 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
10:44:58.0359 1080 Fastfat - ok
10:44:58.0406 1080 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
10:44:58.0406 1080 FastUserSwitchingCompatibility - ok
10:44:58.0437 1080 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
10:44:58.0437 1080 Fdc - ok
10:44:58.0468 1080 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
10:44:58.0484 1080 Fips - ok
10:44:58.0515 1080 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
10:44:58.0515 1080 Flpydisk - ok
10:44:58.0546 1080 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
10:44:58.0546 1080 FltMgr - ok
10:44:58.0593 1080 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
10:44:58.0609 1080 FontCache3.0.0.0 - ok
10:44:58.0640 1080 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:44:58.0640 1080 Fs_Rec - ok
10:44:58.0671 1080 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:44:58.0671 1080 Ftdisk - ok
10:44:58.0718 1080 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:44:58.0718 1080 Gpc - ok
10:44:58.0812 1080 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
10:44:58.0812 1080 gupdate - ok
10:44:58.0828 1080 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
10:44:58.0828 1080 gupdatem - ok
10:44:58.0890 1080 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
10:44:58.0890 1080 helpsvc - ok
10:44:58.0906 1080 HidServ - ok
10:44:58.0921 1080 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:44:58.0937 1080 HidUsb - ok
10:44:58.0984 1080 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
10:44:59.0000 1080 hkmsvc - ok
10:44:59.0015 1080 hpn - ok
10:44:59.0078 1080 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
10:44:59.0078 1080 HTTP - ok
10:44:59.0125 1080 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
10:44:59.0125 1080 HTTPFilter - ok
10:44:59.0140 1080 i2omgmt - ok
10:44:59.0156 1080 i2omp - ok
10:44:59.0187 1080 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
10:44:59.0187 1080 i8042prt - ok
10:44:59.0218 1080 [ 06B7EF73BA5F302EECC294CDF7E19702 ] i81x C:\WINDOWS\system32\DRIVERS\i81xnt5.sys
10:44:59.0234 1080 i81x - ok
10:44:59.0265 1080 [ 7B5B44EFE5EB9DADFB8EE29700885D23 ] iAimFP0 C:\WINDOWS\system32\DRIVERS\wADV01nt.sys
10:44:59.0265 1080 iAimFP0 - ok
10:44:59.0296 1080 [ EB1F6BAB6C22EDE0BA551B527475F7E9 ] iAimFP1 C:\WINDOWS\system32\DRIVERS\wADV02NT.sys
10:44:59.0312 1080 iAimFP1 - ok
10:44:59.0328 1080 [ 03CE989D846C1AA81145CB22FCB86D06 ] iAimFP2 C:\WINDOWS\system32\DRIVERS\wADV05NT.sys
10:44:59.0328 1080 iAimFP2 - ok
10:44:59.0359 1080 [ 525849B4469DE021D5D61B4DB9BE3A9D ] iAimFP3 C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys
10:44:59.0359 1080 iAimFP3 - ok
10:44:59.0390 1080 [ 589C2BCDB5BD602BF7B63D210407EF8C ] iAimFP4 C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys
10:44:59.0390 1080 iAimFP4 - ok
10:44:59.0406 1080 [ 0308AEF61941E4AF478FA1A0F83812F5 ] iAimFP5 C:\WINDOWS\system32\DRIVERS\wADV07nt.sys
10:44:59.0406 1080 iAimFP5 - ok
10:44:59.0437 1080 [ 714038A8AA5DE08E12062202CD7EAEB5 ] iAimFP6 C:\WINDOWS\system32\DRIVERS\wADV08nt.sys
10:44:59.0437 1080 iAimFP6 - ok
10:44:59.0468 1080 [ 7BB3AA595E4507A788DE1CDC63F4C8C4 ] iAimFP7 C:\WINDOWS\system32\DRIVERS\wADV09nt.sys
10:44:59.0468 1080 iAimFP7 - ok
10:44:59.0500 1080 [ D83BDD5C059667A2F647A6BE5703A4D2 ] iAimTV0 C:\WINDOWS\system32\DRIVERS\wATV01nt.sys
10:44:59.0500 1080 iAimTV0 - ok
10:44:59.0531 1080 [ ED968D23354DAA0D7C621580C012A1F6 ] iAimTV1 C:\WINDOWS\system32\DRIVERS\wATV02NT.sys
10:44:59.0531 1080 iAimTV1 - ok
10:44:59.0562 1080 [ D738273F218A224C1DDAC04203F27A84 ] iAimTV3 C:\WINDOWS\system32\DRIVERS\wATV04nt.sys
10:44:59.0562 1080 iAimTV3 - ok
10:44:59.0578 1080 [ 0052D118995CBAB152DAABE6106D1442 ] iAimTV4 C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys
10:44:59.0593 1080 iAimTV4 - ok
10:44:59.0609 1080 [ 791CC45DE6E50445BE72E8AD6401FF45 ] iAimTV5 C:\WINDOWS\system32\DRIVERS\wATV10nt.sys
10:44:59.0609 1080 iAimTV5 - ok
10:44:59.0625 1080 [ 352FA0E98BC461CE1CE5D41F64DB558D ] iAimTV6 C:\WINDOWS\system32\DRIVERS\wATV06nt.sys
10:44:59.0640 1080 iAimTV6 - ok
10:44:59.0734 1080 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:44:59.0750 1080 idsvc - ok
10:44:59.0796 1080 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
10:44:59.0796 1080 Imapi - ok
10:44:59.0843 1080 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
10:44:59.0859 1080 ImapiService - ok
10:44:59.0875 1080 ini910u - ok
10:44:59.0906 1080 [ 57D928E548B38502ABBA7A77A6EB7312 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
10:44:59.0906 1080 IntelIde - ok
10:44:59.0937 1080 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
10:44:59.0937 1080 Ip6Fw - ok
10:44:59.0953 1080 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:44:59.0953 1080 IpFilterDriver - ok
10:44:59.0968 1080 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:44:59.0984 1080 IpInIp - ok
10:45:00.0015 1080 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:45:00.0031 1080 IpNat - ok
10:45:00.0062 1080 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:45:00.0062 1080 IPSec - ok
10:45:00.0078 1080 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
10:45:00.0078 1080 IRENUM - ok
10:45:00.0125 1080 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:45:00.0140 1080 isapnp - ok
10:45:00.0171 1080 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:45:00.0171 1080 Kbdclass - ok
10:45:00.0203 1080 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
10:45:00.0203 1080 kmixer - ok
10:45:00.0234 1080 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
10:45:00.0250 1080 KSecDD - ok
10:45:00.0281 1080 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
10:45:00.0296 1080 lanmanserver - ok
10:45:00.0328 1080 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
10:45:00.0343 1080 lanmanworkstation - ok
10:45:00.0359 1080 lbrtfdc - ok
10:45:00.0390 1080 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
10:45:00.0406 1080 LmHosts - ok
10:45:00.0453 1080 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
10:45:00.0453 1080 MBAMProtector - ok
10:45:00.0515 1080 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
10:45:00.0531 1080 MBAMScheduler - ok
10:45:00.0625 1080 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
10:45:00.0625 1080 MBAMService - ok
10:45:00.0656 1080 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
10:45:00.0671 1080 Messenger - ok
10:45:00.0687 1080 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
10:45:00.0687 1080 mnmdd - ok
10:45:00.0718 1080 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
10:45:00.0734 1080 mnmsrvc - ok
10:45:00.0765 1080 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
10:45:00.0765 1080 Modem - ok
10:45:00.0796 1080 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:45:00.0796 1080 Mouclass - ok
10:45:00.0828 1080 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
10:45:00.0828 1080 mouhid - ok
10:45:00.0859 1080 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
10:45:00.0859 1080 MountMgr - ok
10:45:00.0921 1080 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:45:00.0937 1080 MozillaMaintenance - ok
10:45:00.0937 1080 mraid35x - ok
10:45:00.0984 1080 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:45:00.0984 1080 MRxDAV - ok
10:45:01.0046 1080 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:45:01.0062 1080 MRxSmb - ok
10:45:01.0109 1080 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
10:45:01.0109 1080 MSDTC - ok
10:45:01.0140 1080 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
10:45:01.0140 1080 Msfs - ok
10:45:01.0156 1080 MSIServer - ok
10:45:01.0187 1080 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:45:01.0187 1080 MSKSSRV - ok
10:45:01.0218 1080 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:45:01.0218 1080 MSPCLOCK - ok
10:45:01.0250 1080 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
10:45:01.0250 1080 MSPQM - ok
10:45:01.0265 1080 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:45:01.0265 1080 mssmbios - ok
10:45:01.0328 1080 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
10:45:01.0328 1080 Mup - ok
10:45:01.0375 1080 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
10:45:01.0390 1080 napagent - ok
10:45:01.0515 1080 [ B498A14133BD09AD0817590ACE4470AD ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
10:45:01.0531 1080 NBService - ok
10:45:01.0578 1080 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
10:45:01.0593 1080 NDIS - ok
10:45:01.0625 1080 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:45:01.0625 1080 NdisTapi - ok
10:45:01.0656 1080 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:45:01.0656 1080 Ndisuio - ok
10:45:01.0687 1080 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:45:01.0703 1080 NdisWan - ok
10:45:01.0734 1080 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
10:45:01.0734 1080 NDProxy - ok
10:45:01.0796 1080 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
10:45:01.0796 1080 NetBIOS - ok
10:45:01.0828 1080 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
10:45:01.0828 1080 NetBT - ok
10:45:01.0875 1080 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
10:45:01.0875 1080 NetDDE - ok
10:45:01.0890 1080 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
10:45:01.0906 1080 NetDDEdsdm - ok
10:45:01.0921 1080 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
10:45:01.0937 1080 Netlogon - ok
10:45:01.0984 1080 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
10:45:02.0000 1080 Netman - ok
10:45:02.0031 1080 [ 562E15CE8A98282F241E03829657E344 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:45:02.0031 1080 NetTcpPortSharing - ok
10:45:02.0078 1080 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
10:45:02.0078 1080 Nla - ok
10:45:02.0218 1080 [ A328A46D87BB92CE4D8A4528E9D84787 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
10:45:02.0218 1080 NMIndexingService - ok
10:45:02.0265 1080 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
10:45:02.0265 1080 Npfs - ok
10:45:02.0312 1080 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
10:45:02.0328 1080 Ntfs - ok
10:45:02.0343 1080 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
10:45:02.0343 1080 NtLmSsp - ok
10:45:02.0406 1080 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
10:45:02.0421 1080 NtmsSvc - ok
10:45:02.0453 1080 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
10:45:02.0453 1080 Null - ok
10:45:02.0484 1080 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:45:02.0484 1080 NwlnkFlt - ok
10:45:02.0515 1080 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:45:02.0515 1080 NwlnkFwd - ok
10:45:02.0546 1080 [ 3FC38E7FBE91DB40C34731195F4116C2 ] P3 C:\WINDOWS\system32\DRIVERS\p3.sys
10:45:02.0562 1080 P3 - ok
10:45:02.0578 1080 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
10:45:02.0578 1080 Parport - ok
10:45:02.0609 1080 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
10:45:02.0609 1080 PartMgr - ok
10:45:02.0640 1080 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
10:45:02.0640 1080 ParVdm - ok
10:45:02.0671 1080 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
10:45:02.0671 1080 PCI - ok
10:45:02.0687 1080 PCIDump - ok
10:45:02.0718 1080 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
10:45:02.0718 1080 PCIIde - ok
10:45:02.0765 1080 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
10:45:02.0765 1080 Pcmcia - ok
10:45:02.0781 1080 PDCOMP - ok
10:45:02.0796 1080 PDFRAME - ok
10:45:02.0812 1080 PDRELI - ok
10:45:02.0828 1080 PDRFRAME - ok
10:45:02.0843 1080 perc2 - ok
10:45:02.0859 1080 perc2hib - ok
10:45:02.0921 1080 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
10:45:02.0937 1080 PlugPlay - ok
10:45:02.0953 1080 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
10:45:02.0953 1080 PolicyAgent - ok
10:45:02.0984 1080 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:45:02.0984 1080 PptpMiniport - ok
10:45:03.0015 1080 [ 7EB15DCE4EC3A0220BD796A15C18186E ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
10:45:03.0015 1080 Processor - ok
10:45:03.0031 1080 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
10:45:03.0046 1080 ProtectedStorage - ok
10:45:03.0062 1080 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
10:45:03.0078 1080 PSched - ok
10:45:03.0093 1080 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:45:03.0093 1080 Ptilink - ok
10:45:03.0109 1080 ql1080 - ok
10:45:03.0125 1080 Ql10wnt - ok
10:45:03.0140 1080 ql12160 - ok
10:45:03.0156 1080 ql1240 - ok
10:45:03.0171 1080 ql1280 - ok
10:45:03.0203 1080 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:45:03.0203 1080 RasAcd - ok
10:45:03.0234 1080 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
10:45:03.0234 1080 RasAuto - ok
10:45:03.0265 1080 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:45:03.0265 1080 Rasl2tp - ok
10:45:03.0312 1080 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
10:45:03.0328 1080 RasMan - ok
10:45:03.0359 1080 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:45:03.0359 1080 RasPppoe - ok
10:45:03.0390 1080 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
10:45:03.0390 1080 Raspti - ok
10:45:03.0437 1080 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:45:03.0437 1080 Rdbss - ok
10:45:03.0453 1080 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:45:03.0468 1080 RDPCDD - ok
10:45:03.0515 1080 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
10:45:03.0515 1080 RDPWD - ok
10:45:03.0562 1080 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
10:45:03.0562 1080 RDSessMgr - ok
10:45:03.0593 1080 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
10:45:03.0593 1080 redbook - ok
10:45:03.0640 1080 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
10:45:03.0640 1080 RemoteAccess - ok
10:45:03.0671 1080 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
10:45:03.0687 1080 RpcLocator - ok
10:45:03.0718 1080 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\system32\rpcss.dll
10:45:03.0734 1080 RpcSs - ok
10:45:03.0765 1080 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
10:45:03.0781 1080 RSVP - ok
10:45:03.0796 1080 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
10:45:03.0812 1080 SamSs - ok
10:45:03.0828 1080 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
10:45:03.0843 1080 SCardSvr - ok
10:45:03.0875 1080 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
10:45:03.0890 1080 Schedule - ok
10:45:03.0921 1080 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:45:03.0921 1080 Secdrv - ok
10:45:03.0968 1080 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
10:45:03.0984 1080 seclogon - ok
10:45:04.0015 1080 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
10:45:04.0015 1080 SENS - ok
10:45:04.0062 1080 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
10:45:04.0062 1080 serenum - ok
10:45:04.0078 1080 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
10:45:04.0078 1080 Serial - ok
10:45:04.0125 1080 [ 0B179A959FF6B6CA5927D4F255AB9F90 ] sfdrv01 C:\WINDOWS\system32\drivers\sfdrv01.sys
10:45:04.0125 1080 sfdrv01 - ok
10:45:04.0156 1080 [ 15BE2B5E4DC5B8623CF167720682ABC9 ] sfhlp02 C:\WINDOWS\system32\drivers\sfhlp02.sys
10:45:04.0171 1080 sfhlp02 - ok
10:45:04.0187 1080 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
10:45:04.0187 1080 Sfloppy - ok
10:45:04.0203 1080 [ A62EFE6AA55C6A599DDBB6BD00E8FB9C ] sfsync02 C:\WINDOWS\system32\drivers\sfsync02.sys
10:45:04.0203 1080 sfsync02 - ok
10:45:04.0281 1080 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
10:45:04.0296 1080 SharedAccess - ok
10:45:04.0312 1080 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:45:04.0328 1080 ShellHWDetection - ok
10:45:04.0343 1080 Simbad - ok
10:45:04.0359 1080 Sparrow - ok
10:45:04.0390 1080 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
10:45:04.0390 1080 splitter - ok
10:45:04.0437 1080 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
10:45:04.0437 1080 Spooler - ok
10:45:04.0453 1080 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
10:45:04.0453 1080 sr - ok
10:45:04.0500 1080 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
10:45:04.0515 1080 srservice - ok
10:45:04.0546 1080 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
10:45:04.0562 1080 Srv - ok
10:45:04.0609 1080 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
10:45:04.0609 1080 SSDPSRV - ok
10:45:04.0656 1080 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
10:45:04.0687 1080 stisvc - ok
10:45:04.0703 1080 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
10:45:04.0703 1080 swenum - ok
10:45:04.0734 1080 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
10:45:04.0734 1080 swmidi - ok
10:45:04.0734 1080 SwPrv - ok
10:45:04.0781 1080 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
10:45:04.0781 1080 symc810 - ok
10:45:04.0796 1080 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
10:45:04.0796 1080 symc8xx - ok
10:45:04.0828 1080 [ F2B7E8416F508368AC6730E2AE1C614F ] Symmpi C:\WINDOWS\system32\DRIVERS\symmpi.sys
10:45:04.0828 1080 Symmpi - ok
10:45:04.0843 1080 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
10:45:04.0843 1080 sym_hi - ok
10:45:04.0859 1080 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
10:45:04.0875 1080 sym_u3 - ok
10:45:04.0890 1080 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
10:45:04.0906 1080 sysaudio - ok
10:45:04.0921 1080 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
10:45:04.0937 1080 SysmonLog - ok
10:45:04.0968 1080 [ B7AEE68D2E867CBF69B649B18FCEDBBB ] tap0901t C:\WINDOWS\system32\DRIVERS\tap0901t.sys
10:45:04.0968 1080 tap0901t - ok
10:45:05.0000 1080 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
10:45:05.0000 1080 TapiSrv - ok
10:45:05.0062 1080 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:45:05.0062 1080 Tcpip - ok
10:45:05.0109 1080 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
10:45:05.0109 1080 TDPIPE - ok
10:45:05.0140 1080 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
10:45:05.0140 1080 TDTCP - ok
10:45:05.0187 1080 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
10:45:05.0187 1080 TermDD - ok
10:45:05.0218 1080 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
10:45:05.0234 1080 TermService - ok
10:45:05.0265 1080 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
10:45:05.0265 1080 Themes - ok
10:45:05.0281 1080 TosIde - ok
10:45:05.0312 1080 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
10:45:05.0328 1080 TrkWks - ok
10:45:05.0406 1080 [ 2FD0FE0A0C721C8E47C5A3AE16E519B1 ] TunngleService C:\Program Files\Tunngle\TnglCtrl.exe
10:45:05.0421 1080 TunngleService - ok
10:45:05.0453 1080 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
10:45:05.0453 1080 Udfs - ok
10:45:05.0468 1080 ultra - ok
10:45:05.0500 1080 [ C81B8635DEE0D3EF5F64B3DD643023A5 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
10:45:05.0515 1080 UMWdf - ok
10:45:05.0703 1080 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
10:45:05.0718 1080 Update - ok
10:45:05.0734 1080 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
10:45:05.0750 1080 upnphost - ok
10:45:05.0781 1080 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
10:45:05.0796 1080 UPS - ok
10:45:05.0828 1080 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:45:05.0828 1080 usbehci - ok
10:45:05.0890 1080 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:45:05.0890 1080 usbhub - ok
10:45:05.0937 1080 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
10:45:05.0937 1080 usbohci - ok
10:45:05.0968 1080 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:45:05.0968 1080 USBSTOR - ok
10:45:06.0015 1080 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
10:45:06.0015 1080 usbuhci - ok
10:45:06.0062 1080 [ FCE98C43B5C5DB8E0DA8EA0E2B45E044 ] VClone C:\WINDOWS\system32\DRIVERS\VClone.sys
10:45:06.0062 1080 VClone - ok
10:45:06.0078 1080 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
10:45:06.0093 1080 VgaSave - ok
10:45:06.0125 1080 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
10:45:06.0125 1080 ViaIde - ok
10:45:06.0171 1080 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
10:45:06.0171 1080 VolSnap - ok
10:45:06.0218 1080 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
10:45:06.0234 1080 VSS - ok
10:45:06.0265 1080 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
10:45:06.0281 1080 W32Time - ok
10:45:06.0375 1080 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:45:06.0375 1080 Wanarp - ok
10:45:06.0390 1080 WDICA - ok
10:45:06.0406 1080 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
10:45:06.0421 1080 wdmaud - ok
10:45:06.0453 1080 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
10:45:06.0453 1080 WebClient - ok
10:45:06.0546 1080 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
10:45:06.0546 1080 winmgmt - ok
10:45:06.0593 1080 [ A477391B7A8B0A0DAABADB17CF533A4B ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
10:45:06.0609 1080 WmdmPmSN - ok
10:45:06.0656 1080 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
10:45:06.0656 1080 WmiApSrv - ok
10:45:06.0718 1080 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
10:45:06.0734 1080 wscsvc - ok
10:45:06.0765 1080 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
10:45:06.0796 1080 wuauserv - ok
10:45:06.0843 1080 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
10:45:06.0875 1080 WZCSVC - ok
10:45:06.0921 1080 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
10:45:06.0937 1080 xmlprov - ok
10:45:06.0953 1080 ================ Scan global ===============================
10:45:06.0984 1080 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
10:45:07.0046 1080 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
10:45:07.0078 1080 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
10:45:07.0140 1080 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
10:45:07.0156 1080 [Global] - ok
10:45:07.0156 1080 ================ Scan MBR ==================================
10:45:07.0171 1080 [ DF9769DBAFC477636448AB0154B8BBC9 ] \Device\Harddisk0\DR0
10:45:07.0390 1080 \Device\Harddisk0\DR0 - ok
10:45:07.0406 1080 [ E64B2A49894D1FD5A0201870E3E41A51 ] \Device\Harddisk1\DR2
10:45:07.0859 1080 \Device\Harddisk1\DR2 - ok
10:45:07.0859 1080 ================ Scan VBR ==================================
10:45:07.0859 1080 [ 671D6AF1EDB600A520999D1C299A6ADC ] \Device\Harddisk0\DR0\Partition1
10:45:07.0875 1080 \Device\Harddisk0\DR0\Partition1 - ok
10:45:07.0875 1080 [ 819C640C898C0CA65FE12FCE33044BFA ] \Device\Harddisk1\DR2\Partition1
10:45:07.0890 1080 \Device\Harddisk1\DR2\Partition1 - ok
10:45:07.0890 1080 ============================================================
10:45:07.0890 1080 Scan finished
10:45:07.0890 1080 ============================================================
10:45:07.0906 1896 Detected object count: 0
10:45:07.0906 1896 Actual detected object count: 0
10:45:56.0640 3980 Deinitialize success
10:44:45.0593 1528 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
10:44:45.0718 1528 ============================================================
10:44:45.0718 1528 Current date / time: 2013/03/17 10:44:45.0718
10:44:45.0718 1528 SystemInfo:
10:44:45.0718 1528
10:44:45.0718 1528 OS Version: 5.1.2600 ServicePack: 3.0
10:44:45.0718 1528 Product type: Workstation
10:44:45.0718 1528 ComputerName: HP12660283261
10:44:45.0718 1528 UserName: Varg
10:44:45.0718 1528 Windows directory: C:\WINDOWS
10:44:45.0718 1528 System windows directory: C:\WINDOWS
10:44:45.0718 1528 Processor architecture: Intel x86
10:44:45.0718 1528 Number of processors: 1
10:44:45.0718 1528 Page size: 0x1000
10:44:45.0718 1528 Boot type: Normal boot
10:44:45.0718 1528 ============================================================
10:44:47.0062 1528 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
10:44:47.0062 1528 Drive \Device\Harddisk1\DR2 - Size: 0x5D27216000 (372.61 Gb), SectorSize: 0x200, Cylinders: 0xBE01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:44:47.0078 1528 ============================================================
10:44:47.0078 1528 \Device\Harddisk0\DR0:
10:44:47.0078 1528 MBR partitions:
10:44:47.0078 1528 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x12A14BC1
10:44:47.0078 1528 \Device\Harddisk1\DR2:
10:44:47.0078 1528 MBR partitions:
10:44:47.0078 1528 \Device\Harddisk1\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2E937C82
10:44:47.0078 1528 ============================================================
10:44:47.0093 1528 C: <-> \Device\Harddisk0\DR0\Partition1
10:44:47.0546 1528 F: <-> \Device\Harddisk1\DR2\Partition1
10:44:47.0546 1528 ============================================================
10:44:47.0546 1528 Initialize success
10:44:47.0546 1528 ============================================================
10:44:53.0515 1080 ============================================================
10:44:53.0515 1080 Scan started
10:44:53.0515 1080 Mode: Manual;
10:44:53.0515 1080 ============================================================
10:44:54.0328 1080 ================ Scan system memory ========================
10:44:54.0343 1080 System memory - ok
10:44:54.0343 1080 ================ Scan services =============================
10:44:54.0484 1080 Abiosdsk - ok
10:44:54.0500 1080 abp480n5 - ok
10:44:54.0531 1080 [ 0F2D66D5F08EBE2F77BB904288DCF6F0 ] ac97intc C:\WINDOWS\system32\drivers\ac97intc.sys
10:44:54.0546 1080 ac97intc - ok
10:44:54.0578 1080 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:44:54.0593 1080 ACPI - ok
10:44:54.0609 1080 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
10:44:54.0609 1080 ACPIEC - ok
10:44:54.0703 1080 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:44:54.0703 1080 AdobeFlashPlayerUpdateSvc - ok
10:44:54.0734 1080 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
10:44:54.0734 1080 adpu160m - ok
10:44:54.0781 1080 [ 0EA9B1F0C6C90A509C8603775366ADB7 ] adpu320 C:\WINDOWS\system32\DRIVERS\adpu320.sys
10:44:54.0781 1080 adpu320 - ok
10:44:54.0828 1080 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
10:44:54.0843 1080 aec - ok
10:44:54.0875 1080 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
10:44:54.0890 1080 AFD - ok
10:44:54.0890 1080 Aha154x - ok
10:44:54.0921 1080 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
10:44:54.0921 1080 aic78u2 - ok
10:44:54.0953 1080 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
10:44:54.0953 1080 aic78xx - ok
10:44:55.0187 1080 [ 292CE6F164008E825D71C07FD0265943 ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS
10:44:55.0250 1080 ALCXWDM - ok
10:44:55.0296 1080 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
10:44:55.0296 1080 Alerter - ok
10:44:55.0343 1080 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
10:44:55.0343 1080 ALG - ok
10:44:55.0359 1080 AliIde - ok
10:44:55.0453 1080 [ E6A2299284013EC4DE3419481A62069F ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
10:44:55.0453 1080 AmdK8 - ok
10:44:55.0468 1080 amsint - ok
10:44:55.0484 1080 AppMgmt - ok
10:44:55.0500 1080 asc - ok
10:44:55.0515 1080 asc3350p - ok
10:44:55.0531 1080 asc3550 - ok
10:44:55.0640 1080 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
10:44:55.0640 1080 aspnet_state - ok
10:44:55.0687 1080 [ CCDA8D84FD02AEC52E62F296433AE9DC ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
10:44:55.0687 1080 aswFsBlk - ok
10:44:55.0718 1080 [ A6E20E62871A28A0F1C05B1681848FA7 ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
10:44:55.0718 1080 aswMonFlt - ok
10:44:55.0765 1080 [ C1A411B7CCD604554D96EFDAC2F83617 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
10:44:55.0765 1080 AswRdr - ok
10:44:55.0796 1080 [ 657A61979F40D67CA29716149766FFA7 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
10:44:55.0796 1080 aswRvrt - ok
10:44:55.0890 1080 [ 0E604867FC28F00D91CB0B00D2EC830D ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
10:44:55.0906 1080 aswSnx - ok
10:44:56.0015 1080 [ 6FC4AA106AA505394C908D37CCCB9148 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
10:44:56.0031 1080 aswSP - ok
10:44:56.0046 1080 [ 33E21FFB063CA6C7E00D568467DC72E4 ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
10:44:56.0046 1080 aswTdi - ok
10:44:56.0078 1080 [ EDB0C9BA44B748E420CCA989FD8B826E ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
10:44:56.0078 1080 aswVmm - ok
10:44:56.0109 1080 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:44:56.0125 1080 AsyncMac - ok
10:44:56.0140 1080 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
10:44:56.0140 1080 atapi - ok
10:44:56.0156 1080 Atdisk - ok
10:44:56.0218 1080 [ 471087B5E1E01CC82604E81EA14781D8 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
10:44:56.0234 1080 Ati HotKey Poller - ok
10:44:56.0281 1080 [ B979BA0120B6DB757196A8E2E873FE3C ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
10:44:56.0296 1080 ATI Smart - ok
10:44:56.0562 1080 [ C0B86ECB324E50F6BBD529F9D5C6B24B ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
10:44:56.0609 1080 ati2mtag - ok
10:44:56.0640 1080 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:44:56.0656 1080 Atmarpc - ok
10:44:56.0703 1080 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
10:44:56.0703 1080 AudioSrv - ok
10:44:56.0750 1080 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
10:44:56.0750 1080 audstub - ok
10:44:56.0859 1080 [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
10:44:56.0859 1080 avast! Antivirus - ok
10:44:56.0906 1080 [ 241474D01380E9ED41D4C07F4F5FD401 ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
10:44:56.0906 1080 b57w2k - ok
10:44:56.0937 1080 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
10:44:56.0953 1080 Beep - ok
10:44:57.0000 1080 [ 19395D092FD85DDC2D9C7729CF5A2AC8 ] BITS C:\WINDOWS\system32\qmgr.dll
10:44:57.0046 1080 BITS - ok
10:44:57.0078 1080 [ 89E739BBA5F636297EA5B5F811189E06 ] Browser C:\WINDOWS\System32\browser.dll
10:44:57.0093 1080 Browser - ok
10:44:57.0109 1080 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
10:44:57.0109 1080 cbidf2k - ok
10:44:57.0125 1080 cd20xrnt - ok
10:44:57.0156 1080 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
10:44:57.0156 1080 Cdaudio - ok
10:44:57.0203 1080 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
10:44:57.0203 1080 Cdfs - ok
10:44:57.0218 1080 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:44:57.0218 1080 Cdrom - ok
10:44:57.0234 1080 Changer - ok
10:44:57.0265 1080 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
10:44:57.0265 1080 CiSvc - ok
10:44:57.0312 1080 [ 064507A8DFA8C5C7E2FFDDD3E6F424FA ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
10:44:57.0312 1080 ClipSrv - ok
10:44:57.0359 1080 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:44:57.0359 1080 clr_optimization_v2.0.50727_32 - ok
10:44:57.0375 1080 CmdIde - ok
10:44:57.0390 1080 COMSysApp - ok
10:44:57.0406 1080 Cpqarray - ok
10:44:57.0453 1080 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
10:44:57.0453 1080 CryptSvc - ok
10:44:57.0468 1080 dac2w2k - ok
10:44:57.0484 1080 dac960nt - ok
10:44:57.0531 1080 [ BE27674D1CBC3214AEC84B4336A38BBF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
10:44:57.0562 1080 DcomLaunch - ok
10:44:57.0593 1080 [ 8C9A53E285AC5E6704844D0459EC85BE ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
10:44:57.0609 1080 Dhcp - ok
10:44:57.0640 1080 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
10:44:57.0640 1080 Disk - ok
10:44:57.0656 1080 dmadmin - ok
10:44:57.0703 1080 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
10:44:57.0734 1080 dmboot - ok
10:44:57.0765 1080 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
10:44:57.0781 1080 dmio - ok
10:44:57.0796 1080 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
10:44:57.0796 1080 dmload - ok
10:44:57.0828 1080 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
10:44:57.0843 1080 dmserver - ok
10:44:57.0875 1080 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
10:44:57.0875 1080 DMusic - ok
10:44:57.0906 1080 [ DFAA406BF19F4EE806A6F8D4342137F7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
10:44:57.0906 1080 Dnscache - ok
10:44:57.0953 1080 [ 4A3E2BD20157A0946751229E92EB8621 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
10:44:57.0953 1080 Dot3svc - ok
10:44:57.0984 1080 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
10:44:57.0984 1080 dpti2o - ok
10:44:58.0015 1080 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
10:44:58.0015 1080 drmkaud - ok
10:44:58.0046 1080 [ 866B8EE30E4504C11AE0D29ED6F8824B ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
10:44:58.0046 1080 E100B - ok
10:44:58.0078 1080 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
10:44:58.0093 1080 EapHost - ok
10:44:58.0125 1080 [ D71233D7CCC2E64F8715A20428D5A33B ] ElbyCDIO C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
10:44:58.0125 1080 ElbyCDIO - ok
10:44:58.0171 1080 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
10:44:58.0171 1080 ERSvc - ok
10:44:58.0218 1080 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] Eventlog C:\WINDOWS\system32\services.exe
10:44:58.0234 1080 Eventlog - ok
10:44:58.0296 1080 [ A371F11EF07653591C8DE26AFB13CE7F ] EventSystem C:\WINDOWS\system32\es.dll
10:44:58.0296 1080 EventSystem - ok
10:44:58.0343 1080 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
10:44:58.0359 1080 Fastfat - ok
10:44:58.0406 1080 [ EE9A2B9EA968A792A053C9D1A86BF870 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
10:44:58.0406 1080 FastUserSwitchingCompatibility - ok
10:44:58.0437 1080 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
10:44:58.0437 1080 Fdc - ok
10:44:58.0468 1080 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
10:44:58.0484 1080 Fips - ok
10:44:58.0515 1080 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
10:44:58.0515 1080 Flpydisk - ok
10:44:58.0546 1080 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
10:44:58.0546 1080 FltMgr - ok
10:44:58.0593 1080 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
10:44:58.0609 1080 FontCache3.0.0.0 - ok
10:44:58.0640 1080 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:44:58.0640 1080 Fs_Rec - ok
10:44:58.0671 1080 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:44:58.0671 1080 Ftdisk - ok
10:44:58.0718 1080 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:44:58.0718 1080 Gpc - ok
10:44:58.0812 1080 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
10:44:58.0812 1080 gupdate - ok
10:44:58.0828 1080 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
10:44:58.0828 1080 gupdatem - ok
10:44:58.0890 1080 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
10:44:58.0890 1080 helpsvc - ok
10:44:58.0906 1080 HidServ - ok
10:44:58.0921 1080 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:44:58.0937 1080 HidUsb - ok
10:44:58.0984 1080 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
10:44:59.0000 1080 hkmsvc - ok
10:44:59.0015 1080 hpn - ok
10:44:59.0078 1080 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
10:44:59.0078 1080 HTTP - ok
10:44:59.0125 1080 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
10:44:59.0125 1080 HTTPFilter - ok
10:44:59.0140 1080 i2omgmt - ok
10:44:59.0156 1080 i2omp - ok
10:44:59.0187 1080 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
10:44:59.0187 1080 i8042prt - ok
10:44:59.0218 1080 [ 06B7EF73BA5F302EECC294CDF7E19702 ] i81x C:\WINDOWS\system32\DRIVERS\i81xnt5.sys
10:44:59.0234 1080 i81x - ok
10:44:59.0265 1080 [ 7B5B44EFE5EB9DADFB8EE29700885D23 ] iAimFP0 C:\WINDOWS\system32\DRIVERS\wADV01nt.sys
10:44:59.0265 1080 iAimFP0 - ok
10:44:59.0296 1080 [ EB1F6BAB6C22EDE0BA551B527475F7E9 ] iAimFP1 C:\WINDOWS\system32\DRIVERS\wADV02NT.sys
10:44:59.0312 1080 iAimFP1 - ok
10:44:59.0328 1080 [ 03CE989D846C1AA81145CB22FCB86D06 ] iAimFP2 C:\WINDOWS\system32\DRIVERS\wADV05NT.sys
10:44:59.0328 1080 iAimFP2 - ok
10:44:59.0359 1080 [ 525849B4469DE021D5D61B4DB9BE3A9D ] iAimFP3 C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys
10:44:59.0359 1080 iAimFP3 - ok
10:44:59.0390 1080 [ 589C2BCDB5BD602BF7B63D210407EF8C ] iAimFP4 C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys
10:44:59.0390 1080 iAimFP4 - ok
10:44:59.0406 1080 [ 0308AEF61941E4AF478FA1A0F83812F5 ] iAimFP5 C:\WINDOWS\system32\DRIVERS\wADV07nt.sys
10:44:59.0406 1080 iAimFP5 - ok
10:44:59.0437 1080 [ 714038A8AA5DE08E12062202CD7EAEB5 ] iAimFP6 C:\WINDOWS\system32\DRIVERS\wADV08nt.sys
10:44:59.0437 1080 iAimFP6 - ok
10:44:59.0468 1080 [ 7BB3AA595E4507A788DE1CDC63F4C8C4 ] iAimFP7 C:\WINDOWS\system32\DRIVERS\wADV09nt.sys
10:44:59.0468 1080 iAimFP7 - ok
10:44:59.0500 1080 [ D83BDD5C059667A2F647A6BE5703A4D2 ] iAimTV0 C:\WINDOWS\system32\DRIVERS\wATV01nt.sys
10:44:59.0500 1080 iAimTV0 - ok
10:44:59.0531 1080 [ ED968D23354DAA0D7C621580C012A1F6 ] iAimTV1 C:\WINDOWS\system32\DRIVERS\wATV02NT.sys
10:44:59.0531 1080 iAimTV1 - ok
10:44:59.0562 1080 [ D738273F218A224C1DDAC04203F27A84 ] iAimTV3 C:\WINDOWS\system32\DRIVERS\wATV04nt.sys
10:44:59.0562 1080 iAimTV3 - ok
10:44:59.0578 1080 [ 0052D118995CBAB152DAABE6106D1442 ] iAimTV4 C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys
10:44:59.0593 1080 iAimTV4 - ok
10:44:59.0609 1080 [ 791CC45DE6E50445BE72E8AD6401FF45 ] iAimTV5 C:\WINDOWS\system32\DRIVERS\wATV10nt.sys
10:44:59.0609 1080 iAimTV5 - ok
10:44:59.0625 1080 [ 352FA0E98BC461CE1CE5D41F64DB558D ] iAimTV6 C:\WINDOWS\system32\DRIVERS\wATV06nt.sys
10:44:59.0640 1080 iAimTV6 - ok
10:44:59.0734 1080 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:44:59.0750 1080 idsvc - ok
10:44:59.0796 1080 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
10:44:59.0796 1080 Imapi - ok
10:44:59.0843 1080 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
10:44:59.0859 1080 ImapiService - ok
10:44:59.0875 1080 ini910u - ok
10:44:59.0906 1080 [ 57D928E548B38502ABBA7A77A6EB7312 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
10:44:59.0906 1080 IntelIde - ok
10:44:59.0937 1080 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
10:44:59.0937 1080 Ip6Fw - ok
10:44:59.0953 1080 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:44:59.0953 1080 IpFilterDriver - ok
10:44:59.0968 1080 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:44:59.0984 1080 IpInIp - ok
10:45:00.0015 1080 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:45:00.0031 1080 IpNat - ok
10:45:00.0062 1080 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:45:00.0062 1080 IPSec - ok
10:45:00.0078 1080 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
10:45:00.0078 1080 IRENUM - ok
10:45:00.0125 1080 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:45:00.0140 1080 isapnp - ok
10:45:00.0171 1080 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:45:00.0171 1080 Kbdclass - ok
10:45:00.0203 1080 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
10:45:00.0203 1080 kmixer - ok
10:45:00.0234 1080 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
10:45:00.0250 1080 KSecDD - ok
10:45:00.0281 1080 [ 3428E8F86F8ADD36B42FB23542C7B3E4 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
10:45:00.0296 1080 lanmanserver - ok
10:45:00.0328 1080 [ 936C1D110232D23B621CB0196E4F80F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
10:45:00.0343 1080 lanmanworkstation - ok
10:45:00.0359 1080 lbrtfdc - ok
10:45:00.0390 1080 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
10:45:00.0406 1080 LmHosts - ok
10:45:00.0453 1080 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
10:45:00.0453 1080 MBAMProtector - ok
10:45:00.0515 1080 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
10:45:00.0531 1080 MBAMScheduler - ok
10:45:00.0625 1080 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
10:45:00.0625 1080 MBAMService - ok
10:45:00.0656 1080 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
10:45:00.0671 1080 Messenger - ok
10:45:00.0687 1080 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
10:45:00.0687 1080 mnmdd - ok
10:45:00.0718 1080 [ 9A57D046F88F4B69751B11FD40088A61 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
10:45:00.0734 1080 mnmsrvc - ok
10:45:00.0765 1080 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
10:45:00.0765 1080 Modem - ok
10:45:00.0796 1080 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:45:00.0796 1080 Mouclass - ok
10:45:00.0828 1080 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
10:45:00.0828 1080 mouhid - ok
10:45:00.0859 1080 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
10:45:00.0859 1080 MountMgr - ok
10:45:00.0921 1080 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:45:00.0937 1080 MozillaMaintenance - ok
10:45:00.0937 1080 mraid35x - ok
10:45:00.0984 1080 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:45:00.0984 1080 MRxDAV - ok
10:45:01.0046 1080 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:45:01.0062 1080 MRxSmb - ok
10:45:01.0109 1080 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
10:45:01.0109 1080 MSDTC - ok
10:45:01.0140 1080 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
10:45:01.0140 1080 Msfs - ok
10:45:01.0156 1080 MSIServer - ok
10:45:01.0187 1080 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:45:01.0187 1080 MSKSSRV - ok
10:45:01.0218 1080 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:45:01.0218 1080 MSPCLOCK - ok
10:45:01.0250 1080 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
10:45:01.0250 1080 MSPQM - ok
10:45:01.0265 1080 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:45:01.0265 1080 mssmbios - ok
10:45:01.0328 1080 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
10:45:01.0328 1080 Mup - ok
10:45:01.0375 1080 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
10:45:01.0390 1080 napagent - ok
10:45:01.0515 1080 [ B498A14133BD09AD0817590ACE4470AD ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
10:45:01.0531 1080 NBService - ok
10:45:01.0578 1080 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
10:45:01.0593 1080 NDIS - ok
10:45:01.0625 1080 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:45:01.0625 1080 NdisTapi - ok
10:45:01.0656 1080 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:45:01.0656 1080 Ndisuio - ok
10:45:01.0687 1080 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:45:01.0703 1080 NdisWan - ok
10:45:01.0734 1080 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
10:45:01.0734 1080 NDProxy - ok
10:45:01.0796 1080 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
10:45:01.0796 1080 NetBIOS - ok
10:45:01.0828 1080 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
10:45:01.0828 1080 NetBT - ok
10:45:01.0875 1080 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
10:45:01.0875 1080 NetDDE - ok
10:45:01.0890 1080 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
10:45:01.0906 1080 NetDDEdsdm - ok
10:45:01.0921 1080 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
10:45:01.0937 1080 Netlogon - ok
10:45:01.0984 1080 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
10:45:02.0000 1080 Netman - ok
10:45:02.0031 1080 [ 562E15CE8A98282F241E03829657E344 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:45:02.0031 1080 NetTcpPortSharing - ok
10:45:02.0078 1080 [ 39EE7C3BFBC64BA87CC8CF67386E814C ] Nla C:\WINDOWS\System32\mswsock.dll
10:45:02.0078 1080 Nla - ok
10:45:02.0218 1080 [ A328A46D87BB92CE4D8A4528E9D84787 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
10:45:02.0218 1080 NMIndexingService - ok
10:45:02.0265 1080 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
10:45:02.0265 1080 Npfs - ok
10:45:02.0312 1080 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
10:45:02.0328 1080 Ntfs - ok
10:45:02.0343 1080 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
10:45:02.0343 1080 NtLmSsp - ok
10:45:02.0406 1080 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
10:45:02.0421 1080 NtmsSvc - ok
10:45:02.0453 1080 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
10:45:02.0453 1080 Null - ok
10:45:02.0484 1080 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:45:02.0484 1080 NwlnkFlt - ok
10:45:02.0515 1080 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:45:02.0515 1080 NwlnkFwd - ok
10:45:02.0546 1080 [ 3FC38E7FBE91DB40C34731195F4116C2 ] P3 C:\WINDOWS\system32\DRIVERS\p3.sys
10:45:02.0562 1080 P3 - ok
10:45:02.0578 1080 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
10:45:02.0578 1080 Parport - ok
10:45:02.0609 1080 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
10:45:02.0609 1080 PartMgr - ok
10:45:02.0640 1080 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
10:45:02.0640 1080 ParVdm - ok
10:45:02.0671 1080 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
10:45:02.0671 1080 PCI - ok
10:45:02.0687 1080 PCIDump - ok
10:45:02.0718 1080 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
10:45:02.0718 1080 PCIIde - ok
10:45:02.0765 1080 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
10:45:02.0765 1080 Pcmcia - ok
10:45:02.0781 1080 PDCOMP - ok
10:45:02.0796 1080 PDFRAME - ok
10:45:02.0812 1080 PDRELI - ok
10:45:02.0828 1080 PDRFRAME - ok
10:45:02.0843 1080 perc2 - ok
10:45:02.0859 1080 perc2hib - ok
10:45:02.0921 1080 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] PlugPlay C:\WINDOWS\system32\services.exe
10:45:02.0937 1080 PlugPlay - ok
10:45:02.0953 1080 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
10:45:02.0953 1080 PolicyAgent - ok
10:45:02.0984 1080 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:45:02.0984 1080 PptpMiniport - ok
10:45:03.0015 1080 [ 7EB15DCE4EC3A0220BD796A15C18186E ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
10:45:03.0015 1080 Processor - ok
10:45:03.0031 1080 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
10:45:03.0046 1080 ProtectedStorage - ok
10:45:03.0062 1080 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
10:45:03.0078 1080 PSched - ok
10:45:03.0093 1080 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:45:03.0093 1080 Ptilink - ok
10:45:03.0109 1080 ql1080 - ok
10:45:03.0125 1080 Ql10wnt - ok
10:45:03.0140 1080 ql12160 - ok
10:45:03.0156 1080 ql1240 - ok
10:45:03.0171 1080 ql1280 - ok
10:45:03.0203 1080 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:45:03.0203 1080 RasAcd - ok
10:45:03.0234 1080 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
10:45:03.0234 1080 RasAuto - ok
10:45:03.0265 1080 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:45:03.0265 1080 Rasl2tp - ok
10:45:03.0312 1080 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
10:45:03.0328 1080 RasMan - ok
10:45:03.0359 1080 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:45:03.0359 1080 RasPppoe - ok
10:45:03.0390 1080 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
10:45:03.0390 1080 Raspti - ok
10:45:03.0437 1080 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:45:03.0437 1080 Rdbss - ok
10:45:03.0453 1080 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:45:03.0468 1080 RDPCDD - ok
10:45:03.0515 1080 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
10:45:03.0515 1080 RDPWD - ok
10:45:03.0562 1080 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
10:45:03.0562 1080 RDSessMgr - ok
10:45:03.0593 1080 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
10:45:03.0593 1080 redbook - ok
10:45:03.0640 1080 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
10:45:03.0640 1080 RemoteAccess - ok
10:45:03.0671 1080 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
10:45:03.0687 1080 RpcLocator - ok
10:45:03.0718 1080 [ BE27674D1CBC3214AEC84B4336A38BBF ] RpcSs C:\WINDOWS\system32\rpcss.dll
10:45:03.0734 1080 RpcSs - ok
10:45:03.0765 1080 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
10:45:03.0781 1080 RSVP - ok
10:45:03.0796 1080 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
10:45:03.0812 1080 SamSs - ok
10:45:03.0828 1080 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
10:45:03.0843 1080 SCardSvr - ok
10:45:03.0875 1080 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
10:45:03.0890 1080 Schedule - ok
10:45:03.0921 1080 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:45:03.0921 1080 Secdrv - ok
10:45:03.0968 1080 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
10:45:03.0984 1080 seclogon - ok
10:45:04.0015 1080 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
10:45:04.0015 1080 SENS - ok
10:45:04.0062 1080 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
10:45:04.0062 1080 serenum - ok
10:45:04.0078 1080 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
10:45:04.0078 1080 Serial - ok
10:45:04.0125 1080 [ 0B179A959FF6B6CA5927D4F255AB9F90 ] sfdrv01 C:\WINDOWS\system32\drivers\sfdrv01.sys
10:45:04.0125 1080 sfdrv01 - ok
10:45:04.0156 1080 [ 15BE2B5E4DC5B8623CF167720682ABC9 ] sfhlp02 C:\WINDOWS\system32\drivers\sfhlp02.sys
10:45:04.0171 1080 sfhlp02 - ok
10:45:04.0187 1080 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
10:45:04.0187 1080 Sfloppy - ok
10:45:04.0203 1080 [ A62EFE6AA55C6A599DDBB6BD00E8FB9C ] sfsync02 C:\WINDOWS\system32\drivers\sfsync02.sys
10:45:04.0203 1080 sfsync02 - ok
10:45:04.0281 1080 [ F58FACA9621D2DB01BD0927D9A0A208E ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
10:45:04.0296 1080 SharedAccess - ok
10:45:04.0312 1080 [ EE9A2B9EA968A792A053C9D1A86BF870 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:45:04.0328 1080 ShellHWDetection - ok
10:45:04.0343 1080 Simbad - ok
10:45:04.0359 1080 Sparrow - ok
10:45:04.0390 1080 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
10:45:04.0390 1080 splitter - ok
10:45:04.0437 1080 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
10:45:04.0437 1080 Spooler - ok
10:45:04.0453 1080 [ 94610C8653635E4459316A0050D55CE7 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
10:45:04.0453 1080 sr - ok
10:45:04.0500 1080 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
10:45:04.0515 1080 srservice - ok
10:45:04.0546 1080 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
10:45:04.0562 1080 Srv - ok
10:45:04.0609 1080 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
10:45:04.0609 1080 SSDPSRV - ok
10:45:04.0656 1080 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
10:45:04.0687 1080 stisvc - ok
10:45:04.0703 1080 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
10:45:04.0703 1080 swenum - ok
10:45:04.0734 1080 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
10:45:04.0734 1080 swmidi - ok
10:45:04.0734 1080 SwPrv - ok
10:45:04.0781 1080 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
10:45:04.0781 1080 symc810 - ok
10:45:04.0796 1080 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
10:45:04.0796 1080 symc8xx - ok
10:45:04.0828 1080 [ F2B7E8416F508368AC6730E2AE1C614F ] Symmpi C:\WINDOWS\system32\DRIVERS\symmpi.sys
10:45:04.0828 1080 Symmpi - ok
10:45:04.0843 1080 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
10:45:04.0843 1080 sym_hi - ok
10:45:04.0859 1080 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
10:45:04.0875 1080 sym_u3 - ok
10:45:04.0890 1080 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
10:45:04.0906 1080 sysaudio - ok
10:45:04.0921 1080 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
10:45:04.0937 1080 SysmonLog - ok
10:45:04.0968 1080 [ B7AEE68D2E867CBF69B649B18FCEDBBB ] tap0901t C:\WINDOWS\system32\DRIVERS\tap0901t.sys
10:45:04.0968 1080 tap0901t - ok
10:45:05.0000 1080 [ C2546CD7A398476F9DF5614B2AE160E8 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
10:45:05.0000 1080 TapiSrv - ok
10:45:05.0062 1080 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:45:05.0062 1080 Tcpip - ok
10:45:05.0109 1080 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
10:45:05.0109 1080 TDPIPE - ok
10:45:05.0140 1080 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
10:45:05.0140 1080 TDTCP - ok
10:45:05.0187 1080 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
10:45:05.0187 1080 TermDD - ok
10:45:05.0218 1080 [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E ] TermService C:\WINDOWS\System32\termsrv.dll
10:45:05.0234 1080 TermService - ok
10:45:05.0265 1080 [ EE9A2B9EA968A792A053C9D1A86BF870 ] Themes C:\WINDOWS\System32\shsvcs.dll
10:45:05.0265 1080 Themes - ok
10:45:05.0281 1080 TosIde - ok
10:45:05.0312 1080 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
10:45:05.0328 1080 TrkWks - ok
10:45:05.0406 1080 [ 2FD0FE0A0C721C8E47C5A3AE16E519B1 ] TunngleService C:\Program Files\Tunngle\TnglCtrl.exe
10:45:05.0421 1080 TunngleService - ok
10:45:05.0453 1080 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
10:45:05.0453 1080 Udfs - ok
10:45:05.0468 1080 ultra - ok
10:45:05.0500 1080 [ C81B8635DEE0D3EF5F64B3DD643023A5 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
10:45:05.0515 1080 UMWdf - ok
10:45:05.0703 1080 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
10:45:05.0718 1080 Update - ok
10:45:05.0734 1080 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
10:45:05.0750 1080 upnphost - ok
10:45:05.0781 1080 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
10:45:05.0796 1080 UPS - ok
10:45:05.0828 1080 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:45:05.0828 1080 usbehci - ok
10:45:05.0890 1080 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:45:05.0890 1080 usbhub - ok
10:45:05.0937 1080 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
10:45:05.0937 1080 usbohci - ok
10:45:05.0968 1080 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:45:05.0968 1080 USBSTOR - ok
10:45:06.0015 1080 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
10:45:06.0015 1080 usbuhci - ok
10:45:06.0062 1080 [ FCE98C43B5C5DB8E0DA8EA0E2B45E044 ] VClone C:\WINDOWS\system32\DRIVERS\VClone.sys
10:45:06.0062 1080 VClone - ok
10:45:06.0078 1080 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
10:45:06.0093 1080 VgaSave - ok
10:45:06.0125 1080 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
10:45:06.0125 1080 ViaIde - ok
10:45:06.0171 1080 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
10:45:06.0171 1080 VolSnap - ok
10:45:06.0218 1080 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
10:45:06.0234 1080 VSS - ok
10:45:06.0265 1080 [ FA4E1CDBA256787F2149F4AAD07BC91F ] W32Time C:\WINDOWS\system32\w32time.dll
10:45:06.0281 1080 W32Time - ok
10:45:06.0375 1080 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:45:06.0375 1080 Wanarp - ok
10:45:06.0390 1080 WDICA - ok
10:45:06.0406 1080 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
10:45:06.0421 1080 wdmaud - ok
10:45:06.0453 1080 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
10:45:06.0453 1080 WebClient - ok
10:45:06.0546 1080 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
10:45:06.0546 1080 winmgmt - ok
10:45:06.0593 1080 [ A477391B7A8B0A0DAABADB17CF533A4B ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
10:45:06.0609 1080 WmdmPmSN - ok
10:45:06.0656 1080 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
10:45:06.0656 1080 WmiApSrv - ok
10:45:06.0718 1080 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
10:45:06.0734 1080 wscsvc - ok
10:45:06.0765 1080 [ C1364564800EE9784192145324A23308 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
10:45:06.0796 1080 wuauserv - ok
10:45:06.0843 1080 [ A27D4BA7264C0BF52F32D10405BEA1D4 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
10:45:06.0875 1080 WZCSVC - ok
10:45:06.0921 1080 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
10:45:06.0937 1080 xmlprov - ok
10:45:06.0953 1080 ================ Scan global ===============================
10:45:06.0984 1080 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
10:45:07.0046 1080 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
10:45:07.0078 1080 [ F3FA14A297BC687D0B51289D034033C9 ] C:\WINDOWS\system32\winsrv.dll
10:45:07.0140 1080 [ 9EF697AF07BB8DD82C3B02CA953A95B7 ] C:\WINDOWS\system32\services.exe
10:45:07.0156 1080 [Global] - ok
10:45:07.0156 1080 ================ Scan MBR ==================================
10:45:07.0171 1080 [ DF9769DBAFC477636448AB0154B8BBC9 ] \Device\Harddisk0\DR0
10:45:07.0390 1080 \Device\Harddisk0\DR0 - ok
10:45:07.0406 1080 [ E64B2A49894D1FD5A0201870E3E41A51 ] \Device\Harddisk1\DR2
10:45:07.0859 1080 \Device\Harddisk1\DR2 - ok
10:45:07.0859 1080 ================ Scan VBR ==================================
10:45:07.0859 1080 [ 671D6AF1EDB600A520999D1C299A6ADC ] \Device\Harddisk0\DR0\Partition1
10:45:07.0875 1080 \Device\Harddisk0\DR0\Partition1 - ok
10:45:07.0875 1080 [ 819C640C898C0CA65FE12FCE33044BFA ] \Device\Harddisk1\DR2\Partition1
10:45:07.0890 1080 \Device\Harddisk1\DR2\Partition1 - ok
10:45:07.0890 1080 ============================================================
10:45:07.0890 1080 Scan finished
10:45:07.0890 1080 ============================================================
10:45:07.0906 1896 Detected object count: 0
10:45:07.0906 1896 Actual detected object count: 0
10:45:56.0640 3980 Deinitialize success
Re: prosím kontrolu logu
a tady combo fix:
ComboFix 13-03-16.02 - Varg 17.03.2013 10:49:20.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2558.2096 [GMT 1:00]
Spuštěný z: c:\documents and settings\Varg\Dokumenty\Sta×enÚ soubory\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\IsUn0405.exe
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-02-17 do 2013-03-17 )))))))))))))))))))))))))))))))
.
.
2013-03-16 17:07 . 2013-03-16 17:07 -------- d-----w- c:\documents and settings\Varg\Data aplikací\Malwarebytes
2013-03-16 17:07 . 2013-03-16 17:07 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-03-16 17:07 . 2013-03-16 17:07 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-03-16 17:07 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-03 11:21 . 2013-03-06 23:33 164736 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-03 11:21 . 2013-03-06 23:33 49248 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-03 11:21 . 2013-03-06 23:33 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-02-15 22:04 . 2013-02-15 22:04 208448 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-13 11:56 . 2013-01-20 18:43 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-13 11:56 . 2013-01-20 18:43 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-06 23:33 . 2013-01-20 18:08 368176 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-03-06 23:33 . 2013-01-20 18:07 62376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-03-06 23:33 . 2013-01-20 18:07 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-03-06 23:33 . 2013-01-20 18:07 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-06 23:33 . 2013-01-20 18:08 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-03-06 23:32 . 2013-01-20 18:07 41664 ----a-w- c:\windows\avastSS.scr
2013-03-06 23:32 . 2013-01-20 18:07 228600 ----a-w- c:\windows\system32\aswBoot.exe
2013-02-05 20:15 . 2004-08-17 22:49 916480 ----a-w- c:\windows\system32\wininet.dll
2013-02-05 20:15 . 2004-08-17 22:49 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-02-05 20:15 . 2004-08-17 22:49 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-02-05 05:53 . 2004-08-17 22:44 385024 ----a-w- c:\windows\system32\html.iec
2013-02-02 14:53 . 2013-02-02 14:53 249856 ------w- c:\windows\Setup1.exe
2013-02-02 14:53 . 2013-02-02 14:53 73216 ----a-w- c:\windows\ST6UNST.EXE
2013-01-26 03:55 . 2004-08-17 22:49 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-20 18:01 . 2013-01-20 18:01 79 ----a-w- c:\windows\system32\ssinstall-uninstall.bat
2013-01-20 18:01 . 2013-01-20 18:01 2317848 ----a-w- c:\windows\system32\ssins.exe
2013-01-20 17:36 . 2013-01-20 17:36 61555 ----a-w- c:\windows\system32\jpicpl32.cpl
2013-01-07 07:26 . 2004-08-18 09:00 2071936 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-07 07:26 . 2004-08-17 22:45 2195200 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-04 10:10 . 2004-08-17 22:44 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-01-02 06:49 . 2004-08-17 22:49 148992 ----a-w- c:\windows\system32\mpg2splt.ax
2013-01-02 06:49 . 2004-08-17 22:49 1294848 ----a-w- c:\windows\system32\quartz.dll
2013-03-08 06:38 . 2013-03-08 06:38 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SetRefresh"="c:\program files\Compaq\SetRefresh\SetRefresh.exe" [2003-11-20 525824]
"seznam-listicka-distribuce"="c:\program files\Seznam.cz\distribution\szninstall.exe" [2012-09-13 1009288]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 61440]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Games\\World_of_Tanks\\WoTLauncher.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Games\\World_of_Tanks\\WorldOfTanks.exe"=
"c:\\Program Files\\Tunngle\\TnglCtrl.exe"=
"c:\\Program Files\\Tunngle\\Tunngle.exe"=
"c:\\Documents and Settings\\Varg\\Data aplikací\\GameRanger\\GameRanger\\GameRanger.exe"=
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [3.3.2013 12:21 49248]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [3.3.2013 12:21 164736]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [20.1.2013 19:07 765736]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [20.1.2013 19:08 368176]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [20.1.2013 19:08 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [3.3.2013 12:21 66336]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [16.3.2013 18:07 21104]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\drivers\tap0901t.sys [2.2.2013 15:49 27136]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [16.3.2013 18:07 682344]
S3 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [2.2.2013 15:49 745368]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 39679959
*Deregistered* - 39679959
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-14 19:30 1629648 ----a-w- c:\program files\Google\Chrome\Application\25.0.1364.172\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-03-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-20 11:57]
.
2013-03-17 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-01-20 23:32]
.
2013-03-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-01-20 18:08]
.
2013-03-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-01-20 18:08]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.hp.com
IE: Stáhnout Free Download Managerem - file://c:\program files\Free Download Manager\dllink.htm
IE: Stáhnout video Free Download Managerem - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané Free Download Managerem - file://c:\program files\Free Download Manager\dlselected.htm
IE: Stáhnout vše Free Download Managerem - file://c:\program files\Free Download Manager\dlall.htm
TCP: DhcpNameServer = 213.46.172.36 192.168.0.1
FF - ProfilePath - c:\documents and settings\Varg\Data aplikací\Mozilla\Firefox\Profiles\hfx0r1z8.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - ExtSQL: 2013-01-20 18:59; {ea614400-e918-4741-9a97-7a972ff7c30b}; c:\documents and settings\Varg\Data aplikacĂÂ\Mozilla\Firefox\Profiles\hfx0r1z8.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF - ExtSQL: 2013-01-20 19:09; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-01-20 19:20; 7fb9a47c-8237-47dd-a247-bf2cb7f07e2a@jetpack; c:\documents and settings\Varg\Data aplikacĂÂ\Mozilla\Firefox\Profiles\hfx0r1z8.default\extensions\7fb9a47c-8237-47dd-a247-bf2cb7f07e2a@jetpack.xpi
FF - ExtSQL: 2013-01-21 17:51; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - ExtSQL: 2013-01-21 20:50; fdm_ffext@freedownloadmanager.org; c:\program files\Free Download Manager\Firefox\Extension
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Software Setup - c:\windows\IsUn0405.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-03-17 10:54
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(928)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2013-03-17 10:55:52
ComboFix-quarantined-files.txt 2013-03-17 09:55
.
Před spuštěním: Volných bajtů: 83 683 999 744
Po spuštění: Volných bajtů: 84 215 324 672
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 68E987DAA921D4399D51B3F0D99DE742
ComboFix 13-03-16.02 - Varg 17.03.2013 10:49:20.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2558.2096 [GMT 1:00]
Spuštěný z: c:\documents and settings\Varg\Dokumenty\Sta×enÚ soubory\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\IsUn0405.exe
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-02-17 do 2013-03-17 )))))))))))))))))))))))))))))))
.
.
2013-03-16 17:07 . 2013-03-16 17:07 -------- d-----w- c:\documents and settings\Varg\Data aplikací\Malwarebytes
2013-03-16 17:07 . 2013-03-16 17:07 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-03-16 17:07 . 2013-03-16 17:07 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-03-16 17:07 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-03 11:21 . 2013-03-06 23:33 164736 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-03 11:21 . 2013-03-06 23:33 49248 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-03 11:21 . 2013-03-06 23:33 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-02-15 22:04 . 2013-02-15 22:04 208448 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-13 11:56 . 2013-01-20 18:43 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-13 11:56 . 2013-01-20 18:43 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-06 23:33 . 2013-01-20 18:08 368176 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-03-06 23:33 . 2013-01-20 18:07 62376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-03-06 23:33 . 2013-01-20 18:07 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-03-06 23:33 . 2013-01-20 18:07 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-06 23:33 . 2013-01-20 18:08 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-03-06 23:32 . 2013-01-20 18:07 41664 ----a-w- c:\windows\avastSS.scr
2013-03-06 23:32 . 2013-01-20 18:07 228600 ----a-w- c:\windows\system32\aswBoot.exe
2013-02-05 20:15 . 2004-08-17 22:49 916480 ----a-w- c:\windows\system32\wininet.dll
2013-02-05 20:15 . 2004-08-17 22:49 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-02-05 20:15 . 2004-08-17 22:49 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-02-05 05:53 . 2004-08-17 22:44 385024 ----a-w- c:\windows\system32\html.iec
2013-02-02 14:53 . 2013-02-02 14:53 249856 ------w- c:\windows\Setup1.exe
2013-02-02 14:53 . 2013-02-02 14:53 73216 ----a-w- c:\windows\ST6UNST.EXE
2013-01-26 03:55 . 2004-08-17 22:49 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-20 18:01 . 2013-01-20 18:01 79 ----a-w- c:\windows\system32\ssinstall-uninstall.bat
2013-01-20 18:01 . 2013-01-20 18:01 2317848 ----a-w- c:\windows\system32\ssins.exe
2013-01-20 17:36 . 2013-01-20 17:36 61555 ----a-w- c:\windows\system32\jpicpl32.cpl
2013-01-07 07:26 . 2004-08-18 09:00 2071936 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-07 07:26 . 2004-08-17 22:45 2195200 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-04 10:10 . 2004-08-17 22:44 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-01-02 06:49 . 2004-08-17 22:49 148992 ----a-w- c:\windows\system32\mpg2splt.ax
2013-01-02 06:49 . 2004-08-17 22:49 1294848 ----a-w- c:\windows\system32\quartz.dll
2013-03-08 06:38 . 2013-03-08 06:38 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SetRefresh"="c:\program files\Compaq\SetRefresh\SetRefresh.exe" [2003-11-20 525824]
"seznam-listicka-distribuce"="c:\program files\Seznam.cz\distribution\szninstall.exe" [2012-09-13 1009288]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 61440]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Games\\World_of_Tanks\\WoTLauncher.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Games\\World_of_Tanks\\WorldOfTanks.exe"=
"c:\\Program Files\\Tunngle\\TnglCtrl.exe"=
"c:\\Program Files\\Tunngle\\Tunngle.exe"=
"c:\\Documents and Settings\\Varg\\Data aplikací\\GameRanger\\GameRanger\\GameRanger.exe"=
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [3.3.2013 12:21 49248]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [3.3.2013 12:21 164736]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [20.1.2013 19:07 765736]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [20.1.2013 19:08 368176]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [20.1.2013 19:08 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [3.3.2013 12:21 66336]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [16.3.2013 18:07 21104]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\drivers\tap0901t.sys [2.2.2013 15:49 27136]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [16.3.2013 18:07 682344]
S3 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [2.2.2013 15:49 745368]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 39679959
*Deregistered* - 39679959
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-14 19:30 1629648 ----a-w- c:\program files\Google\Chrome\Application\25.0.1364.172\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-03-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-20 11:57]
.
2013-03-17 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-01-20 23:32]
.
2013-03-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-01-20 18:08]
.
2013-03-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-01-20 18:08]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.hp.com
IE: Stáhnout Free Download Managerem - file://c:\program files\Free Download Manager\dllink.htm
IE: Stáhnout video Free Download Managerem - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané Free Download Managerem - file://c:\program files\Free Download Manager\dlselected.htm
IE: Stáhnout vše Free Download Managerem - file://c:\program files\Free Download Manager\dlall.htm
TCP: DhcpNameServer = 213.46.172.36 192.168.0.1
FF - ProfilePath - c:\documents and settings\Varg\Data aplikací\Mozilla\Firefox\Profiles\hfx0r1z8.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - ExtSQL: 2013-01-20 18:59; {ea614400-e918-4741-9a97-7a972ff7c30b}; c:\documents and settings\Varg\Data aplikacĂÂ\Mozilla\Firefox\Profiles\hfx0r1z8.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF - ExtSQL: 2013-01-20 19:09; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-01-20 19:20; 7fb9a47c-8237-47dd-a247-bf2cb7f07e2a@jetpack; c:\documents and settings\Varg\Data aplikacĂÂ\Mozilla\Firefox\Profiles\hfx0r1z8.default\extensions\7fb9a47c-8237-47dd-a247-bf2cb7f07e2a@jetpack.xpi
FF - ExtSQL: 2013-01-21 17:51; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - ExtSQL: 2013-01-21 20:50; fdm_ffext@freedownloadmanager.org; c:\program files\Free Download Manager\Firefox\Extension
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Software Setup - c:\windows\IsUn0405.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-03-17 10:54
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(928)
c:\windows\system32\Ati2evxx.dll
.
Celkový čas: 2013-03-17 10:55:52
ComboFix-quarantined-files.txt 2013-03-17 09:55
.
Před spuštěním: Volných bajtů: 83 683 999 744
Po spuštění: Volných bajtů: 84 215 324 672
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 68E987DAA921D4399D51B3F0D99DE742
- Žbeky
- Moderátor
-
Guru Level 13
- Příspěvky: 22288
- Registrován: květen 08
- Bydliště: Vsetín - Pardubice
- Pohlaví:
- Stav:
Offline
Re: prosím kontrolu logu
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.

- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE
Kód: Vybrat vše
KillAll::
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
Folder::
c:\program files\Google\Update
Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000000
DDS::
uStart Page = hxxp://www.hp.com
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.

- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
Re: prosím kontrolu logu
tak snad jsem nic nepokazil.
Po restartu mi nenaběhl comp a musel jsem restartovat ještě jednou.
Tady log:
ComboFix 13-03-17.01 - Varg 17.03.2013 18:15:27.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2558.2086 [GMT 1:00]
Spuštěný z: c:\documents and settings\Varg\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Varg\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Google\Update
c:\program files\Google\Update\1.3.21.135\GoogleCrashHandler.exe
c:\program files\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
c:\program files\Google\Update\1.3.21.135\GoogleUpdate.exe
c:\program files\Google\Update\1.3.21.135\GoogleUpdateBroker.exe
c:\program files\Google\Update\1.3.21.135\GoogleUpdateHelper.msi
c:\program files\Google\Update\1.3.21.135\GoogleUpdateOnDemand.exe
c:\program files\Google\Update\1.3.21.135\GoogleUpdateSetup.exe
c:\program files\Google\Update\1.3.21.135\goopdate.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_am.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_ar.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_bg.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_bn.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_ca.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_cs.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_da.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_de.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_el.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_en-GB.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_en.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_es-419.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_es.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_et.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_fa.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_fi.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_fil.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_fr.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_gu.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_hi.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_hr.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_hu.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_id.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_is.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_it.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_iw.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_ja.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_kn.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_ko.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_lt.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_lv.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_ml.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_mr.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_ms.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_nl.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_no.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_pl.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_pt-BR.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_pt-PT.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_ro.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_ru.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_sk.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_sl.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_sr.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_sv.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_sw.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_ta.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_te.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_th.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_tr.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_uk.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_ur.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_vi.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_zh-CN.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_zh-TW.dll
c:\program files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
c:\program files\Google\Update\1.3.21.135\psmachine.dll
c:\program files\Google\Update\1.3.21.135\psuser.dll
c:\program files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.135\GoogleUpdateSetup.exe
c:\program files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\25.0.1364.172\25.0.1364.172_25.0.1364.152_chrome_updater.exe
c:\program files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\25.0.1364.172\25.0.1364.172_chrome_installer.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_gupdate
-------\Legacy_gupdatem
-------\Legacy_gupdate
-------\Legacy_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-02-17 do 2013-03-17 )))))))))))))))))))))))))))))))
.
.
2013-03-16 17:07 . 2013-03-16 17:07 -------- d-----w- c:\documents and settings\Varg\Data aplikací\Malwarebytes
2013-03-16 17:07 . 2013-03-16 17:07 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-03-16 17:07 . 2013-03-16 17:07 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-03-16 17:07 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-03 11:21 . 2013-03-06 23:33 164736 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-03 11:21 . 2013-03-06 23:33 49248 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-03 11:21 . 2013-03-06 23:33 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-02-15 22:04 . 2013-02-15 22:04 208448 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-13 11:56 . 2013-01-20 18:43 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-13 11:56 . 2013-01-20 18:43 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-06 23:33 . 2013-01-20 18:08 368176 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-03-06 23:33 . 2013-01-20 18:07 62376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-03-06 23:33 . 2013-01-20 18:07 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-03-06 23:33 . 2013-01-20 18:07 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-06 23:33 . 2013-01-20 18:08 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-03-06 23:32 . 2013-01-20 18:07 41664 ----a-w- c:\windows\avastSS.scr
2013-03-06 23:32 . 2013-01-20 18:07 228600 ----a-w- c:\windows\system32\aswBoot.exe
2013-02-05 20:15 . 2004-08-17 22:49 916480 ----a-w- c:\windows\system32\wininet.dll
2013-02-05 20:15 . 2004-08-17 22:49 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-02-05 20:15 . 2004-08-17 22:49 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-02-05 05:53 . 2004-08-17 22:44 385024 ----a-w- c:\windows\system32\html.iec
2013-02-02 14:53 . 2013-02-02 14:53 249856 ------w- c:\windows\Setup1.exe
2013-02-02 14:53 . 2013-02-02 14:53 73216 ----a-w- c:\windows\ST6UNST.EXE
2013-01-26 03:55 . 2004-08-17 22:49 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-20 18:01 . 2013-01-20 18:01 79 ----a-w- c:\windows\system32\ssinstall-uninstall.bat
2013-01-20 18:01 . 2013-01-20 18:01 2317848 ----a-w- c:\windows\system32\ssins.exe
2013-01-20 17:36 . 2013-01-20 17:36 61555 ----a-w- c:\windows\system32\jpicpl32.cpl
2013-01-07 07:26 . 2004-08-18 09:00 2071936 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-07 07:26 . 2004-08-17 22:45 2195200 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-04 10:10 . 2004-08-17 22:44 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-01-02 06:49 . 2004-08-17 22:49 148992 ----a-w- c:\windows\system32\mpg2splt.ax
2013-01-02 06:49 . 2004-08-17 22:49 1294848 ----a-w- c:\windows\system32\quartz.dll
2013-03-08 06:38 . 2013-03-08 06:38 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SetRefresh"="c:\program files\Compaq\SetRefresh\SetRefresh.exe" [2003-11-20 525824]
"seznam-listicka-distribuce"="c:\program files\Seznam.cz\distribution\szninstall.exe" [2012-09-13 1009288]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 61440]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Games\\World_of_Tanks\\WoTLauncher.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Games\\World_of_Tanks\\WorldOfTanks.exe"=
"c:\\Program Files\\Tunngle\\TnglCtrl.exe"=
"c:\\Program Files\\Tunngle\\Tunngle.exe"=
"c:\\Documents and Settings\\Varg\\Data aplikací\\GameRanger\\GameRanger\\GameRanger.exe"=
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [3.3.2013 12:21 49248]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [3.3.2013 12:21 164736]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [20.1.2013 19:07 765736]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [20.1.2013 19:08 368176]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [20.1.2013 19:08 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [3.3.2013 12:21 66336]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [16.3.2013 18:07 21104]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\drivers\tap0901t.sys [2.2.2013 15:49 27136]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [16.3.2013 18:07 682344]
S3 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [2.2.2013 15:49 745368]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-14 19:30 1629648 ----a-w- c:\program files\Google\Chrome\Application\25.0.1364.172\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-03-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-20 11:57]
.
2013-03-17 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-01-20 23:32]
.
.
------- Doplňkový sken -------
.
IE: Stáhnout Free Download Managerem - file://c:\program files\Free Download Manager\dllink.htm
IE: Stáhnout video Free Download Managerem - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané Free Download Managerem - file://c:\program files\Free Download Manager\dlselected.htm
IE: Stáhnout vše Free Download Managerem - file://c:\program files\Free Download Manager\dlall.htm
TCP: DhcpNameServer = 213.46.172.36 192.168.0.1
FF - ProfilePath - c:\documents and settings\Varg\Data aplikací\Mozilla\Firefox\Profiles\hfx0r1z8.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - ExtSQL: 2013-01-20 18:59; {ea614400-e918-4741-9a97-7a972ff7c30b}; c:\documents and settings\Varg\Data aplikacĂÂ\Mozilla\Firefox\Profiles\hfx0r1z8.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF - ExtSQL: 2013-01-20 19:09; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-01-20 19:20; 7fb9a47c-8237-47dd-a247-bf2cb7f07e2a@jetpack; c:\documents and settings\Varg\Data aplikacĂÂ\Mozilla\Firefox\Profiles\hfx0r1z8.default\extensions\7fb9a47c-8237-47dd-a247-bf2cb7f07e2a@jetpack.xpi
FF - ExtSQL: 2013-01-21 17:51; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - ExtSQL: 2013-01-21 20:50; fdm_ffext@freedownloadmanager.org; c:\program files\Free Download Manager\Firefox\Extension
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-03-17 18:27
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(928)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(2576)
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\windows\system32\wdfmgr.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\windows\system32\wscntfy.exe
c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe
c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\program files\AVAST Software\Avast\setup\avast.setup
.
**************************************************************************
.
Celkový čas: 2013-03-17 18:30:22 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-03-17 17:30
ComboFix2.txt 2013-03-17 09:55
.
Před spuštěním: Volných bajtů: 84 312 920 064
Po spuštění: Volných bajtů: 84 195 061 760
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 66470BE557FEB7B5F2AD2E0180585F70
Po restartu mi nenaběhl comp a musel jsem restartovat ještě jednou.
Tady log:
ComboFix 13-03-17.01 - Varg 17.03.2013 18:15:27.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2558.2086 [GMT 1:00]
Spuštěný z: c:\documents and settings\Varg\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Varg\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Google\Update
c:\program files\Google\Update\1.3.21.135\GoogleCrashHandler.exe
c:\program files\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
c:\program files\Google\Update\1.3.21.135\GoogleUpdate.exe
c:\program files\Google\Update\1.3.21.135\GoogleUpdateBroker.exe
c:\program files\Google\Update\1.3.21.135\GoogleUpdateHelper.msi
c:\program files\Google\Update\1.3.21.135\GoogleUpdateOnDemand.exe
c:\program files\Google\Update\1.3.21.135\GoogleUpdateSetup.exe
c:\program files\Google\Update\1.3.21.135\goopdate.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_am.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_ar.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_bg.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_bn.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_ca.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_cs.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_da.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_de.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_el.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_en-GB.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_en.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_es-419.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_es.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_et.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_fa.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_fi.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_fil.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_fr.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_gu.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_hi.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_hr.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_hu.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_id.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_is.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_it.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_iw.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_ja.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_kn.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_ko.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_lt.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_lv.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_ml.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_mr.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_ms.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_nl.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_no.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_pl.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_pt-BR.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_pt-PT.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_ro.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_ru.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_sk.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_sl.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_sr.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_sv.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_sw.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_ta.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_te.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_th.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_tr.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_uk.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_ur.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_vi.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_zh-CN.dll
c:\program files\Google\Update\1.3.21.135\goopdateres_zh-TW.dll
c:\program files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
c:\program files\Google\Update\1.3.21.135\psmachine.dll
c:\program files\Google\Update\1.3.21.135\psuser.dll
c:\program files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.135\GoogleUpdateSetup.exe
c:\program files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\25.0.1364.172\25.0.1364.172_25.0.1364.152_chrome_updater.exe
c:\program files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\25.0.1364.172\25.0.1364.172_chrome_installer.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_gupdate
-------\Legacy_gupdatem
-------\Legacy_gupdate
-------\Legacy_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-02-17 do 2013-03-17 )))))))))))))))))))))))))))))))
.
.
2013-03-16 17:07 . 2013-03-16 17:07 -------- d-----w- c:\documents and settings\Varg\Data aplikací\Malwarebytes
2013-03-16 17:07 . 2013-03-16 17:07 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-03-16 17:07 . 2013-03-16 17:07 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-03-16 17:07 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-03 11:21 . 2013-03-06 23:33 164736 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-03 11:21 . 2013-03-06 23:33 49248 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-03 11:21 . 2013-03-06 23:33 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-02-15 22:04 . 2013-02-15 22:04 208448 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-13 11:56 . 2013-01-20 18:43 693976 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-03-13 11:56 . 2013-01-20 18:43 73432 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-03-06 23:33 . 2013-01-20 18:08 368176 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-03-06 23:33 . 2013-01-20 18:07 62376 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-03-06 23:33 . 2013-01-20 18:07 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-03-06 23:33 . 2013-01-20 18:07 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-06 23:33 . 2013-01-20 18:08 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-03-06 23:32 . 2013-01-20 18:07 41664 ----a-w- c:\windows\avastSS.scr
2013-03-06 23:32 . 2013-01-20 18:07 228600 ----a-w- c:\windows\system32\aswBoot.exe
2013-02-05 20:15 . 2004-08-17 22:49 916480 ----a-w- c:\windows\system32\wininet.dll
2013-02-05 20:15 . 2004-08-17 22:49 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-02-05 20:15 . 2004-08-17 22:49 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-02-05 05:53 . 2004-08-17 22:44 385024 ----a-w- c:\windows\system32\html.iec
2013-02-02 14:53 . 2013-02-02 14:53 249856 ------w- c:\windows\Setup1.exe
2013-02-02 14:53 . 2013-02-02 14:53 73216 ----a-w- c:\windows\ST6UNST.EXE
2013-01-26 03:55 . 2004-08-17 22:49 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-20 18:01 . 2013-01-20 18:01 79 ----a-w- c:\windows\system32\ssinstall-uninstall.bat
2013-01-20 18:01 . 2013-01-20 18:01 2317848 ----a-w- c:\windows\system32\ssins.exe
2013-01-20 17:36 . 2013-01-20 17:36 61555 ----a-w- c:\windows\system32\jpicpl32.cpl
2013-01-07 07:26 . 2004-08-18 09:00 2071936 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-07 07:26 . 2004-08-17 22:45 2195200 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-04 10:10 . 2004-08-17 22:44 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-01-02 06:49 . 2004-08-17 22:49 148992 ----a-w- c:\windows\system32\mpg2splt.ax
2013-01-02 06:49 . 2004-08-17 22:49 1294848 ----a-w- c:\windows\system32\quartz.dll
2013-03-08 06:38 . 2013-03-08 06:38 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-06-27 152872]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SetRefresh"="c:\program files\Compaq\SetRefresh\SetRefresh.exe" [2003-11-20 525824]
"seznam-listicka-distribuce"="c:\program files\Seznam.cz\distribution\szninstall.exe" [2012-09-13 1009288]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-10 61440]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Games\\World_of_Tanks\\WoTLauncher.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Games\\World_of_Tanks\\WorldOfTanks.exe"=
"c:\\Program Files\\Tunngle\\TnglCtrl.exe"=
"c:\\Program Files\\Tunngle\\Tunngle.exe"=
"c:\\Documents and Settings\\Varg\\Data aplikací\\GameRanger\\GameRanger\\GameRanger.exe"=
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [3.3.2013 12:21 49248]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [3.3.2013 12:21 164736]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [20.1.2013 19:07 765736]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [20.1.2013 19:08 368176]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [20.1.2013 19:08 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [3.3.2013 12:21 66336]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [16.3.2013 18:07 21104]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\drivers\tap0901t.sys [2.2.2013 15:49 27136]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [16.3.2013 18:07 682344]
S3 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [2.2.2013 15:49 745368]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-14 19:30 1629648 ----a-w- c:\program files\Google\Chrome\Application\25.0.1364.172\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-03-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-20 11:57]
.
2013-03-17 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-01-20 23:32]
.
.
------- Doplňkový sken -------
.
IE: Stáhnout Free Download Managerem - file://c:\program files\Free Download Manager\dllink.htm
IE: Stáhnout video Free Download Managerem - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané Free Download Managerem - file://c:\program files\Free Download Manager\dlselected.htm
IE: Stáhnout vše Free Download Managerem - file://c:\program files\Free Download Manager\dlall.htm
TCP: DhcpNameServer = 213.46.172.36 192.168.0.1
FF - ProfilePath - c:\documents and settings\Varg\Data aplikací\Mozilla\Firefox\Profiles\hfx0r1z8.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - ExtSQL: 2013-01-20 18:59; {ea614400-e918-4741-9a97-7a972ff7c30b}; c:\documents and settings\Varg\Data aplikacĂÂ\Mozilla\Firefox\Profiles\hfx0r1z8.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF - ExtSQL: 2013-01-20 19:09; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-01-20 19:20; 7fb9a47c-8237-47dd-a247-bf2cb7f07e2a@jetpack; c:\documents and settings\Varg\Data aplikacĂÂ\Mozilla\Firefox\Profiles\hfx0r1z8.default\extensions\7fb9a47c-8237-47dd-a247-bf2cb7f07e2a@jetpack.xpi
FF - ExtSQL: 2013-01-21 17:51; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - ExtSQL: 2013-01-21 20:50; fdm_ffext@freedownloadmanager.org; c:\program files\Free Download Manager\Firefox\Extension
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-03-17 18:27
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(928)
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(2576)
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\windows\system32\wdfmgr.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\windows\system32\wscntfy.exe
c:\program files\Common Files\Ahead\Lib\NMIndexingService.exe
c:\program files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\program files\AVAST Software\Avast\setup\avast.setup
.
**************************************************************************
.
Celkový čas: 2013-03-17 18:30:22 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-03-17 17:30
ComboFix2.txt 2013-03-17 09:55
.
Před spuštěním: Volných bajtů: 84 312 920 064
Po spuštění: Volných bajtů: 84 195 061 760
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 66470BE557FEB7B5F2AD2E0180585F70
- jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: prosím kontrolu logu
ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Stáhni si RogueKiller
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- Až se objeví úvodní okno programu , klikni na „Prohledat“.
- Program skenuje PC. Po proskenování klikni na „Zpráva“, celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Start-Spustit a zadej ComboFix /Uninstall
Vyčisti systém CCleanerem
Stáhni si OTC
na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Stáhni si RogueKiller
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- Až se objeví úvodní okno programu , klikni na „Prohledat“.
- Program skenuje PC. Po proskenování klikni na „Zpráva“, celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: prosím kontrolu logu
hotovo zde oba logy:
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-03-17 20:17:39
-----------------------------
20:17:39.000 OS Version: Windows 5.1.2600 Service Pack 3
20:17:39.000 Number of processors: 1 586 0x2F02
20:17:39.000 ComputerName: HP12660283261 UserName: Varg
20:17:39.953 Initialize success
20:17:40.078 AVAST engine defs: 13031700
20:17:53.640 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
20:17:53.656 Disk 0 Vendor: SAMSUNG_HD160JJ WU100-33 Size: 152627MB BusType: 3
20:17:53.671 Disk 0 MBR read successfully
20:17:53.671 Disk 0 MBR scan
20:17:53.671 Disk 0 Windows XP default MBR code
20:17:53.671 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 152617 MB offset 63
20:17:53.671 Disk 0 scanning sectors +312560640
20:17:53.734 Disk 0 scanning C:\WINDOWS\system32\drivers
20:18:07.078 Service scanning
20:18:20.156 Modules scanning
20:18:25.703 Disk 0 trace - called modules:
20:18:25.718 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll sfsync02.sys atapi.sys pciide.sys PCIIDEX.SYS
20:18:25.718 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a120ab8]
20:18:26.234 3 CLASSPNP.SYS[ba0f8fd7] -> nt!IofCallDriver -> \Device\00000061[0x8a17df18]
20:18:26.234 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a121d98]
20:18:26.234 \Driver\atapi[0x8a11c518] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> sfsync02.sys[0xba0c98b4]
20:18:26.750 AVAST engine scan C:\WINDOWS
20:18:30.687 AVAST engine scan C:\WINDOWS\system32
20:20:41.828 AVAST engine scan C:\WINDOWS\system32\drivers
20:20:55.203 AVAST engine scan C:\Documents and Settings\Varg
20:22:36.343 AVAST engine scan C:\Documents and Settings\All Users
20:22:50.437 Scan finished successfully
20:23:37.875 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Varg\Plocha\MBR.dat"
20:23:37.875 The log file has been saved successfully to "C:\Documents and Settings\Varg\Plocha\aswMBR.txt"
RogueKiller V8.5.3 [Mar 16 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Varg [Práva správce]
Mód : Kontrola -- Datum : 03/17/2013 20:26:01
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[HJPOL] HKCU\[...]\System : disableregistrytools (0) -> NALEZENO
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ] HKLM\[...]\SystemRestore : DisableSR (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
IRP[IRP_MJ_INTERNAL_DEVICE_CONTROL] : atapi.sys -> HOOKED ([MAJOR] sfsync02.sys @ 0xBA0C98B4)
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HD160JJ +++++
--- User ---
[MBR] ff2df7c4811219a136ff85c772d3da74
[BSP] d2fa7877399c075f3d6ffc3d616eddb8 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 152617 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: TrekStor DS pocket g.u USB Device +++++
--- User ---
[MBR] 30536e538d9d406ca4cf34090bcda4a9
[BSP] 77d6fcf511060ce9a597b73d7533e3cb : Empty MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 381551 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
Dokončeno : << RKreport[1]_S_03172013_02d2026.txt >>
RKreport[1]_S_03172013_02d2026.txt
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-03-17 20:17:39
-----------------------------
20:17:39.000 OS Version: Windows 5.1.2600 Service Pack 3
20:17:39.000 Number of processors: 1 586 0x2F02
20:17:39.000 ComputerName: HP12660283261 UserName: Varg
20:17:39.953 Initialize success
20:17:40.078 AVAST engine defs: 13031700
20:17:53.640 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
20:17:53.656 Disk 0 Vendor: SAMSUNG_HD160JJ WU100-33 Size: 152627MB BusType: 3
20:17:53.671 Disk 0 MBR read successfully
20:17:53.671 Disk 0 MBR scan
20:17:53.671 Disk 0 Windows XP default MBR code
20:17:53.671 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 152617 MB offset 63
20:17:53.671 Disk 0 scanning sectors +312560640
20:17:53.734 Disk 0 scanning C:\WINDOWS\system32\drivers
20:18:07.078 Service scanning
20:18:20.156 Modules scanning
20:18:25.703 Disk 0 trace - called modules:
20:18:25.718 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll sfsync02.sys atapi.sys pciide.sys PCIIDEX.SYS
20:18:25.718 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a120ab8]
20:18:26.234 3 CLASSPNP.SYS[ba0f8fd7] -> nt!IofCallDriver -> \Device\00000061[0x8a17df18]
20:18:26.234 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a121d98]
20:18:26.234 \Driver\atapi[0x8a11c518] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> sfsync02.sys[0xba0c98b4]
20:18:26.750 AVAST engine scan C:\WINDOWS
20:18:30.687 AVAST engine scan C:\WINDOWS\system32
20:20:41.828 AVAST engine scan C:\WINDOWS\system32\drivers
20:20:55.203 AVAST engine scan C:\Documents and Settings\Varg
20:22:36.343 AVAST engine scan C:\Documents and Settings\All Users
20:22:50.437 Scan finished successfully
20:23:37.875 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Varg\Plocha\MBR.dat"
20:23:37.875 The log file has been saved successfully to "C:\Documents and Settings\Varg\Plocha\aswMBR.txt"
RogueKiller V8.5.3 [Mar 16 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/
Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Varg [Práva správce]
Mód : Kontrola -- Datum : 03/17/2013 20:26:01
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[HJPOL] HKCU\[...]\System : disableregistrytools (0) -> NALEZENO
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ] HKLM\[...]\SystemRestore : DisableSR (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
IRP[IRP_MJ_INTERNAL_DEVICE_CONTROL] : atapi.sys -> HOOKED ([MAJOR] sfsync02.sys @ 0xBA0C98B4)
¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HD160JJ +++++
--- User ---
[MBR] ff2df7c4811219a136ff85c772d3da74
[BSP] d2fa7877399c075f3d6ffc3d616eddb8 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 152617 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: TrekStor DS pocket g.u USB Device +++++
--- User ---
[MBR] 30536e538d9d406ca4cf34090bcda4a9
[BSP] 77d6fcf511060ce9a597b73d7533e3cb : Empty MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 381551 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
Dokončeno : << RKreport[1]_S_03172013_02d2026.txt >>
RKreport[1]_S_03172013_02d2026.txt
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 123 hostů