Prosím o kontrolu logu - nalezen Somoto-J Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Zamčeno
Uživatelský avatar
Sandra74
Level 2
Level 2
Příspěvky: 197
Registrován: duben 11
Bydliště: Brno
Pohlaví: Žena
Stav:
Offline

Re: Prosím o kontrolu logu - nalezen Somoto-J

Příspěvekod Sandra74 » 01 lis 2013 18:17

18:04:02.0343 0x0c14 TDSS rootkit removing tool 3.0.0.16 Nov 1 2013 15:53:38
18:04:06.0562 0x0c14 ============================================================
18:04:06.0562 0x0c14 Current date / time: 2013/11/01 18:04:06.0562
18:04:06.0562 0x0c14 SystemInfo:
18:04:06.0562 0x0c14
18:04:06.0562 0x0c14 OS Version: 5.1.2600 ServicePack: 3.0
18:04:06.0562 0x0c14 Product type: Workstation
18:04:06.0562 0x0c14 ComputerName: SANDRA
18:04:06.0562 0x0c14 UserName: SandraD
18:04:06.0562 0x0c14 Windows directory: C:\WINDOWS
18:04:06.0562 0x0c14 System windows directory: C:\WINDOWS
18:04:06.0562 0x0c14 Processor architecture: Intel x86
18:04:06.0562 0x0c14 Number of processors: 2
18:04:06.0562 0x0c14 Page size: 0x1000
18:04:06.0562 0x0c14 Boot type: Normal boot
18:04:06.0562 0x0c14 ============================================================
18:04:06.0984 0x0c14 System UUID: {60020FDB-594A-041D-D98A-CCE09B4975EF}
18:04:07.0343 0x0c14 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:04:07.0343 0x0c14 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:04:07.0343 0x0c14 ============================================================
18:04:07.0343 0x0c14 \Device\Harddisk0\DR0:
18:04:07.0343 0x0c14 MBR partitions:
18:04:07.0343 0x0c14 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
18:04:07.0343 0x0c14 \Device\Harddisk1\DR1:
18:04:07.0343 0x0c14 MBR partitions:
18:04:07.0343 0x0c14 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
18:04:07.0343 0x0c14 ============================================================
18:04:07.0421 0x0c14 C: <-> \Device\Harddisk0\DR0\Partition1
18:04:07.0500 0x0c14 D: <-> \Device\Harddisk1\DR1\Partition1
18:04:07.0500 0x0c14 ============================================================
18:04:07.0500 0x0c14 Initialize success
18:04:07.0500 0x0c14 ============================================================
18:04:12.0593 0x090c ============================================================
18:04:12.0593 0x090c Scan started
18:04:12.0593 0x090c Mode: Manual;
18:04:12.0593 0x090c ============================================================
18:04:12.0593 0x090c KSN ping started
18:04:15.0140 0x090c KSN ping finished: true
18:04:15.0359 0x090c ================ Scan system memory ========================
18:04:15.0375 0x090c System memory - ok
18:04:15.0375 0x090c ================ Scan services =============================
18:04:15.0484 0x090c Abiosdsk - ok
18:04:15.0484 0x090c abp480n5 - ok
18:04:15.0531 0x090c [ 4FE34F1F3126B61FCC6B2043AA8112C9, DE370865E47A5D2A4B227EEFFB42384F67F08D622BF936A9C9CEF70CC47F324B ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:04:15.0546 0x090c ACPI - ok
18:04:15.0625 0x090c [ AFDFF022A01F0B11C776F0860C3B282F, 135E5257B62D921B76271014301E9EA1E2383D5DBB04E475DC3A7EFFD2561F56 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
18:04:15.0625 0x090c ACPIEC - ok
18:04:15.0656 0x090c [ EE97365199D656DDF3197FFDB091EADF, DED359A89102DB07277A6D54CDB18CC53EE710A2C073A92F11DF6AB8A6136997 ] ADIDTSFiltService C:\WINDOWS\system32\drivers\adidts.sys
18:04:15.0671 0x090c ADIDTSFiltService - ok
18:04:15.0671 0x090c [ 0158F4027C0808FF65ED3B3D683339C9, 382FBE4E74FA3ABBCF60B6E1E293BC0324F9689AA7C485D9926C07FEA9FCF597 ] ADIHdAudAddService C:\WINDOWS\system32\drivers\ADIHdAud.sys
18:04:15.0687 0x090c ADIHdAudAddService - ok
18:04:15.0765 0x090c [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:04:15.0765 0x090c AdobeFlashPlayerUpdateSvc - ok
18:04:15.0765 0x090c adpu160m - ok
18:04:15.0796 0x090c [ 358063AB6C1C4173B735525CDFA65F94, E2C7E27F8E0B4C6A662313FEEE61AF02D9166F4DC40E709DBB6C73EB489A5CC5 ] AEAudio C:\WINDOWS\system32\drivers\AEAudio.sys
18:04:15.0796 0x090c AEAudio - ok
18:04:15.0828 0x090c [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
18:04:15.0828 0x090c aec - ok
18:04:15.0843 0x090c [ 322D0E36693D6E24A2398BEE62A268CD, FB0BFF5846E50DBCC2826639318A6A1DE79EE7DEA2719ED74A5F6F44454E13D0 ] AFD C:\WINDOWS\System32\drivers\afd.sys
18:04:15.0843 0x090c AFD - ok
18:04:15.0843 0x090c Aha154x - ok
18:04:15.0843 0x090c aic78u2 - ok
18:04:15.0859 0x090c aic78xx - ok
18:04:15.0890 0x090c [ E0A6FA244B8624D78FE5FF6F56A33BAE, 26B828FDB03AE4A4F1DC7A1792F9BAD69CF947897D47F5E567F24F4B6D5CB541 ] Alerter C:\WINDOWS\system32\alrsvc.dll
18:04:15.0890 0x090c Alerter - ok
18:04:15.0921 0x090c [ 88842DE939A827577BF24243699AC80A, A49C9A6A9941F3A2FBBCFE1F6DB48B632739D00670AC98ECCCBC7FD9E786B21A ] ALG C:\WINDOWS\System32\alg.exe
18:04:15.0921 0x090c ALG - ok
18:04:15.0921 0x090c AliIde - ok
18:04:15.0968 0x090c [ F6F5E047369784E607F3A636AC576148, AED29CA3344A034B7C167ACA1461F81D96C926F6502350AED961398BCA3EED3F ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
18:04:15.0968 0x090c AmdK8 - ok
18:04:15.0968 0x090c amsint - ok
18:04:16.0000 0x090c [ 6B8E7A90E576D4FE308F97C69060A171, 6CE49BC78715737D78E05DECAC23E26A5672ACD2CF3D10154FEA9D47B318D47C ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
18:04:16.0000 0x090c AppMgmt - ok
18:04:16.0015 0x090c [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
18:04:16.0015 0x090c Arp1394 - ok
18:04:16.0031 0x090c asc - ok
18:04:16.0031 0x090c asc3350p - ok
18:04:16.0031 0x090c asc3550 - ok
18:04:16.0093 0x090c [ D33C507942299753868204CC7642FA27, 4E7096D6F4B1176C4823540427219988AC9180E70954D3BF32A6C15ED1332670 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
18:04:16.0093 0x090c aspnet_state - ok
18:04:16.0093 0x090c [ D320732BCF5FF856120BD06855C66867, E7334647B4BA712C519B29733055C7F8D9CEBB0034856C717CF32EBFE1AF329C ] asusgsb C:\WINDOWS\system32\drivers\asusgsb32.sys
18:04:16.0093 0x090c asusgsb - ok
18:04:16.0125 0x090c [ B3B881EB81013AAC11594A5400ADA47A, 8E7A6B42B4D818710BD06B9A0C923788C3BEAE4D2E585A3C0C1BA0F62B73070C ] asuskbnt C:\WINDOWS\system32\drivers\atkkbnt.sys
18:04:16.0125 0x090c asuskbnt - ok
18:04:16.0140 0x090c [ D5730129EA9ADF7AE710DA0B14F9DE19, 79DECECA6DF86D85280C41242924753302B181584E3C4E60EF0F0E8EE2672E64 ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
18:04:16.0140 0x090c aswFsBlk - ok
18:04:16.0156 0x090c [ 6F23333C8358D267718F9ECB21CBB6F4, 647A743E9E95763B45BF2A83A30C5FD08CB085DC805B096724ACE29037AF29A1 ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
18:04:16.0156 0x090c aswMonFlt - ok
18:04:16.0171 0x090c [ 29CB7009F11470A24B1D49849A6118A5, 67CAF72D6DB5E10889AFDD90D004B15A3FCFF47432167C209A6DB5233206A626 ] AswRdr C:\WINDOWS\system32\drivers\aswRdr.sys
18:04:16.0171 0x090c AswRdr - ok
18:04:16.0171 0x090c [ F385467DF95D0A73775CB3B076B8B969, D427A5F4FB4D1DAB04AFC29E7EC510844F907ABBA053538995E65747BAD37422 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
18:04:16.0171 0x090c aswRvrt - ok
18:04:16.0203 0x090c [ 50C85412AD31F5C0F687F00C2E34C673, D8EBD884AD717DFC78948177A1DED1D6FD8E3E88B20847751078B553F6C5D54A ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
18:04:16.0218 0x090c aswSnx - ok
18:04:16.0234 0x090c [ DDEBA353975F0827143484D5A9310935, 639FFE049A95679FB7B58D971A11DD73A37233DE0F7A017388E4B7A47E0D21BD ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
18:04:16.0234 0x090c aswSP - ok
18:04:16.0250 0x090c [ 8BCD47E79EAA40C387D7B9DCEC41DE2D, FDED5A91287037DA21C5456BD67C5898FB6F063B28DD97B1E47D4AB0D9365BAD ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
18:04:16.0250 0x090c aswTdi - ok
18:04:16.0250 0x090c [ BADA8FD627F1D0E22308211C33F0BDB5, F88751280969B8963DCFC684C99C7CCF396B50FD0AC0F869628A009557438609 ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
18:04:16.0250 0x090c aswVmm - ok
18:04:16.0281 0x090c [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:04:16.0281 0x090c AsyncMac - ok
18:04:16.0281 0x090c [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
18:04:16.0281 0x090c atapi - ok
18:04:16.0296 0x090c Atdisk - ok
18:04:16.0312 0x090c [ F6A30CF0E7280415DDEA40B0262339C6, 5874234A82B0C7E2AAE3D960B38A938ED58AF53D8808BB1D588D8F2ACCB55B2D ] ATKKeyboardService C:\WINDOWS\ATKKBService.exe
18:04:16.0328 0x090c ATKKeyboardService - ok
18:04:16.0343 0x090c [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:04:16.0359 0x090c Atmarpc - ok
18:04:16.0375 0x090c [ DE31B88962A8645DBA5A37B993E7B0F1, CA93F25A3FD0CE68BB9B8E3AB6B813BF38DE3EDDFC990291B3957FAA59B2B274 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
18:04:16.0375 0x090c AudioSrv - ok
18:04:16.0406 0x090c [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
18:04:16.0406 0x090c audstub - ok
18:04:16.0500 0x090c [ EA2D28BBE98256654397CD1F6EAEBDD8, 97BBE5A2C9F2AE4675E6652AD79B1FCAEA76064FB37DBF238947ACA81D3017DF ] Autodesk Licensing Service C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
18:04:16.0500 0x090c Autodesk Licensing Service - ok
18:04:16.0546 0x090c [ 4BE7EC02133544CDE7A580875E130208, DF665024664252BB6005B80B99C091905F9B5873D58CE9FED2E66F578E372D13 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:04:16.0546 0x090c avast! Antivirus - ok
18:04:16.0562 0x090c [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
18:04:16.0562 0x090c Beep - ok
18:04:16.0578 0x090c [ 19395D092FD85DDC2D9C7729CF5A2AC8, 7640F36BA19698EE8A6257BF78A8C57DD9D734BED9CA6BB9B68603BAEA092412 ] BITS C:\WINDOWS\system32\qmgr.dll
18:04:16.0593 0x090c BITS - ok
18:04:16.0640 0x090c [ 249276D3EF1E74B992299CB96099E4D7, A7E23EC13CB96C0CFD12D2D75E7115361B1F9890DB815D90F7B0A878EF7738F5 ] Browser C:\WINDOWS\System32\browser.dll
18:04:16.0640 0x090c Browser - ok
18:04:16.0656 0x090c [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
18:04:16.0656 0x090c cbidf2k - ok
18:04:16.0671 0x090c [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
18:04:16.0671 0x090c CCDECODE - ok
18:04:16.0671 0x090c cd20xrnt - ok
18:04:16.0703 0x090c [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
18:04:16.0703 0x090c Cdaudio - ok
18:04:16.0703 0x090c [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
18:04:16.0703 0x090c Cdfs - ok
18:04:16.0734 0x090c [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:04:16.0734 0x090c Cdrom - ok
18:04:16.0734 0x090c Changer - ok
18:04:16.0750 0x090c [ E390DC1D7C461D7D56EC53402F329928, FB37F84E71353CD83FCDDD39C898C6D84C05130C5F1BEF022E3DFDE160398C0E ] CiSvc C:\WINDOWS\system32\cisvc.exe
18:04:16.0750 0x090c CiSvc - ok
18:04:16.0765 0x090c [ 064507A8DFA8C5C7E2FFDDD3E6F424FA, 1725067BC759484A7185A4F1A44ED3CBE481529D187FE98EF279425B79177EB1 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
18:04:16.0765 0x090c ClipSrv - ok
18:04:16.0796 0x090c [ 3C4D595E7F9B747325AEF28B4ADCAAE5, 4A283F3E2E659DA996EC16BC8181E9F521BDFDFCF246D0E432D65D2672AC9629 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:04:16.0796 0x090c clr_optimization_v2.0.50727_32 - ok
18:04:16.0953 0x090c [ AF52596644321084B2DAAA3A95D0F6D1, 263782B212A60CAD645E6DD8165ABB147F348A988FBFA5F652FC78D69BF874EA ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
18:04:17.0031 0x090c cmdAgent - ok
18:04:17.0046 0x090c [ 7E7C723B64DF1E264F3909D6263E0FF9, 98757FD5B098DF6F869BF542FE05AF6C181ACD3F72F01B52ED4F6EE5E1435201 ] cmderd C:\WINDOWS\system32\DRIVERS\cmderd.sys
18:04:17.0046 0x090c cmderd - ok
18:04:17.0078 0x090c [ DFC80F8A27085CAAFBE62021F9B047A0, E61B4CAE65109B1B9D26F47D9F59F450666D956B8B752F3D7AA91A9DEA31DAF3 ] cmdGuard C:\WINDOWS\system32\DRIVERS\cmdguard.sys
18:04:17.0078 0x090c cmdGuard - ok
18:04:17.0093 0x090c [ CA93B11EDA062B5D4BAB6A97FE9FECCD, A62FC4EAFE3951A3F434F03A050B59587D9D1046D477847B8FEAE8C23C9B3037 ] cmdHlp C:\WINDOWS\system32\DRIVERS\cmdhlp.sys
18:04:17.0093 0x090c cmdHlp - ok
18:04:17.0093 0x090c CmdIde - ok
18:04:17.0125 0x090c [ E6E4CDA093D59D576178BF2BB272C124, 8DEB2739467D904C886483C6B5E3401D697DDCA4895023D5FB7C1E177BE3A760 ] cmdvirth C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
18:04:17.0125 0x090c cmdvirth - ok
18:04:17.0125 0x090c COMSysApp - ok
18:04:17.0140 0x090c Cpqarray - ok
18:04:17.0156 0x090c [ F3AB0933CBD166D271992F411C27CCAF, 50E01F3B058F814BE914FA5050B2D972E8584A467719A5ABCF9D9EBD596A54A7 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
18:04:17.0156 0x090c CryptSvc - ok
18:04:17.0171 0x090c dac2w2k - ok
18:04:17.0171 0x090c dac960nt - ok
18:04:17.0218 0x090c [ C868F3AE15CF71A93F2AA3A32856D839, 7F08E40AE8F4F15F110550775183EDA690DBADAC95CF859C98A99B3DF308C8F5 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
18:04:17.0234 0x090c DcomLaunch - ok
18:04:17.0250 0x090c [ 8C9A53E285AC5E6704844D0459EC85BE, 9E86AF4C06CEC007C9B1590B6E056319603E4D79BED0C2471C6F1BC251B380CF ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
18:04:17.0265 0x090c Dhcp - ok
18:04:17.0265 0x090c [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
18:04:17.0265 0x090c Disk - ok
18:04:17.0265 0x090c dmadmin - ok
18:04:17.0312 0x090c [ DB5FD2BF5B07DC54BFCB3664FF05BD7C, 46074FBBC5E4A40A7B3A45636089DEDD2A619778C7DCD797571C2BB64D775F7E ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
18:04:17.0328 0x090c dmboot - ok
18:04:17.0328 0x090c [ FFF1720AF51171F32F1EAD5CF71F2810, 2E40D63DC7670C1E88A532DB8923A98ABC8481C351C4D915C2753E10BA77F36D ] dmio C:\WINDOWS\system32\drivers\dmio.sys
18:04:17.0343 0x090c dmio - ok
18:04:17.0359 0x090c [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
18:04:17.0359 0x090c dmload - ok
18:04:17.0375 0x090c [ 2BFEFE9E865655A76982F050450B9591, 15C7D093D638770519AA43E7D8897310F32AB1F217027F5750D799494A985C35 ] dmserver C:\WINDOWS\System32\dmserver.dll
18:04:17.0375 0x090c dmserver - ok
18:04:17.0390 0x090c [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
18:04:17.0390 0x090c DMusic - ok
18:04:17.0406 0x090c [ 0634B791684B84F4A331F3D3536FEEF8, 562080C56BB92AB41657D43A4D7FA722F6134CF78CA69B58A1D64816234E768D ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
18:04:17.0406 0x090c Dnscache - ok
18:04:17.0437 0x090c [ 4A3E2BD20157A0946751229E92EB8621, D8C00CC2C18C517F7262EBC3C511C062E5ABA797056AEB22AC5DEB306BA8C526 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
18:04:17.0437 0x090c Dot3svc - ok
18:04:17.0453 0x090c dpti2o - ok
18:04:17.0578 0x090c [ B0C6BA4F50A6B4F2A8334F07BCB80B52, 0A31D3AEB5A08C31DB8B308074D8A2E31E6D284BF73A0B8D94EA440F3233D980 ] DragonUpdater C:\Program Files\Comodo\Dragon\dragon_updater.exe
18:04:17.0609 0x090c DragonUpdater - ok
18:04:17.0625 0x090c [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
18:04:17.0625 0x090c drmkaud - ok
18:04:17.0656 0x090c [ 0887D9C2BE8D940778CAD1E3B85F2A41, 2E30DC06D46A5E174B7CAA2D70BDB697015495942572E90425E2EE7AC541BCF4 ] EapHost C:\WINDOWS\System32\eapsvc.dll
18:04:17.0656 0x090c EapHost - ok
18:04:17.0687 0x090c [ 0DAF3544804650526751C478AECCCE63, C06F56A936B8A9E1392484B6AED05685459AC99182133E6BDA20EC9360E9E0FE ] EIO C:\WINDOWS\system32\drivers\EIO.sys
18:04:17.0687 0x090c EIO - ok
18:04:17.0687 0x090c [ A2A4912798F2BE706ABADD3D30800D16, CCCCA389D22525D984DE9B59E4CEBE0EEEF315F725176EB5C4DC1A5B6157234A ] ERSvc C:\WINDOWS\System32\ersvc.dll
18:04:17.0687 0x090c ERSvc - ok
18:04:17.0703 0x090c [ F0D2AE69035092BF22DAD6B50FAB85C2, 982ED53375D9B5F6D3CE290A93987BE98407C746C24FEC7833F9D4D4AF443AD7 ] Eventlog C:\WINDOWS\system32\services.exe
18:04:17.0703 0x090c Eventlog - ok
18:04:17.0718 0x090c [ 260C69FD67687B0DC062FC3D31655857, A491071B09A726BC77FB134D59FF4FAB3EF1E09F785D86E49142B3A25A96C192 ] EventSystem C:\WINDOWS\System32\es.dll
18:04:17.0718 0x090c EventSystem - ok
18:04:17.0750 0x090c [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
18:04:17.0750 0x090c Fastfat - ok
18:04:17.0796 0x090c [ B927443008910B412BEC72FC41C1BAD0, B2008DC7EBCEDA0FCCBF4BE1F3BD7F5E27E35695320236D2C9E9C0111CC44774 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
18:04:17.0812 0x090c FastUserSwitchingCompatibility - ok
18:04:17.0812 0x090c [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
18:04:17.0812 0x090c Fdc - ok
18:04:17.0828 0x090c [ AC366695A0796560AA37215AD5762AAF, 6ADC7443EA42D77199D4879AF3C33A07914116C69A34B895D8CB8444EE50077F ] Fips C:\WINDOWS\system32\drivers\Fips.sys
18:04:17.0828 0x090c Fips - ok
18:04:17.0890 0x090c [ F76D04F7413B07DAA029F6520B64B4E8, 3EB13C0EFE737880853FB8952381E7A57723F9472E0E4ED7CDA8A0D7DE8DC90D ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
18:04:17.0921 0x090c FLEXnet Licensing Service - ok
18:04:17.0937 0x090c [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
18:04:17.0937 0x090c Flpydisk - ok
18:04:17.0937 0x090c [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
18:04:17.0953 0x090c FltMgr - ok
18:04:18.0031 0x090c [ FACECF3F75BAF3775A879D1168402270, CD22DD066F3A7A03963DAE73BF5E3F813362629B8832B20B7CC64DD03C1A732F ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:04:18.0031 0x090c FontCache3.0.0.0 - ok
18:04:18.0109 0x090c [ AF65875403A3BC39F299390387651C4F, 89A5F7785D391B7FB35FDE7929282CC73958DB9304546CCD5C240E8FC19095E6 ] ForceWare Intelligent Application Manager (IAM) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
18:04:18.0109 0x090c ForceWare Intelligent Application Manager (IAM) - ok
18:04:18.0109 0x090c [ B81F8778F5BB485F3B75114F0C99A49F, 6A004B8A78732914C850E91FCF5A526BEF3A2DE943A8349F7B52E92C0F410809 ] ForcewareWebInterface C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
18:04:18.0109 0x090c ForcewareWebInterface - ok
18:04:18.0140 0x090c [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:04:18.0140 0x090c Fs_Rec - ok
18:04:18.0140 0x090c [ 4E664D8541DB4A66B73A24257E322E1F, 17A2140AFE2B41E579FCCAFB82532853AD90A6EDBCB13DE80741DAE0AD5B4CC9 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:04:18.0156 0x090c Ftdisk - ok
18:04:18.0156 0x090c [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:04:18.0156 0x090c Gpc - ok
18:04:18.0234 0x090c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
18:04:18.0250 0x090c gupdate - ok
18:04:18.0250 0x090c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
18:04:18.0250 0x090c gupdatem - ok
18:04:18.0296 0x090c [ CBC3DEF409549672B915FB9403D63F74, EFF143F24539A7B480D67D89782124515D0965F0490828AF8A52A5981E9D64C5 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
18:04:18.0296 0x090c HDAudBus - ok
18:04:18.0359 0x090c [ FCFE31FB75F8A6295B6B0AF87A626282, 6BA385797DBC73EB29EFE3293B80C21B1B8A1E9B87A462476E73C526C9565E5F ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:04:18.0359 0x090c helpsvc - ok
18:04:18.0375 0x090c [ 00E25EE90166B3E1BE6E74AEBF858306, 92C2F020EF14DE3B4F09E2C5DFF3D2F35D8C50F6D0188F9CEEFE3B6075602EFE ] HidServ C:\WINDOWS\System32\hidserv.dll
18:04:18.0375 0x090c HidServ - ok
18:04:18.0375 0x090c [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:04:18.0375 0x090c hidusb - ok
18:04:18.0406 0x090c [ 7A6B320928F86BC851530D63C82965D9, 1F628759D31098DFBC05244735B5A62ACD8E45DBC5C9D236260D68EB8F1E28F5 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
18:04:18.0406 0x090c hkmsvc - ok
18:04:18.0406 0x090c hpn - ok
18:04:18.0437 0x090c [ F6AACF5BCE2893E0C1754AFEB672E5C9, 62A7A70515B5570A649DC30A3A122B1302F6839A63927C8B29EBE04ABA654892 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
18:04:18.0437 0x090c HTTP - ok
18:04:18.0468 0x090c [ 58FE2F2DA3BC5573F4A35B3760D3125F, B241ACCE426402EC64DC34C49CECB8CDC0851986D54BFCCED7040D6C43F5787A ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
18:04:18.0468 0x090c HTTPFilter - ok
18:04:18.0468 0x090c i2omgmt - ok
18:04:18.0484 0x090c i2omp - ok
18:04:18.0484 0x090c [ C528E27945367191E7BAE364930B6932, 1B95C7B49B4CAE734DC6C9EC22555C5356EEC856B8491C761C777479264CF854 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:04:18.0484 0x090c i8042prt - ok
18:04:18.0515 0x090c [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
18:04:18.0515 0x090c IDriverT - ok
18:04:18.0562 0x090c [ EA7267505149B3A10DF32506A4E4E412, B15EBB0135A3DBEDE3ABE4A75ED848D7827A5F9CD794625A25372E6BE25290B1 ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:04:18.0578 0x090c idsvc - ok
18:04:18.0593 0x090c [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
18:04:18.0593 0x090c Imapi - ok
18:04:18.0609 0x090c [ F7B93AAFAD33B2320954C17E26C8D361, 8CFDB11A68B59E195F280BE08B25FA59F1F70833832919B8BECCE17616999934 ] ImapiService C:\WINDOWS\System32\imapi.exe
18:04:18.0609 0x090c ImapiService - ok
18:04:18.0625 0x090c ini910u - ok
18:04:18.0640 0x090c [ 4E9612379CF48934356B2A843677FED2, 547C004D53BC5EAEE96CFD47FAFBA7C7A8E0A70199BF3BB566D8FF10E75E0628 ] Inspect C:\WINDOWS\system32\DRIVERS\inspect.sys
18:04:18.0656 0x090c Inspect - ok
18:04:18.0656 0x090c IntelIde - ok
18:04:18.0656 0x090c [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
18:04:18.0671 0x090c ip6fw - ok
18:04:18.0687 0x090c [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:04:18.0687 0x090c IpFilterDriver - ok
18:04:18.0703 0x090c [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:04:18.0796 0x090c IpInIp - ok
18:04:18.0796 0x090c [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:04:18.0812 0x090c IpNat - ok
18:04:18.0812 0x090c [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:04:18.0812 0x090c IPSec - ok
18:04:18.0812 0x090c [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
18:04:18.0812 0x090c IRENUM - ok
18:04:18.0828 0x090c [ CC9F8A2D60AED1A51A3AC34C59B987AE, CBF69817BE3D9A4617390B1A3306074CB8581F21562CD1357D32BC3E542F3CEE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:04:18.0828 0x090c isapnp - ok
18:04:18.0890 0x090c [ 80A79264302910C7C24BA7E44267EFEF, 6080C233478350C8E07515D20D2D60C3758C4A65432B04E8C8B816248621A3EF ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
18:04:18.0906 0x090c JavaQuickStarterService - ok
18:04:18.0906 0x090c [ 1B6162FE7F66B1A71A4B70F941C4AA9B, C2EA494BAB0513A6027414FB1E75834F980A77852D0DC8559E8942FC222A075A ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:04:18.0906 0x090c Kbdclass - ok
18:04:18.0906 0x090c [ 86C8F23616C6C6E5B2776901C17B945B, 211B63FC405A2DDB126D204D61E779D66C7211882CC0374521926C633E180B91 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
18:04:18.0906 0x090c kbdhid - ok
18:04:18.0953 0x090c [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
18:04:18.0953 0x090c kmixer - ok
18:04:18.0953 0x090c [ 1705745D900DABF2D89F90EBADDC7517, FE90589415BDB3BA482D3EBE1A87A7BF1429791E8F18BCB66BF8874631CC8B2C ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
18:04:18.0968 0x090c KSecDD - ok
18:04:18.0984 0x090c [ 21920AC69594AB021237054FA728FE46, 01D1E231B85BF3B1979491BE6338EEE4A184AED9B8B113CB9AEFCACFAA7B73E9 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
18:04:18.0984 0x090c lanmanserver - ok
18:04:19.0000 0x090c [ 5190783F51A2D7A8495202C664D7C963, A3ABAC9DB3AE7A200B16E569F0C38007FB8D4F19BEDFB67B2F4229121E242531 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
18:04:19.0015 0x090c lanmanworkstation - ok
18:04:19.0015 0x090c lbrtfdc - ok
18:04:19.0031 0x090c [ 0AB159F536E3E8F7F07113702A07CCA5, 3218C553183E6697C663B6D12790E09756B50505590858DD5AC62411D37CDD7C ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
18:04:19.0031 0x090c LmHosts - ok
18:04:19.0046 0x090c [ 221CD1C815B8A6B79389C3F5D1018DE8, 6D0D25D6669C4F9452F74EC72C6138A41D9408E01AF5FD01C08F27BE7BC9C905 ] Messenger C:\WINDOWS\System32\msgsvc.dll
18:04:19.0062 0x090c Messenger - ok
18:04:19.0078 0x090c [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
18:04:19.0078 0x090c mnmdd - ok
18:04:19.0093 0x090c [ 9A57D046F88F4B69751B11FD40088A61, 62F65433024CE411F111A88723747B8A83B31076FBAF4CFF40FD02A53D7FF7DF ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
18:04:19.0093 0x090c mnmsrvc - ok
18:04:19.0109 0x090c [ 44032B0C6D9954D3FD26438330B99EE7, A49749A4C00D50F57170AA5DA9E2DEECC8C524A48B144C8B784894F2C202FBEE ] Modem C:\WINDOWS\system32\drivers\Modem.sys
18:04:19.0109 0x090c Modem - ok
18:04:19.0109 0x090c [ 4CB582831DBDE63CE43B45D771218374, 6D470B26197C5B388983D9213D48D2CDE934C9591572876DC7790FE4B59E0845 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:04:19.0109 0x090c Mouclass - ok
18:04:19.0125 0x090c [ BB269EBA740737AB749B214D568B6812, ABF41D9B521EBBE674E76981CAD31F8FD05976DE7070266C3956FDB67C83C4C2 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:04:19.0125 0x090c mouhid - ok
18:04:19.0125 0x090c [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
18:04:19.0125 0x090c MountMgr - ok
18:04:19.0125 0x090c mraid35x - ok
18:04:19.0140 0x090c [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:04:19.0140 0x090c MRxDAV - ok
18:04:19.0156 0x090c [ 68755F0FF16070178B54674FE5B847B0, 2FFBCE3A67FA7E30E373624521C602E5510C5565F04381C6C9F961253DA928A6 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:04:19.0171 0x090c MRxSmb - ok
18:04:19.0171 0x090c [ 6DB4D1521CABA9A5FFAB54ADE0AE867D, 78D63EE2C0B0852F0771071C099643242EBC9F4DA28847B93BCE9C3CC1091938 ] MSDTC C:\WINDOWS\System32\msdtc.exe
18:04:19.0171 0x090c MSDTC - ok
18:04:19.0171 0x090c [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
18:04:19.0187 0x090c Msfs - ok
18:04:19.0187 0x090c MSIServer - ok
18:04:19.0203 0x090c [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:04:19.0203 0x090c MSKSSRV - ok
18:04:19.0203 0x090c [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:04:19.0203 0x090c MSPCLOCK - ok
18:04:19.0218 0x090c [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
18:04:19.0218 0x090c MSPQM - ok
18:04:19.0234 0x090c [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:04:19.0234 0x090c mssmbios - ok
18:04:19.0250 0x090c [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
18:04:19.0265 0x090c MSTEE - ok
18:04:19.0281 0x090c [ D48659BB24C48345D926ECB45C1EBDF5, EDEDE58316827530C25F8085F62AD48EA6D44B0F8AC1917B940F53B02CF72EA6 ] MTsensor C:\WINDOWS\system32\DRIVERS\ASACPI.sys
18:04:19.0296 0x090c MTsensor - ok
18:04:19.0296 0x090c [ 2F625D11385B1A94360BFC70AAEFDEE1, 23E4974120233CF1A7BEE48977706A0A55418699379D1450502ABEB24191AC80 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
18:04:19.0296 0x090c Mup - ok
18:04:19.0343 0x090c [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
18:04:19.0343 0x090c NABTSFEC - ok
18:04:19.0375 0x090c [ 6EA362E9DB03D44F6B996F4D8BE237E9, FE6B4C546D26C4A2832CF4CB280B86B1723E10E46A3C24AF6C9856FCCAE9D1FC ] napagent C:\WINDOWS\System32\qagentrt.dll
18:04:19.0390 0x090c napagent - ok
18:04:19.0406 0x090c [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
18:04:19.0406 0x090c NDIS - ok
18:04:19.0421 0x090c [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
18:04:19.0421 0x090c NdisIP - ok
18:04:19.0421 0x090c [ 1AB3D00C991AB086E69DB84B6C0ED78F, 1F881FCCF5557C44C078D99CA2DD38D635413D6212DBEDC06A428EDAC7F8B04E ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:04:19.0437 0x090c NdisTapi - ok
18:04:19.0453 0x090c [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:04:19.0453 0x090c Ndisuio - ok
18:04:19.0453 0x090c [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:04:19.0453 0x090c NdisWan - ok
18:04:19.0468 0x090c [ 6215023940CFD3702B46ABC304E1D45A, C767F3A349B365F6E7566C0738E2F62D8FFF8CB4457347E3614BD403BC6CADCB ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
18:04:19.0468 0x090c NDProxy - ok
18:04:19.0468 0x090c [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
18:04:19.0468 0x090c NetBIOS - ok
18:04:19.0484 0x090c [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
18:04:19.0484 0x090c NetBT - ok
18:04:19.0515 0x090c [ 933DE774986EC85E48210C44AB431DE6, B8C85085003792B8744D96585CE6F2BC474EEEEC364A100CCBCE08176D91E75C ] NetDDE C:\WINDOWS\system32\netdde.exe
18:04:19.0515 0x090c NetDDE - ok
18:04:19.0515 0x090c [ 933DE774986EC85E48210C44AB431DE6, B8C85085003792B8744D96585CE6F2BC474EEEEC364A100CCBCE08176D91E75C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
18:04:19.0531 0x090c NetDDEdsdm - ok
18:04:19.0546 0x090c [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] Netlogon C:\WINDOWS\System32\lsass.exe
18:04:19.0562 0x090c Netlogon - ok
18:04:19.0562 0x090c [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40, 588C8BA14A7255FD36A88960CBE34341301773765ECF2A9A0F1760A509A08A5B ] Netman C:\WINDOWS\System32\netman.dll
18:04:19.0578 0x090c Netman - ok
18:04:19.0609 0x090c [ 8070BB07FE06DE8B9ACB29B07016A273, 4E74B717103987D72E7A825584279A3C064443FF50945F2CDF6EDF97ED0F466C ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:04:19.0609 0x090c NetTcpPortSharing - ok
18:04:19.0640 0x090c [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
18:04:19.0640 0x090c NIC1394 - ok
ASUS TUF Gaming A15 FA507NU-LP131W
AMD Ryzen 5 7535HS 3,3 GHz
NVIDIA GeForce RTX 4050
DDR5 16 GB
Windows 11 Home
Nahoru
Reklama
Top
Uživatelský avatar
Sandra74
Level 2
Level 2
Příspěvky: 197
Registrován: duben 11
Bydliště: Brno
Pohlaví: Žena
Stav:
Offline

Re: Prosím o kontrolu logu - nalezen Somoto-J

Příspěvekod Sandra74 » 01 lis 2013 18:18

18:04:19.0656 0x090c [ AAC97DAB5F8A0573CF10E0EAC42A7724, DF151B3F1C6BBE59E72E3AC1053E6A6D2C60FDB21CD5819E6A69182BB4A90D76 ] Nla C:\WINDOWS\System32\mswsock.dll
18:04:19.0781 0x090c Nla - ok
18:04:19.0828 0x090c [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
18:04:19.0828 0x090c Npfs - ok
18:04:19.0859 0x090c [ 4D864C3526C573E54FBDA663A7855FE2, A7D5A098F8B402FA93496C6006DD5BD5106BDC7D12E0C3E36FC7FF8F6659209A ] nSvcIp C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
18:04:19.0859 0x090c nSvcIp - ok
18:04:19.0875 0x090c [ 68C060CE0BD72DD66313356BA698BFF2, 44BD72778A26D1D89AC1287E8051692E2F09230CC9D1EA489A05FA2EDB588174 ] nSvcLog C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
18:04:19.0875 0x090c nSvcLog - ok
18:04:19.0906 0x090c [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
18:04:19.0921 0x090c Ntfs - ok
18:04:19.0921 0x090c [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
18:04:19.0921 0x090c NtLmSsp - ok
18:04:19.0968 0x090c [ 023DD70573D644F3D9C8B1258A7BFD08, 9A1D3210ED5FD8BEDF92ED577A9B30E37035408A73EB66A8C950B75AB7539B83 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
18:04:19.0984 0x090c NtmsSvc - ok
18:04:20.0000 0x090c [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
18:04:20.0000 0x090c Null - ok
18:04:20.0187 0x090c [ B488EDA5F3E9F8467FE999B00CCB146D, 97B4AC9CB952DB233DCF6DB8B6A936A0F8655F98281D0C0D638B9CBD363FE575 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
18:04:20.0312 0x090c nv - ok
18:04:20.0359 0x090c [ 4D6C6B46B3EDF6F2E219A86B61D104AE, 403206965B97F6AE10E4847A62B23D5D17DB891A5546268DB317AFEDBD21BB19 ] nvata C:\WINDOWS\system32\DRIVERS\nvata.sys
18:04:20.0359 0x090c nvata - ok
18:04:20.0390 0x090c [ 1B83B60541BE1B6DB81641C448007F21, F2696456DB732F7DBFFCA3DEB21FF2D7D117BA09793A75D2A4DB9ADF577C2A2C ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
18:04:20.0390 0x090c NVENETFD - ok
18:04:20.0421 0x090c [ 57B669F9234604A350174B86764444B0, 097ED0363B3D935FC503B3FEAEBF403EEAAA71BA9709A95DA49E98345C895F84 ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
18:04:20.0421 0x090c nvnetbus - ok
18:04:20.0453 0x090c [ 2D8305D4248C03AF9D93FFFFA486309B, 47B47E85CD1B6F1F44D5B5528C0724432037B02EFE0C08EF87E528E51377F267 ] NVSvc C:\WINDOWS\System32\nvsvc32.exe
18:04:20.0453 0x090c NVSvc - ok
18:04:20.0468 0x090c [ C0E7437765A694328579C4674EF3AB20, 3DA78D47DCEEC116EFF01C79982091BDAA9E43CEA46A67D84301EB152FF6B723 ] NVTCP C:\WINDOWS\system32\DRIVERS\NVTcp.sys
18:04:20.0468 0x090c NVTCP - ok
18:04:20.0500 0x090c [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:04:20.0500 0x090c NwlnkFlt - ok
18:04:20.0515 0x090c [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:04:20.0515 0x090c NwlnkFwd - ok
18:04:20.0562 0x090c [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:04:20.0578 0x090c odserv - ok
18:04:20.0578 0x090c [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0F6AA27815D5F95 ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
18:04:20.0593 0x090c ohci1394 - ok
18:04:20.0609 0x090c [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:04:20.0609 0x090c ose - ok
18:04:20.0625 0x090c [ 46F8DB73B4A53E543F8E371DC7C75BAE, F6C5E7DE4B4AE0ED785DB075BE14EA6A0FC9050C95669B26DEF2B82D7B7D3B2C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
18:04:20.0625 0x090c Parport - ok
18:04:20.0625 0x090c [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
18:04:20.0625 0x090c PartMgr - ok
18:04:20.0656 0x090c [ 1FAE19D0457176318BBA4A8795656EBC, 5F3D6CABA203A0485D67F63A6A81151724EE200BE49ED095CFCB1EF29C19D19F ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
18:04:20.0656 0x090c ParVdm - ok
18:04:20.0656 0x090c [ 6CE351D149CB4BEFC702951E471E1730, 758327683BB45F01D5AE550AF21856822B4CF55E17F2A4F452F559088D242B37 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
18:04:20.0656 0x090c PCI - ok
18:04:20.0671 0x090c PCIDump - ok
18:04:20.0687 0x090c [ 2DA4EC85E0EA7A45C6B2A05820492D5A, A8C6BD93D3BC33A5B36EB523997EF9E0783B6E6EAFB6E7F58BCC2629009BDCF9 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
18:04:20.0687 0x090c PCIIde - ok
18:04:20.0718 0x090c [ 4FC31E6C19A5CE5198B1ABFF94CAE758, A031E21EC1F15DA5E8429269F435337FA961C3C06D535DAFD448C7355F33FD0C ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
18:04:20.0812 0x090c Pcmcia - ok
18:04:20.0828 0x090c PDCOMP - ok
18:04:20.0828 0x090c PDFRAME - ok
18:04:20.0828 0x090c PDRELI - ok
18:04:20.0828 0x090c PDRFRAME - ok
18:04:20.0843 0x090c perc2 - ok
18:04:20.0843 0x090c perc2hib - ok
18:04:20.0859 0x090c [ F0D2AE69035092BF22DAD6B50FAB85C2, 982ED53375D9B5F6D3CE290A93987BE98407C746C24FEC7833F9D4D4AF443AD7 ] PlugPlay C:\WINDOWS\system32\services.exe
18:04:20.0875 0x090c PlugPlay - ok
18:04:20.0875 0x090c [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] PolicyAgent C:\WINDOWS\System32\lsass.exe
18:04:20.0875 0x090c PolicyAgent - ok
18:04:20.0890 0x090c [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:04:20.0890 0x090c PptpMiniport - ok
18:04:20.0890 0x090c [ 7EB15DCE4EC3A0220BD796A15C18186E, E06C572F3FE4F3377D8AF74E8EF15478E71B4C61F944E48E8C35534BEF086110 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
18:04:20.0890 0x090c Processor - ok
18:04:20.0890 0x090c [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
18:04:20.0906 0x090c ProtectedStorage - ok
18:04:20.0906 0x090c [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
18:04:20.0906 0x090c PSched - ok
18:04:20.0906 0x090c [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:04:20.0906 0x090c Ptilink - ok
18:04:20.0953 0x090c [ E42E3433DBB4CFFE8FDD91EAB29AEA8E, 20ABD8372B242FD356AC143E7EB56F93CFEA4988ED1B0C4434CB64C387D7F66C ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
18:04:20.0953 0x090c PxHelp20 - ok
18:04:20.0953 0x090c ql1080 - ok
18:04:20.0953 0x090c Ql10wnt - ok
18:04:20.0968 0x090c ql12160 - ok
18:04:20.0968 0x090c ql1240 - ok
18:04:20.0968 0x090c ql1280 - ok
18:04:20.0968 0x090c [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:04:20.0984 0x090c RasAcd - ok
18:04:21.0000 0x090c [ 2B5E44EA009F2F374B980E1E9A70635D, 62D8FDB80C8ACBA2C42C12760B785587C43BEDFE015EC5C41B25F2BB735EFEB0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
18:04:21.0015 0x090c RasAuto - ok
18:04:21.0031 0x090c [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:04:21.0031 0x090c Rasl2tp - ok
18:04:21.0046 0x090c [ D57554C664B64604BD1EE13EA2C07E77, B090C05B91EA602BFF9A5E89AB1A0FFDE869611961FF749DA8B3F4D00F04E756 ] RasMan C:\WINDOWS\System32\rasmans.dll
18:04:21.0046 0x090c RasMan - ok
18:04:21.0062 0x090c [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:04:21.0062 0x090c RasPppoe - ok
18:04:21.0062 0x090c [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
18:04:21.0062 0x090c Raspti - ok
18:04:21.0078 0x090c [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:04:21.0078 0x090c Rdbss - ok
18:04:21.0078 0x090c [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:04:21.0078 0x090c RDPCDD - ok
18:04:21.0093 0x090c [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:04:21.0093 0x090c rdpdr - ok
18:04:21.0125 0x090c [ 6728E45B66F93C08F11DE2E316FC70DD, EA63ECD4F84CAE08BD2BF843C48AF505B1B9D7B61349A63536C9C6FEBEF23452 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
18:04:21.0125 0x090c RDPWD - ok
18:04:21.0140 0x090c [ C0D9D9711CB74EE9BC66353D8CBDAB0E, F1AF9A26910707E76BF213D8DE5C902B0088D8A29EBDFF72DE6A4D867E298CC8 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
18:04:21.0140 0x090c RDSessMgr - ok
18:04:21.0140 0x090c [ 611BFD220305BE3A85AE876EA47D4AA5, FDF87878EB3886649025E5A12F1C3FC9072D66CCD3217944710085C1F8A4512E ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
18:04:21.0156 0x090c redbook - ok
18:04:21.0187 0x090c [ 127C26B5371651043450E52542099ABA, 98AADAD8D5211CB894AA7C59B6299861B1F44B6D8F46AB5837E7D2F5B615B14A ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
18:04:21.0187 0x090c RemoteAccess - ok
18:04:21.0203 0x090c [ 8F31505484A190D5B22274708799F4EC, 170FF8193C95CEE73B9342B6FB7D83DF4E80B2CCBB27DF41F4AB5F2FB9AF60E1 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
18:04:21.0218 0x090c RemoteRegistry - ok
18:04:21.0234 0x090c [ 718B3BDC0BC3C2F7D065A53D26202AF9, 9E58243628F1E1396AB82A80D046FF50803A230EE07B007E0CA5D744C77B091A ] RpcLocator C:\WINDOWS\System32\locator.exe
18:04:21.0234 0x090c RpcLocator - ok
18:04:21.0265 0x090c [ C868F3AE15CF71A93F2AA3A32856D839, 7F08E40AE8F4F15F110550775183EDA690DBADAC95CF859C98A99B3DF308C8F5 ] RpcSs C:\WINDOWS\system32\rpcss.dll
18:04:21.0281 0x090c RpcSs - ok
18:04:21.0312 0x090c [ 09AB2E71E58B078038E3BFDBA7FFC984, 8CA277DEEF6376B0F48C6BA5DBBC3E8AF2245983BA9AF6AB83D1A920D35FAF93 ] RSVP C:\WINDOWS\System32\rsvp.exe
18:04:21.0328 0x090c RSVP - ok
18:04:21.0328 0x090c [ ED0A176354487CEED65B80A7148AB739, 71295D7D7684539DBD2924B437660960C01E073A521FE12D1519969327EC8DC4 ] SamSs C:\WINDOWS\system32\lsass.exe
18:04:21.0328 0x090c SamSs - ok
18:04:21.0359 0x090c [ 410046E401EB11E1E6749E9DEEA41D4A, 9507268ACD24EF51E994DC418E8EB3E10DEDE61EE892226A22A5DA7662397E25 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
18:04:21.0359 0x090c SCardSvr - ok
18:04:21.0390 0x090c [ 3FF232A7731621B8902D81D42418C93C, 2030C9A843D9555170179883BD4CC1E978D5FC5EC0D7FCA56518224E428BE421 ] Schedule C:\WINDOWS\system32\schedsvc.dll
18:04:21.0406 0x090c Schedule - ok
18:04:21.0421 0x090c [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:04:21.0421 0x090c Secdrv - ok
18:04:21.0437 0x090c [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6, 82EEB2345AC19050FAB202DE76C2CDD93E753F5AB67789A86A1726D3040C02E5 ] seclogon C:\WINDOWS\System32\seclogon.dll
18:04:21.0437 0x090c seclogon - ok
18:04:21.0437 0x090c [ A530B75C10C23C9AB28FDB6CE719E21F, 14568DF6457758E2F534A46A8E6245C364895C3993BEF2B5A889B98DBB201A27 ] SENS C:\WINDOWS\system32\sens.dll
18:04:21.0453 0x090c SENS - ok
18:04:21.0453 0x090c [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
18:04:21.0453 0x090c serenum - ok
18:04:21.0453 0x090c [ B842729337C9B921615C40D3C1A1AF96, 503670A56423B996C6ED6AE95F07FB88910767C4A2041A4BE9070C57A016E7FA ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
18:04:21.0468 0x090c Serial - ok
18:04:21.0468 0x090c [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
18:04:21.0468 0x090c Sfloppy - ok
18:04:21.0500 0x090c [ F58FACA9621D2DB01BD0927D9A0A208E, 239C87E09261BC9D1DBE99DABCFC4787D42289E8769563A5EFB323BE6F177C9A ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
18:04:21.0515 0x090c SharedAccess - ok
18:04:21.0531 0x090c [ B927443008910B412BEC72FC41C1BAD0, B2008DC7EBCEDA0FCCBF4BE1F3BD7F5E27E35695320236D2C9E9C0111CC44774 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:04:21.0531 0x090c ShellHWDetection - ok
18:04:21.0562 0x090c [ 9604998D0C578608151B6E59266FCAE1, 8494B890F8371A93176BA22A9DBEA19750AF97421C4E934251A1F5BE44976AD9 ] SI3132 C:\WINDOWS\system32\DRIVERS\SI3132.sys
18:04:21.0562 0x090c SI3132 - ok
18:04:21.0562 0x090c [ 72CF151FB410E544904DBC7D7F29B796, 75DEABA6CB5FE5449A6624D3A7A7F02EDB7110B71D3633E3C25A6FAFDBC8D17D ] SiFilter C:\WINDOWS\system32\DRIVERS\SiWinAcc.sys
18:04:21.0562 0x090c SiFilter - ok
18:04:21.0562 0x090c Simbad - ok
18:04:21.0593 0x090c [ 9CD1BB2DB803B6AC642BD643DDB773BC, E03EC2FFBE9720E291D13ABF35E027DFA1324CE0934403D1BF4A8E1B86623053 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
18:04:21.0593 0x090c SkypeUpdate - ok
18:04:21.0593 0x090c [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
18:04:21.0593 0x090c SLIP - ok
18:04:21.0609 0x090c Sparrow - ok
18:04:21.0640 0x090c [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
18:04:21.0640 0x090c splitter - ok
18:04:21.0656 0x090c [ CB1090BCA0E7B40D0B5B4E4D66531809, BFA487D989B4C63FB40407A4FC877B54A3104D7394316E9B8A52E77129816B3D ] Spooler C:\WINDOWS\system32\spoolsv.exe
18:04:21.0656 0x090c Spooler - ok
18:04:21.0687 0x090c [ 68103A2B441BBF3908EBB587F0704D6C, 0EE921D3D3D88AD0380923429E82B58078F53D7A9D53458AA33FEDF376EF1212 ] sptd C:\WINDOWS\System32\Drivers\sptd.sys
18:04:21.0703 0x090c sptd - ok
18:04:21.0703 0x090c [ 94610C8653635E4459316A0050D55CE7, D148D33B3D2B0757060531C526F2161504A8D7C4E5957D092C7EBDB007271339 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
18:04:21.0718 0x090c sr - ok
18:04:21.0734 0x090c [ 35B91147124F64AC8081A2EDB9EA4DEE, 1609D19156DAC6EE3C2D2350B062966B64D9CDC289E9B8FEB6D244AAEBE90BBF ] srservice C:\WINDOWS\System32\srsvc.dll
18:04:21.0750 0x090c srservice - ok
18:04:21.0750 0x090c [ 5252605079810904E31C332E241CD59B, 039DD965DE2137219168F95CA3BF1CA7353957026BDD0481F7964E2578DF2128 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
18:04:21.0765 0x090c Srv - ok
18:04:21.0765 0x090c [ BECD5271DC4E3B7C3D035F790FCBC1E5, D63B9DB81332553C963EC5057D241CE2287AF652387333C1FD79AF8C9B5F2BA7 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
18:04:21.0781 0x090c SSDPSRV - ok
18:04:21.0796 0x090c [ C1CDD9275F6A115BB0AE1D55D8D27BA6, CD0511FD7F6AD832CBEB931C605AB3AD217631C57399CB8033248D27619541E4 ] stisvc C:\WINDOWS\system32\wiaservc.dll
18:04:21.0812 0x090c stisvc - ok
18:04:21.0828 0x090c [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
18:04:21.0843 0x090c streamip - ok
18:04:21.0843 0x090c [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
18:04:21.0843 0x090c swenum - ok
18:04:21.0890 0x090c [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
18:04:21.0906 0x090c SwitchBoard - ok
18:04:21.0906 0x090c [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
18:04:21.0921 0x090c swmidi - ok
18:04:21.0921 0x090c SwPrv - ok
18:04:21.0921 0x090c symc810 - ok
18:04:21.0921 0x090c symc8xx - ok
18:04:21.0937 0x090c sym_hi - ok
18:04:21.0937 0x090c sym_u3 - ok
18:04:21.0953 0x090c [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
18:04:21.0953 0x090c sysaudio - ok
18:04:21.0984 0x090c [ CE06F01B88ACE199A1BF460CAC29C110, 3CD89E5B8E53203287D889C107E4795225742DB6C6ACA2DC0611BD9728382A27 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
18:04:21.0984 0x090c SysmonLog - ok
18:04:22.0015 0x090c [ C2546CD7A398476F9DF5614B2AE160E8, 11C8435BA983553E9C0806494E9B3C7080515C0375B0604F029D89B50726161A ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
18:04:22.0031 0x090c TapiSrv - ok
18:04:22.0046 0x090c [ 93EA8D04EC73A85DB02EB8805988F733, 013008E23F5F14E0C836C28524D1181759BAF84530C6331163882A772217F398 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:04:22.0046 0x090c Tcpip - ok
18:04:22.0062 0x090c [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
18:04:22.0062 0x090c TDPIPE - ok
18:04:22.0078 0x090c [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
18:04:22.0078 0x090c TDTCP - ok
18:04:22.0078 0x090c [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
18:04:22.0078 0x090c TermDD - ok
18:04:22.0109 0x090c [ A75DD6FC3DBEE4FFF5EBC9F2C28BB66E, 3D2B1D899061448EAD993CDE97D1EF50DD64728E9F44D80FEAE591198A937653 ] TermService C:\WINDOWS\System32\termsrv.dll
18:04:22.0125 0x090c TermService - ok
18:04:22.0125 0x090c [ B927443008910B412BEC72FC41C1BAD0, B2008DC7EBCEDA0FCCBF4BE1F3BD7F5E27E35695320236D2C9E9C0111CC44774 ] Themes C:\WINDOWS\System32\shsvcs.dll
18:04:22.0140 0x090c Themes - ok
18:04:22.0171 0x090c [ CD0CC7B167D78043A41C98D4921EFB54, 31AAB5D6D6BA52EBDDE1B5DEB8F9B4D9597FFBA4485F959C846F635060CCB5C0 ] TlntSvr C:\WINDOWS\System32\tlntsvr.exe
18:04:22.0187 0x090c TlntSvr - ok
18:04:22.0187 0x090c TosIde - ok
18:04:22.0187 0x090c [ 38853304CCB938D30E0C4CDE8D2C2A8A, 966E7BCC9F63A1A7777F8A12E51C2A91EC688CE96109943ADC4CB4EB58DC34A6 ] TrkWks C:\WINDOWS\system32\trkwks.dll
18:04:22.0203 0x090c TrkWks - ok
18:04:22.0218 0x090c [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
18:04:22.0218 0x090c Udfs - ok
18:04:22.0234 0x090c ultra - ok
18:04:22.0234 0x090c [ AB0A7CA90D9E3D6A193905DC1715DED0, CA764A2B92E727E3398134CD50D5622B4EC387436A3644063DA1D114CE63BD64 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
18:04:22.0250 0x090c UMWdf - ok
18:04:22.0265 0x090c [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
18:04:22.0265 0x090c Update - ok
18:04:22.0281 0x090c [ 651BD90DCEE5B7BDC74A2EB7C9266F9E, AF7662BCA0819F82CE5EE0863E47149CC127DE664CB3DC6359B63FBD71DB54F8 ] upnphost C:\WINDOWS\System32\upnphost.dll
18:04:22.0296 0x090c upnphost - ok
18:04:22.0312 0x090c [ 20A0F6A11959E92908717D09E87D670D, 3DD6C99AB0F70FAA43DF470B30078B8A51B8AF735CD5C50DBB195FEA70F4C36E ] UPS C:\WINDOWS\System32\ups.exe
18:04:22.0312 0x090c UPS - ok
18:04:22.0312 0x090c [ 173F317CE0DB8E21322E71B7E60A27E8, 7042441BA63AE38AE9D7BE0BC5CA7404FC9EE5BB3F084604A68F01E82769652A ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:04:22.0312 0x090c usbccgp - ok
18:04:22.0328 0x090c [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:04:22.0328 0x090c usbehci - ok
18:04:22.0328 0x090c [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:04:22.0328 0x090c usbhub - ok
18:04:22.0328 0x090c [ 0DAECCE65366EA32B162F85F07C6753B, 3C33AC2FC95E876933F2016CF0CDA2745491679728684DA8DF95A515CE4804BD ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
18:04:22.0343 0x090c usbohci - ok
18:04:22.0359 0x090c [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:04:22.0359 0x090c USBSTOR - ok
18:04:22.0375 0x090c [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
18:04:22.0375 0x090c VgaSave - ok
18:04:22.0375 0x090c ViaIde - ok
18:04:22.0375 0x090c [ 8643DA4A6C83DA6C10FCAB1E5AB6632D, E1EFD567D050D4D80F7542E446C840AE9935E801A033FF3EA8481E72821C8376 ] Video3D C:\WINDOWS\system32\Drivers\Video3D32.sys
18:04:22.0375 0x090c Video3D - ok
18:04:22.0390 0x090c [ 28A4B296B47782173C346E376CB374D1, FE799FE4A41752A2B47027EA88214BF3E39B317302939F4A2D0F2A4EFAAC2F13 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
18:04:22.0390 0x090c VolSnap - ok
18:04:22.0421 0x090c [ D6BA1A63D9E00933F1CD2A885573AFB2, 36311A060635CEC1DBB6D8A746B8A4D007706EAE97D51A5E12F9958AB16BE486 ] VSS C:\WINDOWS\System32\vssvc.exe
18:04:22.0437 0x090c VSS - ok
18:04:22.0453 0x090c [ FA4E1CDBA256787F2149F4AAD07BC91F, 1B5FC5248335D70094D04501AA2C30F54782B58FF8D573BE8E784A21529C7CAF ] W32Time C:\WINDOWS\System32\w32time.dll
18:04:22.0468 0x090c W32Time - ok
18:04:22.0468 0x090c [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:04:22.0484 0x090c Wanarp - ok
18:04:22.0484 0x090c WDICA - ok
18:04:22.0500 0x090c [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
18:04:22.0500 0x090c wdmaud - ok
18:04:22.0515 0x090c [ 47AE51048A82DFA1CD6B51D369F7E169, 742F2162B8BDE00D83715093EA9743338964597ED22648B9F4F139D7278235A4 ] WebClient C:\WINDOWS\System32\webclnt.dll
18:04:22.0515 0x090c WebClient - ok
18:04:22.0578 0x090c [ E488332126E3B1182D2B8A0C35408EC6, F9F60911DF0A539753B2BEF6FAD2D0AED1BC1C3F43509F79D9AF2F810CDE5D9B ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
18:04:22.0578 0x090c winmgmt - ok
18:04:22.0625 0x090c [ 140EF97B64F560FD78643CAE2CDAD838, 1DEA8005220A3EFEC6E32A7DE4386026CCC1E5328E2FDCB82B1FB335905D1962 ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
18:04:22.0625 0x090c WmdmPmSN - ok
18:04:22.0656 0x090c [ 6538D6BDE04B56737FE743C24D4CE83D, 66F807C849FE7E4ED327915F2901D03D7C4B33530BD2D801C9A47E1483455F91 ] Wmi C:\WINDOWS\System32\advapi32.dll
18:04:22.0671 0x090c Wmi - ok
18:04:22.0687 0x090c [ 23F6F03272F7E5679F1F050AED5ACEE6, 87EBE773F3E8FFE2F1E1DB435BB0E8852031AA88112EB791085AD3DA918B49CC ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
18:04:22.0687 0x090c WmiApSrv - ok
18:04:22.0734 0x090c [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
18:04:22.0734 0x090c WS2IFSL - ok
18:04:22.0765 0x090c [ 4C86D5FAF78194995AF9CC1075F65DD3, D3B23BB0971E0DBC0A51720067489C224323B603178E91149BF56F779DE352F0 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
18:04:22.0781 0x090c wscsvc - ok
18:04:22.0796 0x090c [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
18:04:22.0796 0x090c WSTCODEC - ok
18:04:22.0812 0x090c [ C1364564800EE9784192145324A23308, 5345BAE00364233594C9CF99CE2CC485E65B5D4FFBB81C86B2950EDA2427584C ] wuauserv C:\WINDOWS\system32\wuauserv.dll
18:04:22.0812 0x090c wuauserv - ok
18:04:22.0843 0x090c [ A27D4BA7264C0BF52F32D10405BEA1D4, 5F28607CCAB15FB601BEB35FF0B1A5CD27C678C6D1CA724E842C33EED4579B8C ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
18:04:22.0875 0x090c WZCSVC - ok
18:04:22.0890 0x090c [ EAA4BB9EDB3FB10CF8979FE65E63658F, B80EB477100FD3E26513360E09DB6EBF0C8D8B0618F1F4BF1F387ABA6DEC9B64 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
18:04:22.0906 0x090c xmlprov - ok
18:04:22.0921 0x090c ================ Scan global ===============================
18:04:22.0937 0x090c [ F36278E42C8C5DF03CE17DAC8231C91C, D012A3C8F394DF4F0BF5D5A4C10E73BBF427762B7D3DB6CF5FAB96536E082B7A ] C:\WINDOWS\system32\basesrv.dll
18:04:22.0953 0x090c [ 77A41C497ADB0C96D1E8DF6F71D843C0, 39A425A66B127F91B9A6FB5A0832B51ACD5928645D62D09FDA0AB95D3836E479 ] C:\WINDOWS\system32\winsrv.dll
18:04:22.0984 0x090c [ 77A41C497ADB0C96D1E8DF6F71D843C0, 39A425A66B127F91B9A6FB5A0832B51ACD5928645D62D09FDA0AB95D3836E479 ] C:\WINDOWS\system32\winsrv.dll
18:04:23.0015 0x090c [ F0D2AE69035092BF22DAD6B50FAB85C2, 982ED53375D9B5F6D3CE290A93987BE98407C746C24FEC7833F9D4D4AF443AD7 ] C:\WINDOWS\system32\services.exe
18:04:23.0015 0x090c [ Global ] - ok
18:04:23.0015 0x090c ================ Scan MBR ==================================
18:04:23.0046 0x090c [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
18:04:23.0156 0x090c \Device\Harddisk0\DR0 - ok
18:04:23.0171 0x090c [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk1\DR1
18:04:23.0453 0x090c \Device\Harddisk1\DR1 - ok
18:04:23.0453 0x090c ================ Scan VBR ==================================
18:04:23.0453 0x090c [ E9121AF8CE7C669DFD2FB4FE58C754B8 ] \Device\Harddisk0\DR0\Partition1
18:04:23.0453 0x090c \Device\Harddisk0\DR0\Partition1 - ok
18:04:23.0453 0x090c [ A5870F63940E63BBC4796A40AF49F04B ] \Device\Harddisk1\DR1\Partition1
18:04:23.0453 0x090c \Device\Harddisk1\DR1\Partition1 - ok
18:04:23.0453 0x090c Waiting for KSN requests completion. In queue: 173
18:04:24.0453 0x090c Waiting for KSN requests completion. In queue: 173
18:04:25.0453 0x090c Waiting for KSN requests completion. In queue: 173
18:04:26.0453 0x090c AV detected via SS1: avast! Antivirus, 5.0.150996950, disabled, updated
18:04:26.0453 0x090c FW detected via SS1: avast! Antivirus, 5.0.134219217, disabled
18:04:26.0453 0x090c FW detected via SS1: COMODO Firewall, 6.0, disabled
18:04:26.0453 0x090c Win FW state via NFM: disabled
18:04:28.0968 0x090c ============================================================
18:04:28.0968 0x090c Scan finished
18:04:28.0968 0x090c ============================================================
18:04:28.0968 0x0918 Detected object count: 0
18:04:28.0968 0x0918 Actual detected object count: 0
18:04:35.0984 0x015c Deinitialize success
ASUS TUF Gaming A15 FA507NU-LP131W
AMD Ryzen 5 7535HS 3,3 GHz
NVIDIA GeForce RTX 4050
DDR5 16 GB
Windows 11 Home
Nahoru
Uživatelský avatar
Sandra74
Level 2
Level 2
Příspěvky: 197
Registrován: duben 11
Bydliště: Brno
Pohlaví: Žena
Stav:
Offline

Re: Prosím o kontrolu logu - nalezen Somoto-J

Příspěvekod Sandra74 » 01 lis 2013 18:22

ComboFix se nezdařil. Vyhodilo to nějakou hlášku, že se nemůžou ukládat nějaké registry a pak se to zastavilo na okně - viz příloha.
Přílohy
IMAG0036.jpg
ASUS TUF Gaming A15 FA507NU-LP131W
AMD Ryzen 5 7535HS 3,3 GHz
NVIDIA GeForce RTX 4050
DDR5 16 GB
Windows 11 Home
Nahoru
Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - nalezen Somoto-J

Příspěvekod memphisto » 01 lis 2013 19:31

Zkus zopakovat COmbofix v nouzovém režimu
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Nahoru
Uživatelský avatar
Sandra74
Level 2
Level 2
Příspěvky: 197
Registrován: duben 11
Bydliště: Brno
Pohlaví: Žena
Stav:
Offline

Re: Prosím o kontrolu logu - nalezen Somoto-J

Příspěvekod Sandra74 » 01 lis 2013 20:18

ComboFix 13-11-01.01 - SandraD 01.11.2013 20:09:54.1.2 - x86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3582.3137 [GMT 1:00]
Spuštěný z: c:\documents and settings\SandraD\Plocha\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *Enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\dllcache\wmpvis.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-01 do 2013-11-01 )))))))))))))))))))))))))))))))
.
.
2013-10-31 16:38 . 2013-10-31 16:38 -------- d-----w- c:\windows\ERUNT
2013-10-30 21:47 . 2013-10-30 21:47 -------- d-----w- c:\documents and settings\SandraD\Data aplikací\Malwarebytes
2013-10-30 21:47 . 2013-10-30 21:47 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-10-30 21:47 . 2013-10-30 21:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-10-30 21:47 . 2013-04-04 13:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-10-30 21:43 . 2013-10-31 16:22 -------- d-----w- C:\AdwCleaner
2013-10-29 19:09 . 2013-10-29 19:10 -------- d-----w- c:\documents and settings\SandraD\Data aplikací\SPORE
2013-10-29 19:05 . 2013-10-29 19:05 -------- d-----w- c:\program files\Electronic Arts
2013-10-29 17:21 . 2013-10-29 17:21 388096 ----a-r- c:\documents and settings\SandraD\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-10-29 17:21 . 2013-10-29 17:21 -------- d-----w- c:\program files\Trend Micro
2013-10-27 20:27 . 2013-10-28 11:58 -------- d-----w- c:\documents and settings\SandraD\Local Settings\Data aplikací\NFS Underground 2
2013-10-27 20:27 . 2013-10-27 20:27 -------- d-----w- c:\program files\Common Files\DirectX
2013-10-27 20:17 . 2013-10-27 20:17 -------- d-----w- c:\program files\EA GAMES
2013-10-26 17:38 . 2013-10-26 19:33 -------- d-----w- c:\program files\Diablo III
2013-10-26 17:38 . 2013-10-26 17:38 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2013-10-26 17:38 . 2013-10-26 17:38 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Blizzard Entertainment
2013-10-26 17:37 . 2013-10-26 17:37 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Battle.net
2013-10-20 19:14 . 2004-10-22 00:18 749568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2013-10-20 19:14 . 2004-10-22 00:17 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2013-10-20 19:14 . 2004-10-22 00:17 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2013-10-20 19:14 . 2004-10-22 00:16 180224 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2013-10-20 19:14 . 2004-10-22 00:16 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2013-10-20 18:48 . 2013-10-20 18:48 323716 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2013-10-20 18:48 . 2013-10-20 18:48 192644 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2013-10-20 15:42 . 2013-10-20 15:42 -------- d-----w- c:\documents and settings\All Users\Data aplikací\FLEXnet
2013-10-20 15:41 . 2013-10-20 15:41 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2013-10-20 15:41 . 2008-04-07 03:38 22872 ----a-r- c:\windows\system32\AdobePDFUI.dll
2013-10-20 15:41 . 2008-04-07 03:38 45392 ----a-r- c:\windows\system32\AdobePDF.dll
2013-10-15 20:36 . 2013-10-15 20:36 -------- d-----w- c:\documents and settings\SandraD\Data aplikací\AVAST Software
2013-10-15 20:21 . 2013-10-15 20:21 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Data aplikací\COMODO
2013-10-15 19:43 . 2013-10-08 05:29 145408 ----a-w- c:\windows\system32\javacpl.cpl
2013-10-15 19:43 . 2013-10-08 05:50 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-10-09 19:47 . 2013-10-09 19:49 3258 ----a-w- c:\windows\system32\drivers\fvstore.dat
2013-10-09 18:39 . 2013-10-09 18:39 -------- d-----w- c:\program files\MSECache
2013-10-09 18:29 . 2013-10-09 18:29 -------- d-----w- c:\program files\Microsoft.NET
2013-10-09 18:18 . 2013-10-09 18:18 -------- d-----w- c:\documents and settings\SandraD\Local Settings\Data aplikací\PCHealth
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-01 08:55 . 2013-07-14 08:56 196608 -c--a-w- c:\windows\system32\drivers\nStandard.bin
2013-10-15 20:34 . 2013-07-14 09:32 774392 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-10-15 20:34 . 2013-07-14 09:32 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-10-15 20:34 . 2013-07-14 09:32 54832 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-10-15 20:34 . 2013-07-14 09:32 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-10-15 20:34 . 2013-07-14 09:32 403440 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-10-15 20:34 . 2013-07-14 09:32 35656 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-10-15 20:34 . 2013-07-14 09:32 178304 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-10-15 20:34 . 2013-07-14 09:32 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-10-15 20:34 . 2013-07-14 09:32 269216 ----a-w- c:\windows\system32\aswBoot.exe
2013-10-15 20:34 . 2013-07-14 09:32 43152 ----a-w- c:\windows\avastSS.scr
2013-10-09 18:46 . 2013-07-27 22:11 71048 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-09 18:46 . 2013-07-27 22:11 692616 -c--a-w- c:\windows\system32\FlashPlayerApp.exe
2013-09-26 18:09 . 2013-07-14 09:35 48392 ----a-w- c:\windows\system32\certsentry.dll
2013-09-24 10:53 . 2012-12-14 18:45 96216 ----a-w- c:\windows\system32\drivers\inspect.sys
2013-09-24 10:53 . 2012-12-14 18:45 30552 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2013-09-24 10:53 . 2012-12-14 18:45 587864 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2013-09-24 10:53 . 2012-12-14 18:45 15704 ----a-w- c:\windows\system32\drivers\cmderd.sys
2013-09-24 10:53 . 2012-12-14 18:45 36000 ----a-w- c:\windows\system32\cmdcsr.dll
2013-09-24 10:53 . 2012-12-14 18:45 354240 ----a-w- c:\windows\system32\guard32.dll
2013-09-24 10:53 . 2012-12-14 18:45 280792 -c--a-w- c:\windows\system32\cmdvrt32.dll
2013-09-24 10:53 . 2012-09-04 17:07 40664 -c--a-w- c:\windows\system32\cmdkbd32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-10-15 20:34 321752 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2013-07-03 3673184]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 868352]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2007-04-12 8429568]
"nwiz"="nwiz.exe" [2007-04-12 1626112]
"NvMediaCenter"="c:\windows\System32\NvMcTray.dll" [2007-04-12 81920]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2013-09-24 1576152]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-09-02 500208]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-10-18 3567800]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2013-05-01 421888]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-11 640376]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\acaptuser32.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /M:3e44241277
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-04-04 21:06 958576 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Documents and Settings\\SandraD\\Data aplikací\\BitTorrent\\BitTorrent.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
.
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\drivers\cmderd.sys [14.12.2012 19:45 15704]
S0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [14.7.2013 10:32 49944]
S0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [14.7.2013 10:32 178304]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [14.7.2013 10:32 774392]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [14.7.2013 10:32 403440]
S1 cmdGuard;COMODO Internet Security Driver;c:\windows\system32\drivers\cmdGuard.sys [14.12.2012 19:45 587864]
S1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [14.12.2012 19:45 30552]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [14.7.2013 10:32 35656]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [14.7.2013 10:32 70384]
S2 DragonUpdater;COMODO Dragon Update Service;c:\program files\Comodo\Dragon\dragon_updater.exe [9.10.2013 18:33 2104968]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [25.7.2013 7:52 162672]
S3 cmdvirth;COMODO Virtual Service Manager;c:\program files\Comodo\COMODO Internet Security\cmdvirth.exe [14.12.2012 19:45 131288]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 12:37 517096]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-10-18 14:33 1185744 ----a-w- c:\program files\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-11-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-27 18:46]
.
2013-11-01 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-07-14 20:34]
.
2013-11-01 c:\windows\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job
- c:\program files\COMODO\COMODO Internet Security\cfpconfg.exe [2012-12-14 10:53]
.
2013-11-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-07-14 09:23]
.
2013-11-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-07-14 09:23]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: %SYSTEMROOT%\system32\nvappfilter.dll
TCP: DhcpNameServer = 10.0.0.1
TCP: Interfaces\{BD749E76-99FC-48B8-8318-C631A47B69E5}: NameServer = 81.19.5.10,81.19.5.11
TCP: Interfaces\{FC7DF73B-BEF3-402B-BC28-DAE115D2CE1A}: NameServer = 156.154.70.22,156.154.71.22
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.
.
------- Asociace souborů -------
.
.scr=AutoCADScriptFile
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-11-01 20:12
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2013-11-01 20:13:09
ComboFix-quarantined-files.txt 2013-11-01 19:13
.
Před spuštěním: Volných bajtů: 378 991 407 104
Po spuštění: Volných bajtů: 378 952 019 968
.
- - End Of File - - 9E7F9C8AE7BE2A5B3F341E7F2F01075E
413FC2A0C716421B3158746D63736515
ASUS TUF Gaming A15 FA507NU-LP131W
AMD Ryzen 5 7535HS 3,3 GHz
NVIDIA GeForce RTX 4050
DDR5 16 GB
Windows 11 Home
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43339
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - nalezen Somoto-J

Příspěvekod jaro3 » 02 lis 2013 10:57

FW: avast! Antivirus *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *Enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}

dva firewally , jeden odinstaluj . Pak nový Combofix.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Uživatelský avatar
Sandra74
Level 2
Level 2
Příspěvky: 197
Registrován: duben 11
Bydliště: Brno
Pohlaví: Žena
Stav:
Offline

Re: Prosím o kontrolu logu - nalezen Somoto-J

Příspěvekod Sandra74 » 02 lis 2013 13:54

ComboFix 13-11-01.03 - SandraD 02.11.2013 13:26:53.2.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3582.2258 [GMT 1:00]
Spuštěný z: c:\documents and settings\SandraD\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *Disabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-02 do 2013-11-02 )))))))))))))))))))))))))))))))
.
.
2013-10-31 16:38 . 2013-10-31 16:38 -------- d-----w- c:\windows\ERUNT
2013-10-30 21:47 . 2013-10-30 21:47 -------- d-----w- c:\documents and settings\SandraD\Data aplikací\Malwarebytes
2013-10-30 21:47 . 2013-10-30 21:47 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2013-10-30 21:47 . 2013-10-30 21:47 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-10-30 21:47 . 2013-04-04 13:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-10-30 21:43 . 2013-10-31 16:22 -------- d-----w- C:\AdwCleaner
2013-10-29 19:09 . 2013-10-29 19:10 -------- d-----w- c:\documents and settings\SandraD\Data aplikací\SPORE
2013-10-29 19:05 . 2013-10-29 19:05 -------- d-----w- c:\program files\Electronic Arts
2013-10-29 17:21 . 2013-10-29 17:21 388096 ----a-r- c:\documents and settings\SandraD\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-10-29 17:21 . 2013-10-29 17:21 -------- d-----w- c:\program files\Trend Micro
2013-10-27 20:27 . 2013-10-28 11:58 -------- d-----w- c:\documents and settings\SandraD\Local Settings\Data aplikací\NFS Underground 2
2013-10-27 20:27 . 2013-10-27 20:27 -------- d-----w- c:\program files\Common Files\DirectX
2013-10-27 20:17 . 2013-10-27 20:17 -------- d-----w- c:\program files\EA GAMES
2013-10-26 17:38 . 2013-10-26 19:33 -------- d-----w- c:\program files\Diablo III
2013-10-26 17:38 . 2013-10-26 17:38 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2013-10-26 17:38 . 2013-10-26 17:38 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Blizzard Entertainment
2013-10-26 17:37 . 2013-10-26 17:37 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Battle.net
2013-10-20 19:14 . 2004-10-22 00:18 749568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2013-10-20 19:14 . 2004-10-22 00:17 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2013-10-20 19:14 . 2004-10-22 00:17 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2013-10-20 19:14 . 2004-10-22 00:16 180224 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2013-10-20 19:14 . 2004-10-22 00:16 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2013-10-20 18:48 . 2013-10-20 18:48 323716 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2013-10-20 18:48 . 2013-10-20 18:48 192644 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2013-10-20 15:42 . 2013-10-20 15:42 -------- d-----w- c:\documents and settings\All Users\Data aplikací\FLEXnet
2013-10-20 15:41 . 2013-10-20 15:41 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2013-10-20 15:41 . 2008-04-07 03:38 22872 ----a-r- c:\windows\system32\AdobePDFUI.dll
2013-10-20 15:41 . 2008-04-07 03:38 45392 ----a-r- c:\windows\system32\AdobePDF.dll
2013-10-15 20:36 . 2013-10-15 20:36 -------- d-----w- c:\documents and settings\SandraD\Data aplikací\AVAST Software
2013-10-15 20:21 . 2013-10-15 20:21 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Data aplikací\COMODO
2013-10-15 19:43 . 2013-10-08 05:29 145408 ----a-w- c:\windows\system32\javacpl.cpl
2013-10-15 19:43 . 2013-10-08 05:50 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-10-09 19:47 . 2013-10-09 19:49 3258 ----a-w- c:\windows\system32\drivers\fvstore.dat
2013-10-09 18:39 . 2013-10-09 18:39 -------- d-----w- c:\program files\MSECache
2013-10-09 18:29 . 2013-10-09 18:29 -------- d-----w- c:\program files\Microsoft.NET
2013-10-09 18:18 . 2013-10-09 18:18 -------- d-----w- c:\documents and settings\SandraD\Local Settings\Data aplikací\PCHealth
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-02 12:15 . 2013-07-14 09:32 774392 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-11-02 12:15 . 2013-07-14 09:32 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-11-02 12:15 . 2013-07-14 09:32 54832 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-11-02 12:15 . 2013-07-14 09:32 35656 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-11-02 12:15 . 2013-07-14 09:32 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-11-02 12:15 . 2013-07-14 09:32 269216 ----a-w- c:\windows\system32\aswBoot.exe
2013-11-02 12:15 . 2013-07-14 09:32 43152 ----a-w- c:\windows\avastSS.scr
2013-11-01 19:25 . 2013-07-14 08:56 196608 -c--a-w- c:\windows\system32\drivers\nStandard.bin
2013-10-15 20:34 . 2013-07-14 09:32 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-10-15 20:34 . 2013-07-14 09:32 403440 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-10-15 20:34 . 2013-07-14 09:32 178304 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-10-09 18:46 . 2013-07-27 22:11 71048 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-09 18:46 . 2013-07-27 22:11 692616 -c--a-w- c:\windows\system32\FlashPlayerApp.exe
2013-09-26 18:09 . 2013-07-14 09:35 48392 ----a-w- c:\windows\system32\certsentry.dll
2013-09-24 10:53 . 2012-12-14 18:45 96216 ----a-w- c:\windows\system32\drivers\inspect.sys
2013-09-24 10:53 . 2012-12-14 18:45 30552 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2013-09-24 10:53 . 2012-12-14 18:45 587864 ----a-w- c:\windows\system32\drivers\cmdGuard.sys
2013-09-24 10:53 . 2012-12-14 18:45 15704 ----a-w- c:\windows\system32\drivers\cmderd.sys
2013-09-24 10:53 . 2012-12-14 18:45 36000 ----a-w- c:\windows\system32\cmdcsr.dll
2013-09-24 10:53 . 2012-12-14 18:45 354240 ----a-w- c:\windows\system32\guard32.dll
2013-09-24 10:53 . 2012-12-14 18:45 280792 -c--a-w- c:\windows\system32\cmdvrt32.dll
2013-09-24 10:53 . 2012-09-04 17:07 40664 -c--a-w- c:\windows\system32\cmdkbd32.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-11-02 12:15 321752 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2013-07-03 3673184]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-12-18 868352]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2007-04-12 8429568]
"nwiz"="nwiz.exe" [2007-04-12 1626112]
"NvMediaCenter"="c:\windows\System32\NvMcTray.dll" [2007-04-12 81920]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cistray.exe" [2013-09-24 1576152]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-09-02 500208]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-11-02 3568312]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2013-05-01 421888]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-11 640376]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\acaptuser32.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0aswBoot.exe /M:3e44241277
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-04-04 21:06 958576 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Documents and Settings\\SandraD\\Data aplikací\\BitTorrent\\BitTorrent.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [14.7.2013 10:32 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [14.7.2013 10:32 178304]
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [14.7.2013 10:32 774392]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [14.7.2013 10:32 403440]
R1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\drivers\cmderd.sys [14.12.2012 19:45 15704]
R1 cmdGuard;COMODO Internet Security Driver;c:\windows\system32\drivers\cmdGuard.sys [14.12.2012 19:45 587864]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [14.12.2012 19:45 30552]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [14.7.2013 10:32 35656]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [14.7.2013 10:32 70384]
R2 DragonUpdater;COMODO Dragon Update Service;c:\program files\Comodo\Dragon\dragon_updater.exe [9.10.2013 18:33 2104968]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [25.7.2013 7:52 162672]
S3 cmdvirth;COMODO Virtual Service Manager;c:\program files\Comodo\COMODO Internet Security\cmdvirth.exe [14.12.2012 19:45 131288]
S3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 12:37 517096]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-10-18 14:33 1185744 ----a-w- c:\program files\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-11-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-27 18:46]
.
2013-11-02 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2013-07-14 12:15]
.
2013-11-02 c:\windows\Tasks\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85}.job
- c:\program files\COMODO\COMODO Internet Security\cfpconfg.exe [2012-12-14 10:53]
.
2013-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-07-14 09:23]
.
2013-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-07-14 09:23]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: %SYSTEMROOT%\system32\nvappfilter.dll
TCP: DhcpNameServer = 10.0.0.1
TCP: Interfaces\{BD749E76-99FC-48B8-8318-C631A47B69E5}: NameServer = 81.19.5.10,81.19.5.11
TCP: Interfaces\{FC7DF73B-BEF3-402B-BC28-DAE115D2CE1A}: NameServer = 156.154.70.22,156.154.71.22
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.
.
------- Asociace souborů -------
.
.scr=AutoCADScriptFile
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-11-02 13:37
Windows 5.1.2600 Service Pack 3 NTFS
.
detected NTDLL code modification:
ZwClose
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(1024)
c:\windows\system32\MPR.dll
c:\windows\system32\guard32.dll
c:\windows\system32\nvappfilter.dll
c:\windows\system32\mswsock.dll
c:\windows\System32\wshtcpip.dll
.
- - - - - - - > 'explorer.exe'(1988)
c:\windows\system32\guard32.dll
c:\windows\system32\WS2_32.dll
c:\windows\system32\WS2HELP.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
.
- - - - - - - > 'csrss.exe'(940)
c:\windows\system32\cmdcsr.dll
.
Celkový čas: 2013-11-02 13:40:44
ComboFix-quarantined-files.txt 2013-11-02 12:40
ComboFix2.txt 2013-11-01 19:13
.
Před spuštěním: Volných bajtů: 378 966 786 048
Po spuštění: Volných bajtů: 378 959 327 232
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn /usepmtimer
.
- - End Of File - - 0E80C62BD1EE583EFFDAD1E5A956BFFF
413FC2A0C716421B3158746D63736515
ASUS TUF Gaming A15 FA507NU-LP131W
AMD Ryzen 5 7535HS 3,3 GHz
NVIDIA GeForce RTX 4050
DDR5 16 GB
Windows 11 Home
Nahoru
Uživatelský avatar
Sandra74
Level 2
Level 2
Příspěvky: 197
Registrován: duben 11
Bydliště: Brno
Pohlaví: Žena
Stav:
Offline

Re: Prosím o kontrolu logu - nalezen Somoto-J

Příspěvekod Sandra74 » 02 lis 2013 13:55

Já nemám nainstalované dva firewally - firewall od Avastu se platí, nemám ho vůbec aktivní. Nevím, proč se tam zobrazuje. Mám jen Comodo.
ASUS TUF Gaming A15 FA507NU-LP131W
AMD Ryzen 5 7535HS 3,3 GHz
NVIDIA GeForce RTX 4050
DDR5 16 GB
Windows 11 Home
Nahoru
Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - nalezen Somoto-J

Příspěvekod memphisto » 02 lis 2013 18:46

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::

Driver::
SkypeUpdate

Folder::
c:\program files\Skype\Updater

File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upus.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Nahoru
Uživatelský avatar
Sandra74
Level 2
Level 2
Příspěvky: 197
Registrován: duben 11
Bydliště: Brno
Pohlaví: Žena
Stav:
Offline

Re: Prosím o kontrolu logu - nalezen Somoto-J

Příspěvekod Sandra74 » 02 lis 2013 20:46

ComboFix se opět nezdařil, vyhodil dvě chyby - viz přílohy.
Přílohy
IMAG0040.jpg
IMAG0039.jpg
ASUS TUF Gaming A15 FA507NU-LP131W
AMD Ryzen 5 7535HS 3,3 GHz
NVIDIA GeForce RTX 4050
DDR5 16 GB
Windows 11 Home
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43339
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - nalezen Somoto-J

Příspěvekod jaro3 » 03 lis 2013 10:25

Pořád tam máš dva firewally...

Který si chtěl odinstalovat?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Uživatelský avatar
Sandra74
Level 2
Level 2
Příspěvky: 197
Registrován: duben 11
Bydliště: Brno
Pohlaví: Žena
Stav:
Offline

Re: Prosím o kontrolu logu - nalezen Somoto-J

Příspěvekod Sandra74 » 03 lis 2013 18:41

Já nemám nainstalované dva firewally, mám jen Comodo. Ten druhý je součástí Avastu, ale nemám ho aktivní, když bych ho chtěla, musela bych ho zaplatit. Nemám firewall od Avastu. O žádném jiném firewallu nevím. Žádný se nezobrazuje ani v nainstalovaných programech. Než jsem udělala test ComboFix, vypnula jsem Avast i Comodo.

Mám ten počítač hodně zaneřáděný? Jestli by to bylo efektivnější, klidně ho naformátuju....

Díky.
Přílohy
fire.jpg
ASUS TUF Gaming A15 FA507NU-LP131W
AMD Ryzen 5 7535HS 3,3 GHz
NVIDIA GeForce RTX 4050
DDR5 16 GB
Windows 11 Home
Nahoru
Zamčeno

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 27 hostů