Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pomaly pocitac, zejmena mozilla
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pomaly pocitac, zejmena mozilla
Zdravim vsechny,
mam sice jiz zastaralejsi komp, nicmene myslim, ze by sel jeste trochu vylecit, hlavne jeho rychlost pri meneni oken atd.
Predem diky za kontrolu logy a navodu co dal.
Logfile of random's system information tool 1.08 (written by random/random)
Run by pavel at 2012-07-10 00:46:31
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 7 GB (9%) free of 76 GB
Total RAM: 2038 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 00:46, on 2012-07-10
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\windows\system32\spoolsv.exe
C:\windows\Explorer.EXE
C:\Program Files\Hotkeys\HotKeys.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\windows\PixArt\PAC7311\Monitor.exe
C:\Program Files\tbh\base\bin\tbhSystray.exe
C:\windows\system32\hkcmd.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\windows\RTHDCPL.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
C:\Program Files\Genius Multimedia\HyperMediaCenter\DTVR\Scheduled.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Genius TVGo DVB-T03\Genius TVGo DVB-T03 Utilities\AFRCtl.exe
C:\windows\system32\acs.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
C:\windows\system32\PnkBstrA.exe
C:\windows\system32\PnkBstrB.exe
C:\windows\system32\svchost.exe
C:\Program Files\tbh\monitor\bin\tbhMonitor.exe
c:\Program Files\tbh\base\bin\tbhDaemon.exe
C:\Program Files\NetLimiter 2 Pro\NLClient.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\totalcmd6\TOTALCMD.EXE
c:\Program Files\Winamp\winamp.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\pavel\Plocha\RSIT.exe
c:\Program Files\trend micro\pavel.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\windows\WebIE.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [TPSODDCtl] TPSODDCtl.exe
O4 - HKLM\..\Run: [00Hotkeys] "C:\Program Files\Hotkeys\HotKeys.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [PAC7311_Monitor] C:\windows\PixArt\PAC7311\Monitor.exe
O4 - HKLM\..\Run: [tbhSystray] C:\Program Files\tbh\base\bin\tbhSystray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [NSU_agent] "C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
O4 - HKCU\..\Run: [Center Agent] C:\Program Files\Genius Multimedia\HyperMediaCenter\DTVR\Scheduled.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - Startup: Remote Control.lnk = C:\Program Files\Genius TVGo DVB-T03\Genius TVGo DVB-T03 Utilities\AFRCtl.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\windows\WebIE.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\windows\system32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\windows\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\windows\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\windows\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\windows\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\windows\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\windows\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\windows\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\windows\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 6420384421
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://www.driveragent.com/files/driveragent.cab
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://neo.csa.cz/dana-cached/sc/Junip ... Client.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\windows\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll
O23 - Service: Atheros Configuration Service (acs) - Atheros - C:\windows\system32\acs.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InstallShield Licensing Service - Macrovision - C:\Program Files\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\windows\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: The Browser Highlighter Monitor (tbhMonitor.exe) - Unknown owner - C:\Program Files\tbh\monitor\bin\tbhMonitor.exe
--
End of file - 12692 bytes
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\AppleSoftwareUpdate.job
C:\windows\tasks\RealUpgradeLogonTaskS-1-5-21-2052111302-1659004503-725345543-1009.job
C:\windows\tasks\RealUpgradeScheduledTaskS-1-5-21-2052111302-1659004503-725345543-1009.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\windows\WebIE.dll [2010-03-29 491520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-06-23 386264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-06-07 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-06-07 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TPSODDCtl"=C:\windows\system32\TPSODDCtl.exe [2006-03-21 102400]
"00Hotkeys"=C:\Program Files\Hotkeys\HotKeys.exe [2006-12-02 45056]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"PAC7311_Monitor"=C:\windows\PixArt\PAC7311\Monitor.exe [2006-11-03 319488]
"tbhSystray"=C:\Program Files\tbh\base\bin\tbhSystray.exe [2012-07-02 492840]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2007-02-26 155648]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"RTHDCPL"=C:\windows\RTHDCPL.EXE [2008-06-27 16875008]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-03-07 4241512]
"NSU_agent"=C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe [2011-12-14 190768]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-11-02 59240]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-09-08 421888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NokiaOviSuite2"=C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2011-09-01 966712]
"Center Agent"=C:\Program Files\Genius Multimedia\HyperMediaCenter\DTVR\Scheduled.exe [2008-11-07 1520128]
"ctfmon.exe"=C:\windows\system32\ctfmon.exe [2008-04-14 15360]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Documents and Settings\pavel\Nabídka Start\Programy\Po spuštění
Remote Control.lnk - C:\Program Files\Genius TVGo DVB-T03\Genius TVGo DVB-T03 Utilities\AFRCtl.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2007-02-26 204800]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\windows\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\windows\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\games\Warcraft III\Warcraft III.exe"="C:\games\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\games\Command and Conquer Generals\game.dat"="C:\games\Command and Conquer Generals\game.dat:*:Enabled:game"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\tbh\base\bin\tbhDaemon.exe"="C:\Program Files\tbh\base\bin\tbhDaemon.exe:*:Enabled:The Browser Highlighter - Daemon"
"C:\Program Files\tbh\monitor\bin\tbhMonitor.exe"="C:\Program Files\tbh\monitor\bin\tbhMonitor.exe:*:Enabled:The Browser Highlighter - Monitor"
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2012-06-29 12:28:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\Juniper Networks
2012-06-29 12:28:03 ----D---- C:\Documents and Settings\pavel\Data aplikací\Juniper Networks
2012-06-18 12:45:10 ----HDC---- C:\windows\$NtUninstallKB2707511$
2012-06-18 12:23:55 ----HDC---- C:\windows\$NtUninstallKB2685939$
2012-06-18 12:15:34 ----HDC---- C:\windows\$NtUninstallKB2709162$
======List of files/folders modified in the last 1 months======
2012-07-10 00:46:33 ----D---- C:\Program Files\trend micro
2012-07-10 00:46:26 ----D---- C:\windows\Prefetch
2012-07-10 00:41:22 ----D---- C:\Documents and Settings\pavel\Data aplikací\Skype
2012-07-10 00:35:42 ----D---- C:\Program Files\Winamp
2012-07-10 00:35:34 ----D---- C:\Documents and Settings\pavel\Data aplikací\uTorrent
2012-07-10 00:34:42 ----D---- C:\windows\Minidump
2012-07-10 00:34:42 ----D---- C:\windows\Debug
2012-07-10 00:34:42 ----D---- C:\WINDOWS
2012-07-10 00:34:41 ----D---- C:\windows\temp
2012-07-10 00:31:33 ----SD---- C:\windows\Tasks
2012-07-10 00:29:43 ----D---- C:\Program Files\CCleaner
2012-07-09 22:04:08 ----A---- C:\windows\WINCMD.INI
2012-07-09 21:51:12 ----D---- C:\windows\system32\inetsrv
2012-07-08 23:59:29 ----A---- C:\windows\MAILTRAN.INI
2012-07-04 15:00:46 ----N---- C:\windows\SchedLgU.Txt
2012-07-02 21:04:49 ----SHD---- C:\windows\CSC
2012-07-02 13:11:32 ----D---- C:\windows\system32\CatRoot2
2012-06-30 09:22:09 ----D---- C:\Program Files\Mozilla Firefox
2012-06-30 09:20:52 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-06-30 09:19:40 ----RSHDC---- C:\windows\system32\dllcache
2012-06-30 09:16:22 ----D---- C:\windows\system32
2012-06-29 12:28:03 ----SD---- C:\windows\Downloaded Program Files
2012-06-27 06:59:16 ----HD---- C:\windows\inf
2012-06-24 00:01:21 ----A---- C:\windows\system32\FlashPlayerApp.exe
2012-06-23 00:06:48 ----A---- C:\windows\WDICT32.INI
2012-06-22 22:05:24 ----D---- C:\windows\Help
2012-06-18 14:14:31 ----RSD---- C:\windows\assembly
2012-06-18 14:11:35 ----D---- C:\windows\Microsoft.NET
2012-06-18 12:51:16 ----D---- C:\fotoz
2012-06-18 12:49:25 ----SHD---- C:\windows\Installer
2012-06-18 12:49:23 ----D---- C:\Config.Msi
2012-06-18 12:49:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2012-06-18 12:43:46 ----A---- C:\windows\system32\PerfStringBackup.INI
2012-06-18 12:42:59 ----D---- C:\windows\WinSxS
2012-06-18 12:26:52 ----A---- C:\windows\system32\MRT.exe
2012-06-18 12:25:42 ----D---- C:\Program Files\Internet Explorer
2012-06-18 12:24:39 ----D---- C:\windows\ie8updates
2012-06-18 12:24:15 ----HD---- C:\windows\$hf_mig$
2012-06-18 12:24:02 ----D---- C:\windows\system32\drivers
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\windows\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PxHelp20;PxHelp20; C:\windows\System32\Drivers\PxHelp20.sys [2010-06-10 45648]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2010-01-03 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\windows\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\windows\system32\drivers\Aavmker4.sys [2012-03-07 24920]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr.sys [2012-03-07 35672]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2012-03-07 612184]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2012-03-07 337880]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2012-03-07 53848]
R1 intelppm;Řadič procesoru Intel; C:\windows\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 nltdi;nltdi; \??\C:\WINDOWS\system32\drivers\nltdi.sys []
R1 StarOpen;StarOpen; C:\windows\system32\drivers\StarOpen.sys [2006-07-24 5632]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\windows\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2012-03-07 20696]
R2 aswMon2;avast! Standard Shield Support; C:\windows\system32\drivers\aswMon2.sys [2012-03-07 95704]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\windows\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\windows\system32\DRIVERS\nwlnknb.sys [2004-08-18 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\windows\system32\DRIVERS\nwlnkspx.sys [2004-08-18 55936]
R2 symlcbrd;symlcbrd; \??\C:\WINDOWS\system32\drivers\symlcbrd.sys []
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2006-08-31 1161152]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\windows\system32\DRIVERS\ar5211.sys [2007-04-05 546112]
R3 Arp1394;Protokol 1394 ARP Client; C:\windows\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\windows\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\windows\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\windows\system32\DRIVERS\igxpmp32.sys [2007-02-26 5700096]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RtkHDAud.sys [2008-06-27 4742656]
R3 mouhid;Ovladač myši standardu HID; C:\windows\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NIC1394;1394 Net Driver; C:\windows\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 NWRDR;NetWare Rdr; C:\windows\system32\DRIVERS\nwrdr.sys [2008-04-14 163584]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\windows\system32\DRIVERS\Rtenicxp.sys [2007-02-07 90880]
R3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys [2008-04-14 79232]
R3 tifm21;tifm21; C:\windows\system32\drivers\tifm21.sys [2006-07-06 168448]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\windows\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 WSIMD;wsimd Service; C:\windows\system32\DRIVERS\wsimd.sys [2006-11-15 55840]
S0 Lbd;Lbd; C:\windows\system32\DRIVERS\Lbd.sys []
S0 lischna;lischna; C:\windows\System32\drivers\jwupsc.sys []
S1 kbdhid;Ovladač klávesnice standardu HID; C:\windows\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
S3 AF15BDA;AF9015 BDA Filter; C:\windows\system32\DRIVERS\AF15BDA.sys [2009-06-03 483200]
S3 Ambfilt;Ambfilt; C:\windows\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 aw5rcuuz;aw5rcuuz; C:\windows\system32\drivers\aw5rcuuz.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\pavel\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\windows\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 hamachi;Hamachi Network Interface; C:\windows\system32\DRIVERS\hamachi.sys [2009-02-05 17480]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2006-11-28 1476096]
S3 Monfilt;Monfilt; C:\windows\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MPE;BDA MPE Filter; C:\windows\system32\DRIVERS\MPE.sys [2004-07-09 15104]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\windows\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\windows\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 Ndisprot;ArcNet NDIS Protocol Driver; \??\C:\windows\system32\drivers\Ndisprot.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmb.sys [2011-05-18 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbo.sys [2011-05-18 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\windows\system32\drivers\nmwcdnsu.sys [2011-05-18 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\windows\system32\drivers\nmwcdnsuc.sys [2011-05-18 8576]
S3 PAC7311;Trust Webcam Live; C:\windows\system32\DRIVERS\PA707UCM.SYS [2007-03-14 449024]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\windows\System32\Drivers\pcouffin.sys [2007-08-09 47360]
S3 sffdisk;Ovladač třídy úložiště SFF; C:\windows\system32\DRIVERS\sffdisk.sys [2008-04-14 11904]
S3 sffp_sd;Ovladač protokolu úložiště SFF pro paměť sběrnici SDBus; C:\windows\system32\DRIVERS\sffp_sd.sys [2008-04-14 11008]
S3 SLIP;BDA Slip De-Framer; C:\windows\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\windows\system32\DRIVERS\ssm_bus.sys [2007-05-02 83592]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\windows\system32\DRIVERS\ssm_mdfl.sys [2007-05-02 15112]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\windows\system32\DRIVERS\ssm_mdm.sys [2007-05-02 109704]
S3 StMp3Rec;Player Recovery Device Control Driver; C:\windows\System32\Drivers\StMp3Rec.sys [2006-06-29 71368]
S3 streamip;BDA IPSink; C:\windows\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\windows\system32\DRIVERS\SymIM.sys []
S3 SymIMMP;SymIMMP; C:\windows\system32\DRIVERS\SymIM.sys []
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerflt.sys [2011-05-18 8192]
S3 USBAAPL;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl.sys [2011-08-02 42496]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\windows\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\windows\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-05-18 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\windows\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Wdf01000; C:\windows\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\windows\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\windows\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\windows\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 acs;Atheros Configuration Service; C:\windows\system32\acs.exe [2007-03-21 364629]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\WINDOWS\system32\agrsmsvc.exe [2006-09-12 9216]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-10-24 55144]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-03-07 44768]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 390504]
R2 Capture Device Service;Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [2007-03-06 198168]
R2 IISADMIN;Správa služby IIS; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
R2 nlsvc;NetLimiter; C:\Program Files\NetLimiter 2 Pro\nlsvc.exe [2007-03-21 516096]
R2 NWCWorkstation;Klient systému NetWare; C:\windows\system32\svchost.exe [2008-04-14 14336]
R2 PnkBstrA;PnkBstrA; C:\windows\system32\PnkBstrA.exe [2009-06-24 66872]
R2 PnkBstrB;PnkBstrB; C:\windows\system32\PnkBstrB.exe [2009-06-24 103736]
R2 SMTPSVC;Simple Mail Transport Protocol (SMTP); C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
R2 tbhMonitor.exe;The Browser Highlighter Monitor; C:\Program Files\tbh\monitor\bin\tbhMonitor.exe [2009-10-22 70952]
R2 W3SVC;Publikování na webu; C:\windows\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\windows\system32\svchost.exe [2008-04-14 14336]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2008-04-14 14336]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2008-04-14 14336]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-24 250056]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-03-10 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 InstallShield Licensing Service;InstallShield Licensing Service; C:\Program Files\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe [2007-12-14 78536]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-30 113120]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
mam sice jiz zastaralejsi komp, nicmene myslim, ze by sel jeste trochu vylecit, hlavne jeho rychlost pri meneni oken atd.
Predem diky za kontrolu logy a navodu co dal.
Logfile of random's system information tool 1.08 (written by random/random)
Run by pavel at 2012-07-10 00:46:31
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 7 GB (9%) free of 76 GB
Total RAM: 2038 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 00:46, on 2012-07-10
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\windows\system32\spoolsv.exe
C:\windows\Explorer.EXE
C:\Program Files\Hotkeys\HotKeys.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\windows\PixArt\PAC7311\Monitor.exe
C:\Program Files\tbh\base\bin\tbhSystray.exe
C:\windows\system32\hkcmd.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\windows\RTHDCPL.EXE
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
C:\Program Files\Genius Multimedia\HyperMediaCenter\DTVR\Scheduled.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Genius TVGo DVB-T03\Genius TVGo DVB-T03 Utilities\AFRCtl.exe
C:\windows\system32\acs.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
C:\windows\system32\PnkBstrA.exe
C:\windows\system32\PnkBstrB.exe
C:\windows\system32\svchost.exe
C:\Program Files\tbh\monitor\bin\tbhMonitor.exe
c:\Program Files\tbh\base\bin\tbhDaemon.exe
C:\Program Files\NetLimiter 2 Pro\NLClient.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\totalcmd6\TOTALCMD.EXE
c:\Program Files\Winamp\winamp.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\pavel\Plocha\RSIT.exe
c:\Program Files\trend micro\pavel.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\windows\WebIE.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [TPSODDCtl] TPSODDCtl.exe
O4 - HKLM\..\Run: [00Hotkeys] "C:\Program Files\Hotkeys\HotKeys.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [PAC7311_Monitor] C:\windows\PixArt\PAC7311\Monitor.exe
O4 - HKLM\..\Run: [tbhSystray] C:\Program Files\tbh\base\bin\tbhSystray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [NSU_agent] "C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
O4 - HKCU\..\Run: [Center Agent] C:\Program Files\Genius Multimedia\HyperMediaCenter\DTVR\Scheduled.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - Startup: Remote Control.lnk = C:\Program Files\Genius TVGo DVB-T03\Genius TVGo DVB-T03 Utilities\AFRCtl.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\windows\WebIE.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\windows\system32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\windows\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\windows\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\windows\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\windows\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\windows\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\windows\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\windows\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\windows\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 6420384421
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://www.driveragent.com/files/driveragent.cab
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://neo.csa.cz/dana-cached/sc/Junip ... Client.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\windows\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\windows\system32\browseui.dll
O23 - Service: Atheros Configuration Service (acs) - Atheros - C:\windows\system32\acs.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InstallShield Licensing Service - Macrovision - C:\Program Files\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\windows\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: The Browser Highlighter Monitor (tbhMonitor.exe) - Unknown owner - C:\Program Files\tbh\monitor\bin\tbhMonitor.exe
--
End of file - 12692 bytes
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\AppleSoftwareUpdate.job
C:\windows\tasks\RealUpgradeLogonTaskS-1-5-21-2052111302-1659004503-725345543-1009.job
C:\windows\tasks\RealUpgradeScheduledTaskS-1-5-21-2052111302-1659004503-725345543-1009.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\windows\WebIE.dll [2010-03-29 491520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Documents and Settings\All Users\Data aplikací\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-06-23 386264]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-06-07 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-06-07 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TPSODDCtl"=C:\windows\system32\TPSODDCtl.exe [2006-03-21 102400]
"00Hotkeys"=C:\Program Files\Hotkeys\HotKeys.exe [2006-12-02 45056]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"PAC7311_Monitor"=C:\windows\PixArt\PAC7311\Monitor.exe [2006-11-03 319488]
"tbhSystray"=C:\Program Files\tbh\base\bin\tbhSystray.exe [2012-07-02 492840]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2007-02-26 155648]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"RTHDCPL"=C:\windows\RTHDCPL.EXE [2008-06-27 16875008]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-03-07 4241512]
"NSU_agent"=C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe [2011-12-14 190768]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-11-02 59240]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-09-08 421888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"NokiaOviSuite2"=C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2011-09-01 966712]
"Center Agent"=C:\Program Files\Genius Multimedia\HyperMediaCenter\DTVR\Scheduled.exe [2008-11-07 1520128]
"ctfmon.exe"=C:\windows\system32\ctfmon.exe [2008-04-14 15360]
"PC Suite Tray"=C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [2009-11-11 1451520]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Documents and Settings\pavel\Nabídka Start\Programy\Po spuštění
Remote Control.lnk - C:\Program Files\Genius TVGo DVB-T03\Genius TVGo DVB-T03 Utilities\AFRCtl.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2007-02-26 204800]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\windows\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\windows\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\uTorrent\utorrent.exe"="C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\VideoLAN\VLC\vlc.exe"="C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player"
"C:\games\Warcraft III\Warcraft III.exe"="C:\games\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\games\Command and Conquer Generals\game.dat"="C:\games\Command and Conquer Generals\game.dat:*:Enabled:game"
"C:\WINDOWS\system32\dplaysvr.exe"="C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\tbh\base\bin\tbhDaemon.exe"="C:\Program Files\tbh\base\bin\tbhDaemon.exe:*:Enabled:The Browser Highlighter - Daemon"
"C:\Program Files\tbh\monitor\bin\tbhMonitor.exe"="C:\Program Files\tbh\monitor\bin\tbhMonitor.exe:*:Enabled:The Browser Highlighter - Monitor"
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Opera\opera.exe"="C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
======List of files/folders created in the last 1 months======
2012-06-29 12:28:12 ----D---- C:\Documents and Settings\All Users\Data aplikací\Juniper Networks
2012-06-29 12:28:03 ----D---- C:\Documents and Settings\pavel\Data aplikací\Juniper Networks
2012-06-18 12:45:10 ----HDC---- C:\windows\$NtUninstallKB2707511$
2012-06-18 12:23:55 ----HDC---- C:\windows\$NtUninstallKB2685939$
2012-06-18 12:15:34 ----HDC---- C:\windows\$NtUninstallKB2709162$
======List of files/folders modified in the last 1 months======
2012-07-10 00:46:33 ----D---- C:\Program Files\trend micro
2012-07-10 00:46:26 ----D---- C:\windows\Prefetch
2012-07-10 00:41:22 ----D---- C:\Documents and Settings\pavel\Data aplikací\Skype
2012-07-10 00:35:42 ----D---- C:\Program Files\Winamp
2012-07-10 00:35:34 ----D---- C:\Documents and Settings\pavel\Data aplikací\uTorrent
2012-07-10 00:34:42 ----D---- C:\windows\Minidump
2012-07-10 00:34:42 ----D---- C:\windows\Debug
2012-07-10 00:34:42 ----D---- C:\WINDOWS
2012-07-10 00:34:41 ----D---- C:\windows\temp
2012-07-10 00:31:33 ----SD---- C:\windows\Tasks
2012-07-10 00:29:43 ----D---- C:\Program Files\CCleaner
2012-07-09 22:04:08 ----A---- C:\windows\WINCMD.INI
2012-07-09 21:51:12 ----D---- C:\windows\system32\inetsrv
2012-07-08 23:59:29 ----A---- C:\windows\MAILTRAN.INI
2012-07-04 15:00:46 ----N---- C:\windows\SchedLgU.Txt
2012-07-02 21:04:49 ----SHD---- C:\windows\CSC
2012-07-02 13:11:32 ----D---- C:\windows\system32\CatRoot2
2012-06-30 09:22:09 ----D---- C:\Program Files\Mozilla Firefox
2012-06-30 09:20:52 ----D---- C:\Program Files\Mozilla Maintenance Service
2012-06-30 09:19:40 ----RSHDC---- C:\windows\system32\dllcache
2012-06-30 09:16:22 ----D---- C:\windows\system32
2012-06-29 12:28:03 ----SD---- C:\windows\Downloaded Program Files
2012-06-27 06:59:16 ----HD---- C:\windows\inf
2012-06-24 00:01:21 ----A---- C:\windows\system32\FlashPlayerApp.exe
2012-06-23 00:06:48 ----A---- C:\windows\WDICT32.INI
2012-06-22 22:05:24 ----D---- C:\windows\Help
2012-06-18 14:14:31 ----RSD---- C:\windows\assembly
2012-06-18 14:11:35 ----D---- C:\windows\Microsoft.NET
2012-06-18 12:51:16 ----D---- C:\fotoz
2012-06-18 12:49:25 ----SHD---- C:\windows\Installer
2012-06-18 12:49:23 ----D---- C:\Config.Msi
2012-06-18 12:49:03 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2012-06-18 12:43:46 ----A---- C:\windows\system32\PerfStringBackup.INI
2012-06-18 12:42:59 ----D---- C:\windows\WinSxS
2012-06-18 12:26:52 ----A---- C:\windows\system32\MRT.exe
2012-06-18 12:25:42 ----D---- C:\Program Files\Internet Explorer
2012-06-18 12:24:39 ----D---- C:\windows\ie8updates
2012-06-18 12:24:15 ----HD---- C:\windows\$hf_mig$
2012-06-18 12:24:02 ----D---- C:\windows\system32\drivers
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\windows\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 PxHelp20;PxHelp20; C:\windows\System32\Drivers\PxHelp20.sys [2010-06-10 45648]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2010-01-03 691696]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\windows\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\windows\system32\drivers\Aavmker4.sys [2012-03-07 24920]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr.sys [2012-03-07 35672]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2012-03-07 612184]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2012-03-07 337880]
R1 aswTdi;avast! Network Shield Support; C:\windows\system32\drivers\aswTdi.sys [2012-03-07 53848]
R1 intelppm;Řadič procesoru Intel; C:\windows\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 nltdi;nltdi; \??\C:\WINDOWS\system32\drivers\nltdi.sys []
R1 StarOpen;StarOpen; C:\windows\system32\drivers\StarOpen.sys [2006-07-24 5632]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\windows\System32\drivers\ws2ifsl.sys [2004-08-18 12032]
R2 aswFsBlk;aswFsBlk; C:\windows\system32\drivers\aswFsBlk.sys [2012-03-07 20696]
R2 aswMon2;avast! Standard Shield Support; C:\windows\system32\drivers\aswMon2.sys [2012-03-07 95704]
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\windows\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\windows\system32\DRIVERS\nwlnknb.sys [2004-08-18 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\windows\system32\DRIVERS\nwlnkspx.sys [2004-08-18 55936]
R2 symlcbrd;symlcbrd; \??\C:\WINDOWS\system32\drivers\symlcbrd.sys []
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2006-08-31 1161152]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\windows\system32\DRIVERS\ar5211.sys [2007-04-05 546112]
R3 Arp1394;Protokol 1394 ARP Client; C:\windows\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\windows\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\windows\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\windows\system32\DRIVERS\igxpmp32.sys [2007-02-26 5700096]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RtkHDAud.sys [2008-06-27 4742656]
R3 mouhid;Ovladač myši standardu HID; C:\windows\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 NIC1394;1394 Net Driver; C:\windows\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 NWRDR;NetWare Rdr; C:\windows\system32\DRIVERS\nwrdr.sys [2008-04-14 163584]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\windows\system32\DRIVERS\Rtenicxp.sys [2007-02-07 90880]
R3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys [2008-04-14 79232]
R3 tifm21;tifm21; C:\windows\system32\drivers\tifm21.sys [2006-07-06 168448]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\windows\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 WSIMD;wsimd Service; C:\windows\system32\DRIVERS\wsimd.sys [2006-11-15 55840]
S0 Lbd;Lbd; C:\windows\system32\DRIVERS\Lbd.sys []
S0 lischna;lischna; C:\windows\System32\drivers\jwupsc.sys []
S1 kbdhid;Ovladač klávesnice standardu HID; C:\windows\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
S3 AF15BDA;AF9015 BDA Filter; C:\windows\system32\DRIVERS\AF15BDA.sys [2009-06-03 483200]
S3 Ambfilt;Ambfilt; C:\windows\system32\drivers\Ambfilt.sys [2009-11-18 1691480]
S3 aw5rcuuz;aw5rcuuz; C:\windows\system32\drivers\aw5rcuuz.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\pavel\LOCALS~1\Temp\catchme.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\windows\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 hamachi;Hamachi Network Interface; C:\windows\system32\DRIVERS\hamachi.sys [2009-02-05 17480]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2006-11-28 1476096]
S3 Monfilt;Monfilt; C:\windows\system32\drivers\Monfilt.sys [2009-11-18 1395800]
S3 MPE;BDA MPE Filter; C:\windows\system32\DRIVERS\MPE.sys [2004-07-09 15104]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\windows\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\windows\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\windows\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 Ndisprot;ArcNet NDIS Protocol Driver; \??\C:\windows\system32\drivers\Ndisprot.sys []
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmb.sys [2011-05-18 18176]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbo.sys [2011-05-18 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\windows\system32\drivers\nmwcdnsu.sys [2011-05-18 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\windows\system32\drivers\nmwcdnsuc.sys [2011-05-18 8576]
S3 PAC7311;Trust Webcam Live; C:\windows\system32\DRIVERS\PA707UCM.SYS [2007-03-14 449024]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\windows\System32\Drivers\pcouffin.sys [2007-08-09 47360]
S3 sffdisk;Ovladač třídy úložiště SFF; C:\windows\system32\DRIVERS\sffdisk.sys [2008-04-14 11904]
S3 sffp_sd;Ovladač protokolu úložiště SFF pro paměť sběrnici SDBus; C:\windows\system32\DRIVERS\sffp_sd.sys [2008-04-14 11008]
S3 SLIP;BDA Slip De-Framer; C:\windows\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\windows\system32\DRIVERS\ssm_bus.sys [2007-05-02 83592]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\windows\system32\DRIVERS\ssm_mdfl.sys [2007-05-02 15112]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\windows\system32\DRIVERS\ssm_mdm.sys [2007-05-02 109704]
S3 StMp3Rec;Player Recovery Device Control Driver; C:\windows\System32\Drivers\StMp3Rec.sys [2006-06-29 71368]
S3 streamip;BDA IPSink; C:\windows\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\windows\system32\DRIVERS\SymIM.sys []
S3 SymIMMP;SymIMMP; C:\windows\system32\DRIVERS\SymIM.sys []
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerflt.sys [2011-05-18 8192]
S3 USBAAPL;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl.sys [2011-08-02 42496]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\windows\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Třída USB Printer; C:\windows\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltj.sys [2011-05-18 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\windows\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Wdf01000; C:\windows\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\windows\System32\Drivers\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\windows\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\windows\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 acs;Atheros Configuration Service; C:\windows\system32\acs.exe [2007-03-21 364629]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\WINDOWS\system32\agrsmsvc.exe [2006-09-12 9216]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-10-24 55144]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-03-07 44768]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 390504]
R2 Capture Device Service;Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [2007-03-06 198168]
R2 IISADMIN;Správa služby IIS; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
R2 nlsvc;NetLimiter; C:\Program Files\NetLimiter 2 Pro\nlsvc.exe [2007-03-21 516096]
R2 NWCWorkstation;Klient systému NetWare; C:\windows\system32\svchost.exe [2008-04-14 14336]
R2 PnkBstrA;PnkBstrA; C:\windows\system32\PnkBstrA.exe [2009-06-24 66872]
R2 PnkBstrB;PnkBstrB; C:\windows\system32\PnkBstrB.exe [2009-06-24 103736]
R2 SMTPSVC;Simple Mail Transport Protocol (SMTP); C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
R2 tbhMonitor.exe;The Browser Highlighter Monitor; C:\Program Files\tbh\monitor\bin\tbhMonitor.exe [2009-10-22 70952]
R2 W3SVC;Publikování na webu; C:\windows\system32\inetsrv\inetinfo.exe [2008-04-14 15872]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\windows\system32\svchost.exe [2008-04-14 14336]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2011-06-08 633856]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2008-04-14 14336]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2008-04-14 14336]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-24 250056]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-03-10 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 idsvc;Windows CardSpace; c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 InstallShield Licensing Service;InstallShield Licensing Service; C:\Program Files\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe [2007-12-14 78536]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-30 113120]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Re: Pomaly pocitac, zejmena mozilla
Zdravim, pekny den preji a vitam Vas u nas na foru
Odinstalujte McAfee Security Scan, Avast bohate staci
Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
Odinstalujte McAfee Security Scan, Avast bohate staci
Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
- Ukoncete vsechny programy
- Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
- Pockejte na dokonceni PreScanu
- Zvolte moznost Prohledat (scan)
- Po dokonceni skenu kliknete na Zpráva (Report)- otevre se log, ten sem vlozte
- Kliknete na volbu Change parametrs
- V obou oknech (Objects to scan i Additional Option) zakliknete vsechny moznosti - ve vsech ctvereccich musi mit fajecka
- Kliknete na OK
- Utilite prikazte, at skenuje - klik na Start Scan
- Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
- Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
- Pokud mate vsude Skip, kliknete na Continue
- Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte
Re: Pomaly pocitac, zejmena mozilla
Zdravim,
dekuji za odpoved a omlouvam se za pozdni reakci.
Log z RogueKilleru:
RogueKiller V7.6.3 [07/08/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v: Normální režim
Uživatel: pavel [Práva správce]
Mód: Kontrola -- Datum: 07/12/2012 00:00:44
¤¤¤ Škodlivé procesy: 1 ¤¤¤
[SUSP PATH] JuniperSetupClient.exe -- C:\Documents and Settings\pavel\Data aplikací\Juniper Networks\Setup Client\JuniperSetupClient.exe -> KILLED [TermProc]
¤¤¤ Záznamy Registrů: 2 ¤¤¤
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HIDDEN KEY] HKLM\[...]\Services : P () -> FOUND
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač: [NAHRÁNO] ¤¤¤
IRP[IRP_MJ_CREATE] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xF7A40B40)
IRP[IRP_MJ_CLOSE] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xF7A40B40)
IRP[IRP_MJ_DEVICE_CONTROL] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xF7A40B40)
IRP[IRP_MJ_INTERNAL_DEVICE_CONTROL] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xF7A40B40)
IRP[IRP_MJ_SYSTEM_CONTROL] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xF7A40B40)
IRP[IRP_MJ_DEVICE_CHANGE] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xF7A40B40)
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
ÿþ1
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS541680J9SA00 +++++
--- User ---
[MBR] cc0cf86a36ce335befeca20b844b4911
[BSP] 1817dd6f9f17ac612d3209d876ebee3b : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 76308 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[1].txt >>
RKreport[1].txt
Log z TDSSKilleru:
00:02:31.0312 2712 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
00:02:31.0687 2712 ============================================================
00:02:31.0687 2712 Current date / time: 2012/07/12 00:02:31.0687
00:02:31.0687 2712 SystemInfo:
00:02:31.0687 2712
00:02:31.0687 2712 OS Version: 5.1.2600 ServicePack: 3.0
00:02:31.0687 2712 Product type: Workstation
00:02:31.0687 2712 ComputerName: KLEOPATRA
00:02:31.0687 2712 UserName: pavel
00:02:31.0687 2712 Windows directory: C:\windows
00:02:31.0687 2712 System windows directory: C:\windows
00:02:31.0687 2712 Processor architecture: Intel x86
00:02:31.0687 2712 Number of processors: 2
00:02:31.0687 2712 Page size: 0x1000
00:02:31.0687 2712 Boot type: Normal boot
00:02:31.0687 2712 ============================================================
00:02:34.0281 2712 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
00:02:34.0296 2712 ============================================================
00:02:34.0296 2712 \Device\Harddisk0\DR0:
00:02:34.0296 2712 MBR partitions:
00:02:34.0296 2712 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1
00:02:34.0296 2712 ============================================================
00:02:34.0312 2712 C: <-> \Device\Harddisk0\DR0\Partition0
00:02:34.0312 2712 ============================================================
00:02:34.0312 2712 Initialize success
00:02:34.0312 2712 ============================================================
00:03:06.0296 6076 ============================================================
00:03:06.0296 6076 Scan started
00:03:06.0296 6076 Mode: Manual; SigCheck; TDLFS;
00:03:06.0296 6076 ============================================================
00:03:06.0593 6076 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\windows\system32\drivers\Aavmker4.sys
00:03:07.0093 6076 Aavmker4 - ok
00:03:07.0093 6076 Abiosdsk - ok
00:03:07.0109 6076 abp480n5 - ok
00:03:07.0171 6076 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\windows\system32\DRIVERS\ACPI.sys
00:03:08.0203 6076 ACPI - ok
00:03:08.0281 6076 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\windows\system32\DRIVERS\ACPIEC.sys
00:03:08.0437 6076 ACPIEC - ok
00:03:08.0484 6076 acs (a1c6d11c11a55ceca432ac00f293a9ed) C:\windows\system32\acs.exe
00:03:08.0531 6076 acs ( UnsignedFile.Multi.Generic ) - warning
00:03:08.0531 6076 acs - detected UnsignedFile.Multi.Generic (1)
00:03:08.0625 6076 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
00:03:08.0656 6076 AdobeFlashPlayerUpdateSvc - ok
00:03:08.0656 6076 adpu160m - ok
00:03:08.0687 6076 aec (8bed39e3c35d6a489438b8141717a557) C:\windows\system32\drivers\aec.sys
00:03:08.0875 6076 aec - ok
00:03:09.0015 6076 AF15BDA (e3f08935158038d385ad382442f4bb2d) C:\windows\system32\DRIVERS\AF15BDA.sys
00:03:09.0093 6076 AF15BDA - ok
00:03:09.0140 6076 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\windows\System32\drivers\afd.sys
00:03:09.0203 6076 AFD - ok
00:03:09.0250 6076 AgereModemAudio (1cb677bf1dabd3baf4f944e2c90d6c73) C:\WINDOWS\system32\agrsmsvc.exe
00:03:09.0296 6076 AgereModemAudio - ok
00:03:09.0390 6076 AgereSoftModem (4e6294a06be883c9bd685a8dfd9fcd4e) C:\windows\system32\DRIVERS\AGRSM.sys
00:03:09.0500 6076 AgereSoftModem - ok
00:03:09.0500 6076 Aha154x - ok
00:03:09.0515 6076 aic78u2 - ok
00:03:09.0515 6076 aic78xx - ok
00:03:09.0562 6076 Alerter (e0a6fa244b8624d78fe5ff6f56a33bae) C:\windows\system32\alrsvc.dll
00:03:09.0781 6076 Alerter - ok
00:03:09.0843 6076 ALG (88842de939a827577bf24243699ac80a) C:\windows\System32\alg.exe
00:03:10.0000 6076 ALG - ok
00:03:10.0000 6076 AliIde - ok
00:03:10.0125 6076 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\windows\system32\drivers\Ambfilt.sys
00:03:10.0203 6076 Ambfilt - ok
00:03:10.0265 6076 amsint - ok
00:03:10.0421 6076 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:03:10.0437 6076 Apple Mobile Device - ok
00:03:10.0515 6076 AppMgmt (6b8e7a90e576d4fe308f97c69060a171) C:\windows\System32\appmgmts.dll
00:03:10.0656 6076 AppMgmt - ok
00:03:10.0734 6076 AR5211 (78e15866befe8b940046c36ba92f9eb6) C:\windows\system32\DRIVERS\ar5211.sys
00:03:10.0828 6076 AR5211 - ok
00:03:10.0890 6076 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\windows\system32\DRIVERS\arp1394.sys
00:03:11.0109 6076 Arp1394 - ok
00:03:11.0109 6076 asc - ok
00:03:11.0109 6076 asc3350p - ok
00:03:11.0125 6076 asc3550 - ok
00:03:11.0250 6076 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
00:03:11.0296 6076 aspnet_state - ok
00:03:11.0328 6076 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\windows\system32\drivers\aswFsBlk.sys
00:03:11.0343 6076 aswFsBlk - ok
00:03:11.0375 6076 aswMon2 (8c30b7ddd2f1d8d138ebe40345af2b11) C:\windows\system32\drivers\aswMon2.sys
00:03:11.0406 6076 aswMon2 - ok
00:03:11.0437 6076 aswRdr (da12626fd9a67f4e917e2f2fbe1e1764) C:\windows\system32\drivers\aswRdr.sys
00:03:11.0453 6076 aswRdr - ok
00:03:11.0546 6076 aswSnx (dcb199b967375753b5019ec15f008f53) C:\windows\system32\drivers\aswSnx.sys
00:03:11.0578 6076 aswSnx - ok
00:03:11.0609 6076 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\windows\system32\drivers\aswSP.sys
00:03:11.0640 6076 aswSP - ok
00:03:11.0687 6076 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\windows\system32\drivers\aswTdi.sys
00:03:11.0718 6076 aswTdi - ok
00:03:11.0750 6076 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\windows\system32\DRIVERS\asyncmac.sys
00:03:11.0953 6076 AsyncMac - ok
00:03:12.0000 6076 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\windows\system32\DRIVERS\atapi.sys
00:03:12.0140 6076 atapi - ok
00:03:12.0140 6076 Atdisk - ok
00:03:12.0171 6076 Atmarpc (9916c1225104ba14794209cfa8012159) C:\windows\system32\DRIVERS\atmarpc.sys
00:03:12.0296 6076 Atmarpc - ok
00:03:12.0343 6076 AudioSrv (de31b88962a8645dba5a37b993e7b0f1) C:\windows\System32\audiosrv.dll
00:03:12.0500 6076 AudioSrv - ok
00:03:12.0546 6076 audstub (d9f724aa26c010a217c97606b160ed68) C:\windows\system32\DRIVERS\audstub.sys
00:03:12.0687 6076 audstub - ok
00:03:12.0828 6076 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
00:03:12.0843 6076 avast! Antivirus - ok
00:03:12.0890 6076 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\windows\system32\drivers\Beep.sys
00:03:13.0109 6076 Beep - ok
00:03:13.0203 6076 BITS (19395d092fd85ddc2d9c7729cf5a2ac8) C:\windows\system32\qmgr.dll
00:03:13.0562 6076 BITS - ok
00:03:13.0656 6076 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
00:03:13.0703 6076 Bonjour Service - ok
00:03:13.0750 6076 Browser (249276d3ef1e74b992299cb96099e4d7) C:\windows\System32\browser.dll
00:03:13.0953 6076 Browser - ok
00:03:14.0062 6076 Capture Device Service (1778eba872274c1226d869cd9486847e) C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
00:03:14.0078 6076 Capture Device Service - ok
00:03:14.0437 6076 catchme - ok
00:03:14.0593 6076 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\windows\system32\drivers\cbidf2k.sys
00:03:14.0796 6076 cbidf2k - ok
00:03:14.0875 6076 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\windows\system32\DRIVERS\CCDECODE.sys
00:03:15.0015 6076 CCDECODE - ok
00:03:15.0015 6076 cd20xrnt - ok
00:03:15.0062 6076 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\windows\system32\drivers\Cdaudio.sys
00:03:15.0234 6076 Cdaudio - ok
00:03:15.0265 6076 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\windows\system32\drivers\Cdfs.sys
00:03:15.0406 6076 Cdfs - ok
00:03:15.0453 6076 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\windows\system32\DRIVERS\cdrom.sys
00:03:15.0500 6076 Cdrom - ok
00:03:15.0515 6076 Changer - ok
00:03:15.0546 6076 CiSvc (e390dc1d7c461d7d56ec53402f329928) C:\windows\system32\cisvc.exe
00:03:15.0687 6076 CiSvc - ok
00:03:15.0703 6076 ClipSrv (064507a8dfa8c5c7e2ffddd3e6f424fa) C:\windows\system32\clipsrv.exe
00:03:15.0843 6076 ClipSrv - ok
00:03:15.0937 6076 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:03:16.0000 6076 clr_optimization_v2.0.50727_32 - ok
00:03:16.0031 6076 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\windows\system32\DRIVERS\CmBatt.sys
00:03:16.0171 6076 CmBatt - ok
00:03:16.0171 6076 CmdIde - ok
00:03:16.0234 6076 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\windows\system32\DRIVERS\compbatt.sys
00:03:16.0375 6076 Compbatt - ok
00:03:16.0375 6076 COMSysApp - ok
00:03:16.0390 6076 Cpqarray - ok
00:03:16.0468 6076 CryptSvc (f3ab0933cbd166d271992f411c27ccaf) C:\windows\System32\cryptsvc.dll
00:03:16.0671 6076 CryptSvc - ok
00:03:16.0671 6076 dac2w2k - ok
00:03:16.0687 6076 dac960nt - ok
00:03:16.0781 6076 DcomLaunch (be27674d1cbc3214aec84b4336a38bbf) C:\windows\system32\rpcss.dll
00:03:16.0828 6076 DcomLaunch - ok
00:03:16.0875 6076 Dhcp (8c9a53e285ac5e6704844d0459ec85be) C:\windows\System32\dhcpcsvc.dll
00:03:17.0078 6076 Dhcp - ok
00:03:17.0093 6076 Disk (044452051f3e02e7963599fc8f4f3e25) C:\windows\system32\DRIVERS\disk.sys
00:03:17.0296 6076 Disk - ok
00:03:17.0296 6076 dmadmin - ok
00:03:17.0375 6076 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\windows\system32\drivers\dmboot.sys
00:03:17.0531 6076 dmboot - ok
00:03:17.0562 6076 dmio (fff1720af51171f32f1ead5cf71f2810) C:\windows\system32\drivers\dmio.sys
00:03:17.0687 6076 dmio - ok
00:03:17.0734 6076 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\windows\system32\drivers\dmload.sys
00:03:17.0875 6076 dmload - ok
00:03:17.0968 6076 dmserver (2bfefe9e865655a76982f050450b9591) C:\windows\System32\dmserver.dll
00:03:18.0078 6076 dmserver - ok
00:03:18.0109 6076 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\windows\system32\drivers\DMusic.sys
00:03:18.0250 6076 DMusic - ok
00:03:18.0281 6076 Dnscache (dfaa406bf19f4ee806a6f8d4342137f7) C:\windows\System32\dnsrslvr.dll
00:03:18.0343 6076 Dnscache - ok
00:03:18.0375 6076 Dot3svc (4a3e2bd20157a0946751229e92eb8621) C:\windows\System32\dot3svc.dll
00:03:18.0515 6076 Dot3svc - ok
00:03:18.0515 6076 dpti2o - ok
00:03:18.0546 6076 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\windows\system32\drivers\drmkaud.sys
00:03:18.0656 6076 drmkaud - ok
00:03:18.0734 6076 EapHost (0887d9c2be8d940778cad1e3b85f2a41) C:\windows\System32\eapsvc.dll
00:03:18.0875 6076 EapHost - ok
00:03:18.0921 6076 ERSvc (a2a4912798f2be706abadd3d30800d16) C:\windows\System32\ersvc.dll
00:03:19.0031 6076 ERSvc - ok
00:03:19.0078 6076 Eventlog (9ef697af07bb8dd82c3b02ca953a95b7) C:\windows\system32\services.exe
00:03:19.0109 6076 Eventlog - ok
00:03:19.0171 6076 EventSystem (a371f11ef07653591c8de26afb13ce7f) C:\WINDOWS\system32\es.dll
00:03:19.0218 6076 EventSystem - ok
00:03:19.0281 6076 Fastfat (38d332a6d56af32635675f132548343e) C:\windows\system32\drivers\Fastfat.sys
00:03:19.0437 6076 Fastfat - ok
00:03:19.0500 6076 FastUserSwitchingCompatibility (ee9a2b9ea968a792a053c9d1a86bf870) C:\windows\System32\shsvcs.dll
00:03:19.0593 6076 FastUserSwitchingCompatibility - ok
00:03:19.0625 6076 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\windows\system32\drivers\Fdc.sys
00:03:19.0796 6076 Fdc - ok
00:03:19.0828 6076 Fips (ac366695a0796560aa37215ad5762aaf) C:\windows\system32\drivers\Fips.sys
00:03:20.0015 6076 Fips - ok
00:03:20.0156 6076 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
00:03:20.0187 6076 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
00:03:20.0187 6076 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
00:03:20.0234 6076 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\windows\system32\drivers\Flpydisk.sys
00:03:20.0421 6076 Flpydisk - ok
00:03:20.0453 6076 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\windows\system32\drivers\fltmgr.sys
00:03:20.0625 6076 FltMgr - ok
00:03:20.0781 6076 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
00:03:20.0796 6076 FontCache3.0.0.0 - ok
00:03:20.0828 6076 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\windows\system32\drivers\Fs_Rec.sys
00:03:20.0984 6076 Fs_Rec - ok
00:03:21.0046 6076 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\windows\system32\DRIVERS\ftdisk.sys
00:03:21.0203 6076 Ftdisk - ok
00:03:21.0250 6076 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\windows\system32\DRIVERS\msgpc.sys
00:03:21.0406 6076 Gpc - ok
00:03:21.0453 6076 hamachi (d30b31375c40309425c21efe75db90bb) C:\windows\system32\DRIVERS\hamachi.sys
00:03:21.0468 6076 hamachi - ok
00:03:21.0484 6076 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\windows\system32\DRIVERS\HDAudBus.sys
00:03:21.0656 6076 HDAudBus - ok
00:03:21.0796 6076 helpsvc (fcfe31fb75f8a6295b6b0af87a626282) C:\windows\PCHealth\HelpCtr\Binaries\pchsvc.dll
00:03:21.0968 6076 helpsvc - ok
00:03:22.0046 6076 HidServ (00e25ee90166b3e1be6e74aebf858306) C:\windows\System32\hidserv.dll
00:03:22.0218 6076 HidServ - ok
00:03:22.0250 6076 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\windows\system32\DRIVERS\hidusb.sys
00:03:22.0437 6076 HidUsb - ok
00:03:22.0484 6076 hkmsvc (7a6b320928f86bc851530d63c82965d9) C:\windows\System32\kmsvc.dll
00:03:22.0609 6076 hkmsvc - ok
00:03:22.0609 6076 hpn - ok
00:03:22.0656 6076 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\windows\system32\Drivers\HTTP.sys
00:03:22.0687 6076 HTTP - ok
00:03:22.0703 6076 HTTPFilter (58fe2f2da3bc5573f4a35b3760d3125f) C:\windows\System32\w3ssl.dll
00:03:22.0843 6076 HTTPFilter - ok
00:03:22.0843 6076 i2omgmt - ok
00:03:22.0859 6076 i2omp - ok
00:03:22.0953 6076 i8042prt (c528e27945367191e7bae364930b6932) C:\windows\system32\DRIVERS\i8042prt.sys
00:03:23.0093 6076 i8042prt - ok
00:03:23.0406 6076 ialm (c1c2d6940d6ec2f247b0f3c11e0a18e0) C:\windows\system32\DRIVERS\igxpmp32.sys
00:03:23.0718 6076 ialm - ok
00:03:23.0875 6076 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
00:03:23.0906 6076 IDriverT ( UnsignedFile.Multi.Generic ) - warning
00:03:23.0906 6076 IDriverT - detected UnsignedFile.Multi.Generic (1)
00:03:24.0203 6076 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:03:24.0296 6076 idsvc - ok
00:03:24.0546 6076 igfx (14f477463246e35f1dc932be6225598c) C:\windows\system32\DRIVERS\igdkmd32.sys
00:03:24.0656 6076 igfx ( UnsignedFile.Multi.Generic ) - warning
00:03:24.0656 6076 igfx - detected UnsignedFile.Multi.Generic (1)
00:03:24.0781 6076 IISADMIN (07ad42303519a955560b5a19fe20b68f) C:\WINDOWS\system32\inetsrv\inetinfo.exe
00:03:25.0000 6076 IISADMIN - ok
00:03:25.0031 6076 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\windows\system32\DRIVERS\imapi.sys
00:03:25.0171 6076 Imapi - ok
00:03:25.0203 6076 ImapiService (f7b93aafad33b2320954c17e26c8d361) C:\windows\system32\imapi.exe
00:03:25.0343 6076 ImapiService - ok
00:03:25.0359 6076 ini910u - ok
00:03:25.0515 6076 InstallShield Licensing Service (199374ae729eeba68a6855db830dc238) C:\Program Files\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe
00:03:25.0531 6076 InstallShield Licensing Service - ok
00:03:25.0796 6076 IntcAzAudAddService (557e20484a095d949912883f5ab29e88) C:\windows\system32\drivers\RtkHDAud.sys
00:03:26.0078 6076 IntcAzAudAddService - ok
00:03:26.0171 6076 IntelIde - ok
00:03:26.0218 6076 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\windows\system32\DRIVERS\intelppm.sys
00:03:26.0421 6076 intelppm - ok
00:03:26.0453 6076 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\windows\system32\drivers\ip6fw.sys
00:03:26.0671 6076 Ip6Fw - ok
00:03:26.0750 6076 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\windows\system32\DRIVERS\ipfltdrv.sys
00:03:26.0890 6076 IpFilterDriver - ok
00:03:26.0953 6076 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\windows\system32\DRIVERS\ipinip.sys
00:03:27.0078 6076 IpInIp - ok
00:03:27.0109 6076 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\windows\system32\DRIVERS\ipnat.sys
00:03:27.0234 6076 IpNat - ok
00:03:27.0328 6076 IPSec (23c74d75e36e7158768dd63d92789a91) C:\windows\system32\DRIVERS\ipsec.sys
00:03:27.0484 6076 IPSec - ok
00:03:27.0515 6076 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\windows\system32\DRIVERS\irenum.sys
00:03:27.0671 6076 IRENUM - ok
00:03:27.0718 6076 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\windows\system32\DRIVERS\isapnp.sys
00:03:27.0890 6076 isapnp - ok
00:03:27.0921 6076 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\windows\system32\DRIVERS\kbdclass.sys
00:03:28.0062 6076 Kbdclass - ok
00:03:28.0093 6076 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\windows\system32\DRIVERS\kbdhid.sys
00:03:28.0218 6076 kbdhid - ok
00:03:28.0250 6076 kmixer (692bcf44383d056aed41b045a323d378) C:\windows\system32\drivers\kmixer.sys
00:03:28.0375 6076 kmixer - ok
00:03:28.0406 6076 KSecDD (b467646c54cc746128904e1654c750c1) C:\windows\system32\drivers\KSecDD.sys
00:03:28.0437 6076 KSecDD - ok
00:03:28.0484 6076 lanmanserver (3428e8f86f8add36b42fb23542c7b3e4) C:\windows\System32\srvsvc.dll
00:03:28.0531 6076 lanmanserver - ok
00:03:28.0578 6076 lanmanworkstation (936c1d110232d23b621cb0196e4f80f0) C:\windows\System32\wkssvc.dll
00:03:28.0609 6076 lanmanworkstation - ok
00:03:28.0625 6076 Lbd - ok
00:03:28.0625 6076 lbrtfdc - ok
00:03:28.0640 6076 lischna - ok
00:03:28.0703 6076 LmHosts (0ab159f536e3e8f7f07113702a07cca5) C:\windows\System32\lmhsvc.dll
00:03:28.0828 6076 LmHosts - ok
00:03:28.0843 6076 Messenger (221cd1c815b8a6b79389c3f5d1018de8) C:\windows\System32\msgsvc.dll
00:03:29.0031 6076 Messenger - ok
00:03:29.0203 6076 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
00:03:29.0218 6076 Microsoft Office Groove Audit Service - ok
00:03:29.0265 6076 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\windows\system32\drivers\mnmdd.sys
00:03:29.0468 6076 mnmdd - ok
00:03:29.0531 6076 mnmsrvc (9a57d046f88f4b69751b11fd40088a61) C:\WINDOWS\system32\mnmsrvc.exe
00:03:29.0750 6076 mnmsrvc - ok
00:03:29.0843 6076 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\windows\system32\drivers\Modem.sys
00:03:29.0984 6076 Modem - ok
00:03:30.0109 6076 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\windows\system32\drivers\Monfilt.sys
00:03:30.0171 6076 Monfilt - ok
00:03:30.0281 6076 Mouclass (4cb582831dbde63ce43b45d771218374) C:\windows\system32\DRIVERS\mouclass.sys
00:03:30.0484 6076 Mouclass - ok
00:03:30.0515 6076 mouhid (bb269eba740737ab749b214d568b6812) C:\windows\system32\DRIVERS\mouhid.sys
00:03:30.0687 6076 mouhid - ok
00:03:30.0703 6076 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\windows\system32\drivers\MountMgr.sys
00:03:30.0828 6076 MountMgr - ok
00:03:30.0968 6076 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
00:03:30.0984 6076 MozillaMaintenance - ok
00:03:31.0031 6076 MPE (83eff7b976ae24f1a496ca94a8a19919) C:\windows\system32\DRIVERS\MPE.sys
00:03:31.0078 6076 MPE - ok
00:03:31.0078 6076 mraid35x - ok
00:03:31.0140 6076 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\windows\system32\DRIVERS\mrxdav.sys
00:03:31.0281 6076 MRxDAV - ok
00:03:31.0359 6076 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\windows\system32\DRIVERS\mrxsmb.sys
00:03:31.0421 6076 MRxSmb - ok
00:03:31.0468 6076 MSDTC (6db4d1521caba9a5ffab54ade0ae867d) C:\WINDOWS\system32\msdtc.exe
00:03:31.0609 6076 MSDTC - ok
00:03:31.0625 6076 Msfs (c941ea2454ba8350021d774daf0f1027) C:\windows\system32\drivers\Msfs.sys
00:03:31.0765 6076 Msfs - ok
00:03:31.0765 6076 MSIServer - ok
00:03:31.0812 6076 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\windows\system32\drivers\MSKSSRV.sys
00:03:31.0968 6076 MSKSSRV - ok
00:03:32.0015 6076 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\windows\system32\drivers\MSPCLOCK.sys
00:03:32.0171 6076 MSPCLOCK - ok
00:03:32.0218 6076 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\windows\system32\drivers\MSPQM.sys
00:03:32.0375 6076 MSPQM - ok
00:03:32.0437 6076 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\windows\system32\DRIVERS\mssmbios.sys
00:03:32.0593 6076 mssmbios - ok
00:03:32.0640 6076 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\windows\system32\drivers\MSTEE.sys
00:03:32.0828 6076 MSTEE - ok
00:03:32.0859 6076 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\windows\system32\drivers\Mup.sys
00:03:32.0921 6076 Mup - ok
00:03:32.0968 6076 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\windows\system32\DRIVERS\NABTSFEC.sys
00:03:33.0171 6076 NABTSFEC - ok
00:03:33.0234 6076 napagent (6ea362e9db03d44f6b996f4d8be237e9) C:\windows\System32\qagentrt.dll
00:03:33.0468 6076 napagent - ok
00:03:33.0562 6076 NDIS (1df7f42665c94b825322fae71721130d) C:\windows\system32\drivers\NDIS.sys
00:03:33.0750 6076 NDIS - ok
00:03:33.0843 6076 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\windows\system32\DRIVERS\NdisIP.sys
00:03:34.0031 6076 NdisIP - ok
00:03:34.0078 6076 Ndisprot (a3b80c6e0774815c362aeb5ed5ac047d) C:\windows\system32\drivers\Ndisprot.sys
00:03:34.0093 6076 Ndisprot ( UnsignedFile.Multi.Generic ) - warning
00:03:34.0093 6076 Ndisprot - detected UnsignedFile.Multi.Generic (1)
00:03:34.0156 6076 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\windows\system32\DRIVERS\ndistapi.sys
00:03:34.0187 6076 NdisTapi - ok
00:03:34.0203 6076 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\windows\system32\DRIVERS\ndisuio.sys
00:03:34.0359 6076 Ndisuio - ok
00:03:34.0421 6076 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\windows\system32\DRIVERS\ndiswan.sys
00:03:34.0546 6076 NdisWan - ok
00:03:34.0593 6076 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\windows\system32\drivers\NDProxy.sys
00:03:34.0656 6076 NDProxy - ok
00:03:34.0703 6076 Net Driver HPZ12 (51c6d8bfbd4ea5b62a1ba7f4469250d3) C:\WINDOWS\system32\HPZinw12.dll
00:03:34.0703 6076 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
00:03:34.0703 6076 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
00:03:34.0750 6076 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\windows\system32\DRIVERS\netbios.sys
00:03:34.0875 6076 NetBIOS - ok
00:03:34.0906 6076 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\windows\system32\DRIVERS\netbt.sys
00:03:35.0046 6076 NetBT - ok
00:03:35.0078 6076 NetDDE (933de774986ec85e48210c44ab431de6) C:\windows\system32\netdde.exe
00:03:35.0281 6076 NetDDE - ok
00:03:35.0281 6076 NetDDEdsdm (933de774986ec85e48210c44ab431de6) C:\windows\system32\netdde.exe
00:03:35.0406 6076 NetDDEdsdm - ok
00:03:35.0453 6076 Netlogon (ed0a176354487ceed65b80a7148ab739) C:\windows\system32\lsass.exe
00:03:35.0593 6076 Netlogon - ok
00:03:35.0609 6076 Netman (72e1e9e2977be08bdeedb6d8fd9d4d40) C:\windows\System32\netman.dll
00:03:35.0750 6076 Netman - ok
00:03:35.0890 6076 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:03:35.0906 6076 NetTcpPortSharing - ok
00:03:35.0937 6076 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\windows\system32\DRIVERS\nic1394.sys
00:03:36.0062 6076 NIC1394 - ok
00:03:36.0109 6076 Nla (39ee7c3bfbc64ba87cc8cf67386e814c) C:\windows\System32\mswsock.dll
00:03:36.0171 6076 Nla - ok
00:03:36.0281 6076 nlsvc (c8f536fb328afe64a7f18bbfc00b10ee) C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
00:03:36.0343 6076 nlsvc ( UnsignedFile.Multi.Generic ) - warning
00:03:36.0343 6076 nlsvc - detected UnsignedFile.Multi.Generic (1)
00:03:36.0359 6076 nltdi (3ee27bcff781f07a12df75e8be852b0e) C:\WINDOWS\system32\drivers\nltdi.sys
00:03:36.0375 6076 nltdi ( UnsignedFile.Multi.Generic ) - warning
00:03:36.0375 6076 nltdi - detected UnsignedFile.Multi.Generic (1)
00:03:36.0421 6076 nmwcd (cfe3462a9e94a57dcd9676f6b7fe7f67) C:\windows\system32\drivers\ccdcmb.sys
00:03:36.0625 6076 nmwcd - ok
00:03:36.0671 6076 nmwcdc (8f2a94f991f8c73cec26b4b5620d1edc) C:\windows\system32\drivers\ccdcmbo.sys
00:03:36.0781 6076 nmwcdc - ok
00:03:36.0828 6076 nmwcdnsu (99145c5d4b6c4d6f5ce83ee6abffe294) C:\windows\system32\drivers\nmwcdnsu.sys
00:03:36.0937 6076 nmwcdnsu - ok
00:03:36.0984 6076 nmwcdnsuc (faee7b61c6885b091cec1ff06da2e1ab) C:\windows\system32\drivers\nmwcdnsuc.sys
00:03:37.0109 6076 nmwcdnsuc - ok
00:03:37.0140 6076 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\windows\system32\drivers\Npfs.sys
00:03:37.0328 6076 Npfs - ok
00:03:37.0437 6076 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\windows\system32\drivers\Ntfs.sys
00:03:37.0562 6076 Ntfs - ok
00:03:37.0609 6076 NtLmSsp (ed0a176354487ceed65b80a7148ab739) C:\windows\system32\lsass.exe
00:03:37.0734 6076 NtLmSsp - ok
00:03:37.0843 6076 NtmsSvc (023dd70573d644f3d9c8b1258a7bfd08) C:\windows\system32\ntmssvc.dll
00:03:38.0000 6076 NtmsSvc - ok
00:03:38.0046 6076 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\windows\system32\drivers\Null.sys
00:03:38.0203 6076 Null - ok
00:03:38.0250 6076 NWCWorkstation (adb82fbc435ae7504082b3c714c3885d) C:\windows\System32\nwwks.dll
00:03:38.0375 6076 NWCWorkstation - ok
00:03:38.0421 6076 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\windows\system32\DRIVERS\nwlnkflt.sys
00:03:38.0562 6076 NwlnkFlt - ok
00:03:38.0578 6076 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\windows\system32\DRIVERS\nwlnkfwd.sys
00:03:38.0734 6076 NwlnkFwd - ok
00:03:38.0812 6076 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\windows\system32\DRIVERS\nwlnkipx.sys
00:03:38.0937 6076 NwlnkIpx - ok
00:03:38.0968 6076 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\windows\system32\DRIVERS\nwlnknb.sys
00:03:39.0125 6076 NwlnkNb - ok
00:03:39.0156 6076 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\windows\system32\DRIVERS\nwlnkspx.sys
00:03:39.0296 6076 NwlnkSpx - ok
00:03:39.0312 6076 NWRDR (36b9b950e3d2e100970a48d8bad86740) C:\windows\system32\DRIVERS\nwrdr.sys
00:03:39.0453 6076 NWRDR - ok
00:03:39.0671 6076 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:03:39.0703 6076 odserv - ok
00:03:39.0765 6076 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\windows\system32\DRIVERS\ohci1394.sys
00:03:39.0890 6076 ohci1394 - ok
00:03:39.0953 6076 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:03:39.0968 6076 ose - ok
00:03:40.0046 6076 PAC7311 (735640d311d27e0095d748f725b9e507) C:\windows\system32\DRIVERS\PA707UCM.SYS
00:03:40.0125 6076 PAC7311 - ok
00:03:40.0156 6076 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\windows\system32\drivers\Parport.sys
00:03:40.0390 6076 Parport - ok
00:03:40.0406 6076 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\windows\system32\drivers\PartMgr.sys
00:03:40.0531 6076 PartMgr - ok
00:03:40.0578 6076 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\windows\system32\drivers\ParVdm.sys
00:03:40.0734 6076 ParVdm - ok
00:03:40.0828 6076 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\windows\system32\DRIVERS\pccsmcfd.sys
00:03:40.0843 6076 pccsmcfd - ok
00:03:40.0890 6076 PCI (6ce351d149cb4befc702951e471e1730) C:\windows\system32\DRIVERS\pci.sys
00:03:41.0015 6076 PCI - ok
00:03:41.0015 6076 PCIDump - ok
00:03:41.0062 6076 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\windows\system32\DRIVERS\pciide.sys
00:03:41.0203 6076 PCIIde - ok
00:03:41.0218 6076 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\windows\system32\DRIVERS\pcmcia.sys
00:03:41.0375 6076 Pcmcia - ok
00:03:41.0421 6076 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\windows\system32\Drivers\pcouffin.sys
00:03:41.0437 6076 pcouffin ( UnsignedFile.Multi.Generic ) - warning
00:03:41.0437 6076 pcouffin - detected UnsignedFile.Multi.Generic (1)
00:03:41.0437 6076 PDCOMP - ok
00:03:41.0453 6076 PDFRAME - ok
00:03:41.0453 6076 PDRELI - ok
00:03:41.0468 6076 PDRFRAME - ok
00:03:41.0484 6076 perc2 - ok
00:03:41.0500 6076 perc2hib - ok
00:03:41.0562 6076 PlugPlay (9ef697af07bb8dd82c3b02ca953a95b7) C:\windows\system32\services.exe
00:03:41.0593 6076 PlugPlay - ok
00:03:41.0640 6076 Pml Driver HPZ12 (79834aa2fbf9fe81eebb229024f6f7fc) C:\WINDOWS\system32\HPZipm12.dll
00:03:41.0656 6076 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
00:03:41.0656 6076 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
00:03:41.0703 6076 PnkBstrA (0e01d7eebada0b324db0ca1ee73440ba) C:\windows\system32\PnkBstrA.exe
00:03:41.0718 6076 PnkBstrA - ok
00:03:41.0750 6076 PnkBstrB (1428e6cc1458a36cbfc1f2e304c7c42d) C:\windows\system32\PnkBstrB.exe
00:03:41.0765 6076 PnkBstrB - ok
00:03:41.0812 6076 PolicyAgent (ed0a176354487ceed65b80a7148ab739) C:\windows\system32\lsass.exe
00:03:41.0937 6076 PolicyAgent - ok
00:03:42.0031 6076 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\windows\system32\DRIVERS\raspptp.sys
00:03:42.0140 6076 PptpMiniport - ok
00:03:42.0156 6076 ProtectedStorage (ed0a176354487ceed65b80a7148ab739) C:\windows\system32\lsass.exe
00:03:42.0281 6076 ProtectedStorage - ok
00:03:42.0296 6076 PSched (09298ec810b07e5d582cb3a3f9255424) C:\windows\system32\DRIVERS\psched.sys
00:03:42.0437 6076 PSched - ok
00:03:42.0484 6076 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\windows\system32\DRIVERS\ptilink.sys
00:03:42.0625 6076 Ptilink - ok
00:03:42.0734 6076 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\windows\system32\Drivers\PxHelp20.sys
00:03:42.0734 6076 PxHelp20 - ok
00:03:42.0750 6076 ql1080 - ok
00:03:42.0750 6076 Ql10wnt - ok
00:03:42.0765 6076 ql12160 - ok
00:03:42.0765 6076 ql1240 - ok
00:03:42.0781 6076 ql1280 - ok
00:03:42.0781 6076 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\windows\system32\DRIVERS\rasacd.sys
00:03:42.0937 6076 RasAcd - ok
00:03:43.0031 6076 RasAuto (2b5e44ea009f2f374b980e1e9a70635d) C:\windows\System32\rasauto.dll
00:03:43.0156 6076 RasAuto - ok
00:03:43.0187 6076 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\windows\system32\DRIVERS\rasl2tp.sys
00:03:43.0312 6076 Rasl2tp - ok
00:03:43.0421 6076 RasMan (d57554c664b64604bd1ee13ea2c07e77) C:\windows\System32\rasmans.dll
00:03:43.0546 6076 RasMan - ok
00:03:43.0562 6076 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\windows\system32\DRIVERS\raspppoe.sys
00:03:43.0687 6076 RasPppoe - ok
00:03:43.0703 6076 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\windows\system32\DRIVERS\raspti.sys
00:03:43.0859 6076 Raspti - ok
00:03:43.0875 6076 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\windows\system32\DRIVERS\rdbss.sys
00:03:44.0015 6076 Rdbss - ok
00:03:44.0031 6076 RDPCDD (4912d5b403614ce99c28420f75353332) C:\windows\system32\DRIVERS\RDPCDD.sys
00:03:44.0187 6076 RDPCDD - ok
00:03:44.0218 6076 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\windows\system32\DRIVERS\rdpdr.sys
00:03:44.0343 6076 rdpdr - ok
00:03:44.0390 6076 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\windows\system32\drivers\RDPWD.sys
00:03:44.0437 6076 RDPWD - ok
00:03:44.0484 6076 RDSessMgr (c0d9d9711cb74ee9bc66353d8cbdab0e) C:\WINDOWS\system32\sessmgr.exe
00:03:44.0625 6076 RDSessMgr - ok
00:03:44.0671 6076 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\windows\system32\DRIVERS\redbook.sys
00:03:44.0796 6076 redbook - ok
00:03:44.0859 6076 RemoteAccess (127c26b5371651043450e52542099aba) C:\windows\System32\mprdim.dll
00:03:44.0984 6076 RemoteAccess - ok
00:03:45.0031 6076 RemoteRegistry (8f31505484a190d5b22274708799f4ec) C:\windows\system32\regsvc.dll
00:03:45.0156 6076 RemoteRegistry - ok
00:03:45.0187 6076 RpcLocator (718b3bdc0bc3c2f7d065a53d26202af9) C:\windows\system32\locator.exe
00:03:45.0328 6076 RpcLocator - ok
00:03:45.0437 6076 RpcSs (be27674d1cbc3214aec84b4336a38bbf) C:\windows\System32\rpcss.dll
00:03:45.0500 6076 RpcSs - ok
00:03:45.0546 6076 RSVP (09ab2e71e58b078038e3bfdba7ffc984) C:\windows\system32\rsvp.exe
00:03:45.0687 6076 RSVP - ok
00:03:45.0734 6076 RTLE8023xp (bb0ae2171f08129f4f3ff9df20ffbf89) C:\windows\system32\DRIVERS\Rtenicxp.sys
00:03:45.0765 6076 RTLE8023xp - ok
00:03:45.0812 6076 SamSs (ed0a176354487ceed65b80a7148ab739) C:\windows\system32\lsass.exe
00:03:45.0984 6076 SamSs - ok
00:03:46.0015 6076 SASKUTIL - ok
00:03:46.0062 6076 SCardSvr (410046e401eb11e1e6749e9deea41d4a) C:\windows\System32\SCardSvr.exe
00:03:46.0265 6076 SCardSvr - ok
00:03:46.0343 6076 Schedule (3ff232a7731621b8902d81d42418c93c) C:\windows\system32\schedsvc.dll
00:03:46.0484 6076 Schedule - ok
00:03:46.0500 6076 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\windows\system32\DRIVERS\sdbus.sys
00:03:46.0625 6076 sdbus - ok
00:03:46.0671 6076 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\DRIVERS\secdrv.sys
00:03:46.0828 6076 Secdrv - ok
00:03:46.0890 6076 seclogon (477e2c3cc5e4a0d635bcb0ea8dcac3c6) C:\windows\System32\seclogon.dll
00:03:47.0031 6076 seclogon - ok
00:03:47.0046 6076 SENS (a530b75c10c23c9ab28fdb6ce719e21f) C:\windows\system32\sens.dll
00:03:47.0187 6076 SENS - ok
00:03:47.0218 6076 Serial (b842729337c9b921615c40d3c1a1af96) C:\windows\system32\drivers\Serial.sys
00:03:47.0359 6076 Serial - ok
00:03:47.0484 6076 ServiceLayer (8c1f87f5fdd92229d1754b98f073913f) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
00:03:47.0531 6076 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
00:03:47.0531 6076 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
00:03:47.0562 6076 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\windows\system32\DRIVERS\sffdisk.sys
00:03:47.0687 6076 sffdisk - ok
00:03:47.0718 6076 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\windows\system32\DRIVERS\sffp_sd.sys
00:03:47.0843 6076 sffp_sd - ok
00:03:47.0859 6076 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\windows\system32\DRIVERS\sfloppy.sys
00:03:48.0000 6076 Sfloppy - ok
00:03:48.0062 6076 SharedAccess (f58faca9621d2db01bd0927d9a0a208e) C:\windows\System32\ipnathlp.dll
00:03:48.0250 6076 SharedAccess - ok
00:03:48.0328 6076 ShellHWDetection (ee9a2b9ea968a792a053c9d1a86bf870) C:\windows\System32\shsvcs.dll
00:03:48.0343 6076 ShellHWDetection - ok
00:03:48.0359 6076 Simbad - ok
00:03:48.0390 6076 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\windows\system32\DRIVERS\SLIP.sys
00:03:48.0546 6076 SLIP - ok
00:03:48.0656 6076 SMTPSVC (07ad42303519a955560b5a19fe20b68f) C:\WINDOWS\system32\inetsrv\inetinfo.exe
00:03:48.0796 6076 SMTPSVC - ok
00:03:48.0796 6076 Sparrow - ok
00:03:48.0906 6076 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\windows\system32\drivers\splitter.sys
00:03:49.0046 6076 splitter - ok
00:03:49.0093 6076 Spooler (60784f891563fb1b767f70117fc2428f) C:\windows\system32\spoolsv.exe
00:03:49.0125 6076 Spooler - ok
00:03:49.0203 6076 sptd (cdddec541bc3c96f91ecb48759673505) C:\windows\system32\Drivers\sptd.sys
00:03:49.0203 6076 Suspicious file (NoAccess): C:\windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
00:03:49.0203 6076 sptd ( LockedFile.Multi.Generic ) - warning
00:03:49.0203 6076 sptd - detected LockedFile.Multi.Generic (1)
00:03:49.0234 6076 sr (94610c8653635e4459316a0050d55ce7) C:\windows\system32\DRIVERS\sr.sys
00:03:49.0375 6076 sr - ok
00:03:49.0437 6076 srservice (35b91147124f64ac8081a2edb9ea4dee) C:\windows\system32\srsvc.dll
00:03:49.0656 6076 srservice - ok
00:03:49.0718 6076 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\windows\system32\DRIVERS\srv.sys
00:03:49.0765 6076 Srv - ok
00:03:49.0781 6076 SSDPSRV (becd5271dc4e3b7c3d035f790fcbc1e5) C:\windows\System32\ssdpsrv.dll
00:03:49.0906 6076 SSDPSRV - ok
00:03:50.0015 6076 ssm_bus (14622ae81c72b08691eedaabc1d4a129) C:\windows\system32\DRIVERS\ssm_bus.sys
00:03:50.0031 6076 ssm_bus - ok
00:03:50.0062 6076 ssm_mdfl (43ee5e9fda61a5e0eac4c1de699e6e4d) C:\windows\system32\DRIVERS\ssm_mdfl.sys
00:03:50.0078 6076 ssm_mdfl - ok
00:03:50.0140 6076 ssm_mdm (918cfd32c7feb174f356a0a6fad11f4b) C:\windows\system32\DRIVERS\ssm_mdm.sys
00:03:50.0156 6076 ssm_mdm - ok
00:03:50.0203 6076 StarOpen (306521935042fc0a6988d528643619b3) C:\windows\system32\drivers\StarOpen.sys
00:03:50.0218 6076 StarOpen ( UnsignedFile.Multi.Generic ) - warning
00:03:50.0218 6076 StarOpen - detected UnsignedFile.Multi.Generic (1)
00:03:50.0281 6076 stisvc (c1cdd9275f6a115bb0ae1d55d8d27ba6) C:\windows\system32\wiaservc.dll
00:03:50.0421 6076 stisvc - ok
00:03:50.0468 6076 StMp3Rec (d59c1c8c2a75068ef73ff6e66983f296) C:\windows\system32\Drivers\StMp3Rec.sys
00:03:50.0500 6076 StMp3Rec ( UnsignedFile.Multi.Generic ) - warning
00:03:50.0500 6076 StMp3Rec - detected UnsignedFile.Multi.Generic (1)
00:03:50.0546 6076 streamip (77813007ba6265c4b6098187e6ed79d2) C:\windows\system32\DRIVERS\StreamIP.sys
00:03:50.0734 6076 streamip - ok
00:03:50.0812 6076 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\windows\system32\DRIVERS\swenum.sys
00:03:51.0031 6076 swenum - ok
00:03:51.0062 6076 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\windows\system32\drivers\swmidi.sys
00:03:51.0281 6076 swmidi - ok
00:03:51.0281 6076 SwPrv - ok
00:03:51.0281 6076 symc810 - ok
00:03:51.0296 6076 symc8xx - ok
00:03:51.0296 6076 SymIM - ok
00:03:51.0312 6076 SymIMMP - ok
00:03:51.0359 6076 symlcbrd (b226f8a4d780acdf76145b58bb791d5b) C:\WINDOWS\system32\drivers\symlcbrd.sys
00:03:51.0375 6076 symlcbrd - ok
00:03:51.0375 6076 sym_hi - ok
00:03:51.0375 6076 sym_u3 - ok
00:03:51.0406 6076 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\windows\system32\drivers\sysaudio.sys
00:03:51.0515 6076 sysaudio - ok
00:03:51.0562 6076 SysmonLog (ce06f01b88ace199a1bf460cac29c110) C:\windows\system32\smlogsvc.exe
00:03:51.0703 6076 SysmonLog - ok
00:03:51.0718 6076 TapiSrv (c2546cd7a398476f9df5614b2ae160e8) C:\windows\System32\tapisrv.dll
00:03:51.0859 6076 TapiSrv - ok
00:03:51.0968 6076 tbhMonitor.exe (ebb2ab0e249202b1d9c734b3dcf712c0) C:\Program Files\tbh\monitor\bin\tbhMonitor.exe
00:03:52.0000 6076 tbhMonitor.exe - ok
00:03:52.0062 6076 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\windows\system32\DRIVERS\tcpip.sys
00:03:52.0109 6076 Tcpip - ok
00:03:52.0171 6076 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\windows\system32\drivers\TDPIPE.sys
00:03:52.0296 6076 TDPIPE - ok
00:03:52.0328 6076 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\windows\system32\drivers\TDTCP.sys
00:03:52.0453 6076 TDTCP - ok
00:03:52.0468 6076 TermDD (88155247177638048422893737429d9e) C:\windows\system32\DRIVERS\termdd.sys
00:03:52.0593 6076 TermDD - ok
00:03:52.0718 6076 TermService (a75dd6fc3dbee4fff5ebc9f2c28bb66e) C:\windows\System32\termsrv.dll
00:03:52.0859 6076 TermService - ok
00:03:52.0906 6076 Themes (ee9a2b9ea968a792a053c9d1a86bf870) C:\windows\System32\shsvcs.dll
00:03:52.0937 6076 Themes - ok
00:03:52.0984 6076 tifm21 (f779ba4cd37963ab4600c9871b7752a3) C:\windows\system32\drivers\tifm21.sys
00:03:53.0000 6076 tifm21 ( UnsignedFile.Multi.Generic ) - warning
00:03:53.0000 6076 tifm21 - detected UnsignedFile.Multi.Generic (1)
00:03:53.0046 6076 TlntSvr (cd0cc7b167d78043a41c98d4921efb54) C:\WINDOWS\system32\tlntsvr.exe
00:03:53.0203 6076 TlntSvr - ok
00:03:53.0203 6076 TosIde - ok
00:03:53.0234 6076 TrkWks (38853304ccb938d30e0c4cde8d2c2a8a) C:\windows\system32\trkwks.dll
00:03:53.0375 6076 TrkWks - ok
00:03:53.0406 6076 TrueSight (b3c9c35dc93563b8d19ad414edf2fc82) c:\windows\system32\drivers\TrueSight.sys
00:03:53.0437 6076 TrueSight ( UnsignedFile.Multi.Generic ) - warning
00:03:53.0437 6076 TrueSight - detected UnsignedFile.Multi.Generic (1)
00:03:53.0484 6076 TVICHW32 (e266683fc95abdec17cd378564e1b54b) C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS
00:03:53.0515 6076 TVICHW32 ( UnsignedFile.Multi.Generic ) - warning
00:03:53.0515 6076 TVICHW32 - detected UnsignedFile.Multi.Generic (1)
00:03:53.0531 6076 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\windows\system32\drivers\Udfs.sys
00:03:53.0656 6076 Udfs - ok
00:03:53.0671 6076 ultra - ok
00:03:53.0734 6076 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\windows\system32\DRIVERS\update.sys
00:03:53.0890 6076 Update - ok
00:03:53.0953 6076 upnphost (651bd90dcee5b7bdc74a2eb7c9266f9e) C:\windows\System32\upnphost.dll
00:03:54.0171 6076 upnphost - ok
00:03:54.0218 6076 upperdev (ec01da44b090d2651fc032c8b9257232) C:\windows\system32\DRIVERS\usbser_lowerflt.sys
00:03:54.0328 6076 upperdev - ok
00:03:54.0343 6076 UPS (20a0f6a11959e92908717d09e87d670d) C:\windows\System32\ups.exe
00:03:54.0484 6076 UPS - ok
00:03:54.0531 6076 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\windows\system32\Drivers\usbaapl.sys
00:03:54.0562 6076 USBAAPL - ok
00:03:54.0625 6076 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\windows\system32\DRIVERS\usbccgp.sys
00:03:54.0750 6076 usbccgp - ok
00:03:54.0781 6076 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\windows\system32\DRIVERS\usbehci.sys
00:03:54.0890 6076 usbehci - ok
00:03:54.0906 6076 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\windows\system32\DRIVERS\usbhub.sys
00:03:55.0046 6076 usbhub - ok
00:03:55.0078 6076 usbprint (a717c8721046828520c9edf31288fc00) C:\windows\system32\DRIVERS\usbprint.sys
00:03:55.0234 6076 usbprint - ok
00:03:55.0281 6076 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\windows\system32\DRIVERS\usbscan.sys
00:03:55.0437 6076 usbscan - ok
00:03:55.0468 6076 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\windows\system32\drivers\usbser.sys
00:03:55.0593 6076 usbser - ok
00:03:55.0640 6076 UsbserFilt (4abd37cfbd710e64f01f9da8710c73f7) C:\windows\system32\DRIVERS\usbser_lowerfltj.sys
00:03:55.0734 6076 UsbserFilt - ok
00:03:55.0765 6076 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\windows\system32\DRIVERS\USBSTOR.SYS
00:03:55.0890 6076 USBSTOR - ok
00:03:55.0890 6076 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\windows\system32\DRIVERS\usbuhci.sys
00:03:56.0031 6076 usbuhci - ok
00:03:56.0046 6076 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\windows\System32\drivers\vga.sys
00:03:56.0187 6076 VgaSave - ok
00:03:56.0187 6076 ViaIde - ok
00:03:56.0203 6076 VolSnap (28a4b296b47782173c346e376cb374d1) C:\windows\system32\drivers\VolSnap.sys
00:03:56.0328 6076 VolSnap - ok
00:03:56.0406 6076 VSS (d6ba1a63d9e00933f1cd2a885573afb2) C:\windows\System32\vssvc.exe
00:03:56.0531 6076 VSS - ok
00:03:56.0562 6076 W32Time (fa4e1cdba256787f2149f4aad07bc91f) C:\windows\system32\w32time.dll
00:03:56.0687 6076 W32Time - ok
00:03:56.0781 6076 W3SVC (07ad42303519a955560b5a19fe20b68f) C:\windows\system32\inetsrv\inetinfo.exe
00:03:56.0890 6076 W3SVC - ok
00:03:56.0906 6076 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\windows\system32\DRIVERS\wanarp.sys
00:03:57.0031 6076 Wanarp - ok
00:03:57.0093 6076 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\windows\system32\DRIVERS\Wdf01000.sys
00:03:57.0125 6076 Wdf01000 - ok
00:03:57.0125 6076 WDICA - ok
00:03:57.0171 6076 wdmaud (6768acf64b18196494413695f0c3a00f) C:\windows\system32\drivers\wdmaud.sys
00:03:57.0328 6076 wdmaud - ok
00:03:57.0375 6076 WebClient (47ae51048a82dfa1cd6b51d369f7e169) C:\windows\System32\webclnt.dll
00:03:57.0500 6076 WebClient - ok
00:03:57.0578 6076 winmgmt (e488332126e3b1182d2b8a0c35408ec6) C:\windows\system32\wbem\WMIsvc.dll
00:03:57.0718 6076 winmgmt - ok
00:03:57.0781 6076 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\windows\system32\MsPMSNSv.dll
00:03:57.0828 6076 WmdmPmSN - ok
00:03:57.0906 6076 Wmi (0171cff34bba8c5977f18c48d8aef8c6) C:\windows\System32\advapi32.dll
00:03:57.0953 6076 Wmi - ok
00:03:58.0046 6076 WmiApSrv (23f6f03272f7e5679f1f050aed5acee6) C:\WINDOWS\system32\wbem\wmiapsrv.exe
00:03:58.0281 6076 WmiApSrv - ok
00:03:58.0453 6076 WMPNetworkSvc (3739866d20abd42f26a7b85f9e2560af) C:\Program Files\Windows Media Player\WMPNetwk.exe
00:03:58.0515 6076 WMPNetworkSvc - ok
00:03:58.0593 6076 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\windows\system32\Drivers\wpdusb.sys
00:03:58.0625 6076 WpdUsb - ok
00:03:58.0703 6076 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\windows\System32\drivers\ws2ifsl.sys
00:03:58.0968 6076 WS2IFSL - ok
00:03:59.0015 6076 wscsvc (4c86d5faf78194995af9cc1075f65dd3) C:\windows\system32\wscsvc.dll
00:03:59.0156 6076 wscsvc - ok
00:03:59.0187 6076 WSIMD (e23437e5b715b999e280d00d9eea64da) C:\windows\system32\DRIVERS\wsimd.sys
00:03:59.0234 6076 WSIMD - ok
00:03:59.0281 6076 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\windows\system32\DRIVERS\WSTCODEC.SYS
00:03:59.0406 6076 WSTCODEC - ok
00:03:59.0421 6076 wuauserv (c1364564800ee9784192145324a23308) C:\windows\system32\wuauserv.dll
00:03:59.0640 6076 wuauserv - ok
00:03:59.0671 6076 WudfPf (eaa6324f51214d2f6718977ec9ce0def) C:\windows\system32\DRIVERS\WudfPf.sys
00:03:59.0718 6076 WudfPf - ok
00:03:59.0750 6076 WudfRd (f91ff1e51fca30b3c3981db7d5924252) C:\windows\system32\DRIVERS\wudfrd.sys
00:03:59.0781 6076 WudfRd - ok
00:03:59.0796 6076 WudfSvc (ddee3682fe97037c45f4d7ab467cb8b6) C:\windows\System32\WUDFSvc.dll
00:03:59.0812 6076 WudfSvc - ok
00:03:59.0890 6076 WZCSVC (a27d4ba7264c0bf52f32d10405bea1d4) C:\windows\System32\wzcsvc.dll
00:04:00.0125 6076 WZCSVC - ok
00:04:00.0171 6076 xmlprov (eaa4bb9edb3fb10cf8979fe65e63658f) C:\windows\System32\xmlprov.dll
00:04:00.0390 6076 xmlprov - ok
00:04:00.0484 6076 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
00:04:01.0031 6076 \Device\Harddisk0\DR0 - ok
00:04:01.0046 6076 Boot (0x1200) (4ca597de7004aa77e9ec4d8328dd2fb2) \Device\Harddisk0\DR0\Partition0
00:04:01.0046 6076 \Device\Harddisk0\DR0\Partition0 - ok
00:04:01.0046 6076 ============================================================
00:04:01.0046 6076 Scan finished
00:04:01.0046 6076 ============================================================
00:04:01.0171 5472 Detected object count: 17
00:04:01.0171 5472 Actual detected object count: 17
00:04:26.0609 5472 acs ( UnsignedFile.Multi.Generic ) - skipped by user
00:04:26.0609 5472 acs ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:04:26.0609 5472 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
00:04:26.0609 5472 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:04:26.0609 5472 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
00:04:26.0609 5472 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:04:26.0609 5472 igfx ( UnsignedFile.Multi.Generic ) - skipped by user
00:04:26.0609 5472 igfx ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:04:26.0625 5472 Ndisprot ( UnsignedFile.Multi.Generic ) - skipped by user
00:04:26.0625 5472 Ndisprot ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:04:26.0625 5472 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
00:04:26.0625 5472 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:04:26.0625 5472 nlsvc ( UnsignedFile.Multi.Generic ) - skipped by user
00:04:26.0625 5472 nlsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:04:26.0625 5472 nltdi ( UnsignedFile.Multi.Generic ) - skipped by user
00:04:26.0625 5472 nltdi ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:04:26.0625 5472 pcouffin ( UnsignedFile.Multi.Generic ) - skipped by user
00:04:26.0625 5472 pcouffin ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:04:26.0640 5472 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
00:04:26.0640 5472 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:04:26.0640 5472 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
00:04:26.0640 5472 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:04:26.0640 5472 sptd ( LockedFile.Multi.Generic ) - skipped by user
00:04:26.0640 5472 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
00:04:26.0640 5472 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
00:04:26.0640 5472 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:04:26.0640 5472 StMp3Rec ( UnsignedFile.Multi.Generic ) - skipped by user
00:04:26.0640 5472 StMp3Rec ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:04:26.0640 5472 tifm21 ( UnsignedFile.Multi.Generic ) - skipped by user
00:04:26.0640 5472 tifm21 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:04:26.0656 5472 TrueSight ( UnsignedFile.Multi.Generic ) - skipped by user
00:04:26.0656 5472 TrueSight ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:04:26.0656 5472 TVICHW32 ( UnsignedFile.Multi.Generic ) - skipped by user
00:04:26.0656 5472 TVICHW32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
dekuji za odpoved a omlouvam se za pozdni reakci.
Log z RogueKilleru:
RogueKiller V7.6.3 [07/08/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v: Normální režim
Uživatel: pavel [Práva správce]
Mód: Kontrola -- Datum: 07/12/2012 00:00:44
¤¤¤ Škodlivé procesy: 1 ¤¤¤
[SUSP PATH] JuniperSetupClient.exe -- C:\Documents and Settings\pavel\Data aplikací\Juniper Networks\Setup Client\JuniperSetupClient.exe -> KILLED [TermProc]
¤¤¤ Záznamy Registrů: 2 ¤¤¤
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HIDDEN KEY] HKLM\[...]\Services : P () -> FOUND
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač: [NAHRÁNO] ¤¤¤
IRP[IRP_MJ_CREATE] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xF7A40B40)
IRP[IRP_MJ_CLOSE] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xF7A40B40)
IRP[IRP_MJ_DEVICE_CONTROL] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xF7A40B40)
IRP[IRP_MJ_INTERNAL_DEVICE_CONTROL] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xF7A40B40)
IRP[IRP_MJ_SYSTEM_CONTROL] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xF7A40B40)
IRP[IRP_MJ_DEVICE_CHANGE] : Unknown -> HOOKED ([MAJOR] atapi.sys @ 0xF7A40B40)
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
ÿþ1
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: Hitachi HTS541680J9SA00 +++++
--- User ---
[MBR] cc0cf86a36ce335befeca20b844b4911
[BSP] 1817dd6f9f17ac612d3209d876ebee3b : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 76308 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[1].txt >>
RKreport[1].txt
Log z TDSSKilleru:
00:02:31.0312 2712 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35
00:02:31.0687 2712 ============================================================
00:02:31.0687 2712 Current date / time: 2012/07/12 00:02:31.0687
00:02:31.0687 2712 SystemInfo:
00:02:31.0687 2712
00:02:31.0687 2712 OS Version: 5.1.2600 ServicePack: 3.0
00:02:31.0687 2712 Product type: Workstation
00:02:31.0687 2712 ComputerName: KLEOPATRA
00:02:31.0687 2712 UserName: pavel
00:02:31.0687 2712 Windows directory: C:\windows
00:02:31.0687 2712 System windows directory: C:\windows
00:02:31.0687 2712 Processor architecture: Intel x86
00:02:31.0687 2712 Number of processors: 2
00:02:31.0687 2712 Page size: 0x1000
00:02:31.0687 2712 Boot type: Normal boot
00:02:31.0687 2712 ============================================================
00:02:34.0281 2712 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
00:02:34.0296 2712 ============================================================
00:02:34.0296 2712 \Device\Harddisk0\DR0:
00:02:34.0296 2712 MBR partitions:
00:02:34.0296 2712 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1
00:02:34.0296 2712 ============================================================
00:02:34.0312 2712 C: <-> \Device\Harddisk0\DR0\Partition0
00:02:34.0312 2712 ============================================================
00:02:34.0312 2712 Initialize success
00:02:34.0312 2712 ============================================================
00:03:06.0296 6076 ============================================================
00:03:06.0296 6076 Scan started
00:03:06.0296 6076 Mode: Manual; SigCheck; TDLFS;
00:03:06.0296 6076 ============================================================
00:03:06.0593 6076 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\windows\system32\drivers\Aavmker4.sys
00:03:07.0093 6076 Aavmker4 - ok
00:03:07.0093 6076 Abiosdsk - ok
00:03:07.0109 6076 abp480n5 - ok
00:03:07.0171 6076 ACPI (4fe34f1f3126b61fcc6b2043aa8112c9) C:\windows\system32\DRIVERS\ACPI.sys
00:03:08.0203 6076 ACPI - ok
00:03:08.0281 6076 ACPIEC (afdff022a01f0b11c776f0860c3b282f) C:\windows\system32\DRIVERS\ACPIEC.sys
00:03:08.0437 6076 ACPIEC - ok
00:03:08.0484 6076 acs (a1c6d11c11a55ceca432ac00f293a9ed) C:\windows\system32\acs.exe
00:03:08.0531 6076 acs ( UnsignedFile.Multi.Generic ) - warning
00:03:08.0531 6076 acs - detected UnsignedFile.Multi.Generic (1)
00:03:08.0625 6076 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
00:03:08.0656 6076 AdobeFlashPlayerUpdateSvc - ok
00:03:08.0656 6076 adpu160m - ok
00:03:08.0687 6076 aec (8bed39e3c35d6a489438b8141717a557) C:\windows\system32\drivers\aec.sys
00:03:08.0875 6076 aec - ok
00:03:09.0015 6076 AF15BDA (e3f08935158038d385ad382442f4bb2d) C:\windows\system32\DRIVERS\AF15BDA.sys
00:03:09.0093 6076 AF15BDA - ok
00:03:09.0140 6076 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\windows\System32\drivers\afd.sys
00:03:09.0203 6076 AFD - ok
00:03:09.0250 6076 AgereModemAudio (1cb677bf1dabd3baf4f944e2c90d6c73) C:\WINDOWS\system32\agrsmsvc.exe
00:03:09.0296 6076 AgereModemAudio - ok
00:03:09.0390 6076 AgereSoftModem (4e6294a06be883c9bd685a8dfd9fcd4e) C:\windows\system32\DRIVERS\AGRSM.sys
00:03:09.0500 6076 AgereSoftModem - ok
00:03:09.0500 6076 Aha154x - ok
00:03:09.0515 6076 aic78u2 - ok
00:03:09.0515 6076 aic78xx - ok
00:03:09.0562 6076 Alerter (e0a6fa244b8624d78fe5ff6f56a33bae) C:\windows\system32\alrsvc.dll
00:03:09.0781 6076 Alerter - ok
00:03:09.0843 6076 ALG (88842de939a827577bf24243699ac80a) C:\windows\System32\alg.exe
00:03:10.0000 6076 ALG - ok
00:03:10.0000 6076 AliIde - ok
00:03:10.0125 6076 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\windows\system32\drivers\Ambfilt.sys
00:03:10.0203 6076 Ambfilt - ok
00:03:10.0265 6076 amsint - ok
00:03:10.0421 6076 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
00:03:10.0437 6076 Apple Mobile Device - ok
00:03:10.0515 6076 AppMgmt (6b8e7a90e576d4fe308f97c69060a171) C:\windows\System32\appmgmts.dll
00:03:10.0656 6076 AppMgmt - ok
00:03:10.0734 6076 AR5211 (78e15866befe8b940046c36ba92f9eb6) C:\windows\system32\DRIVERS\ar5211.sys
00:03:10.0828 6076 AR5211 - ok
00:03:10.0890 6076 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\windows\system32\DRIVERS\arp1394.sys
00:03:11.0109 6076 Arp1394 - ok
00:03:11.0109 6076 asc - ok
00:03:11.0109 6076 asc3350p - ok
00:03:11.0125 6076 asc3550 - ok
00:03:11.0250 6076 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
00:03:11.0296 6076 aspnet_state - ok
00:03:11.0328 6076 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\windows\system32\drivers\aswFsBlk.sys
00:03:11.0343 6076 aswFsBlk - ok
00:03:11.0375 6076 aswMon2 (8c30b7ddd2f1d8d138ebe40345af2b11) C:\windows\system32\drivers\aswMon2.sys
00:03:11.0406 6076 aswMon2 - ok
00:03:11.0437 6076 aswRdr (da12626fd9a67f4e917e2f2fbe1e1764) C:\windows\system32\drivers\aswRdr.sys
00:03:11.0453 6076 aswRdr - ok
00:03:11.0546 6076 aswSnx (dcb199b967375753b5019ec15f008f53) C:\windows\system32\drivers\aswSnx.sys
00:03:11.0578 6076 aswSnx - ok
00:03:11.0609 6076 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\windows\system32\drivers\aswSP.sys
00:03:11.0640 6076 aswSP - ok
00:03:11.0687 6076 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\windows\system32\drivers\aswTdi.sys
00:03:11.0718 6076 aswTdi - ok
00:03:11.0750 6076 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\windows\system32\DRIVERS\asyncmac.sys
00:03:11.0953 6076 AsyncMac - ok
00:03:12.0000 6076 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\windows\system32\DRIVERS\atapi.sys
00:03:12.0140 6076 atapi - ok
00:03:12.0140 6076 Atdisk - ok
00:03:12.0171 6076 Atmarpc (9916c1225104ba14794209cfa8012159) C:\windows\system32\DRIVERS\atmarpc.sys
00:03:12.0296 6076 Atmarpc - ok
00:03:12.0343 6076 AudioSrv (de31b88962a8645dba5a37b993e7b0f1) C:\windows\System32\audiosrv.dll
00:03:12.0500 6076 AudioSrv - ok
00:03:12.0546 6076 audstub (d9f724aa26c010a217c97606b160ed68) C:\windows\system32\DRIVERS\audstub.sys
00:03:12.0687 6076 audstub - ok
00:03:12.0828 6076 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
00:03:12.0843 6076 avast! Antivirus - ok
00:03:12.0890 6076 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\windows\system32\drivers\Beep.sys
00:03:13.0109 6076 Beep - ok
00:03:13.0203 6076 BITS (19395d092fd85ddc2d9c7729cf5a2ac8) C:\windows\system32\qmgr.dll
00:03:13.0562 6076 BITS - ok
00:03:13.0656 6076 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
00:03:13.0703 6076 Bonjour Service - ok
00:03:13.0750 6076 Browser (249276d3ef1e74b992299cb96099e4d7) C:\windows\System32\browser.dll
00:03:13.0953 6076 Browser - ok
00:03:14.0062 6076 Capture Device Service (1778eba872274c1226d869cd9486847e) C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
00:03:14.0078 6076 Capture Device Service - ok
00:03:14.0437 6076 catchme - ok
00:03:14.0593 6076 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\windows\system32\drivers\cbidf2k.sys
00:03:14.0796 6076 cbidf2k - ok
00:03:14.0875 6076 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\windows\system32\DRIVERS\CCDECODE.sys
00:03:15.0015 6076 CCDECODE - ok
00:03:15.0015 6076 cd20xrnt - ok
00:03:15.0062 6076 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\windows\system32\drivers\Cdaudio.sys
00:03:15.0234 6076 Cdaudio - ok
00:03:15.0265 6076 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\windows\system32\drivers\Cdfs.sys
00:03:15.0406 6076 Cdfs - ok
00:03:15.0453 6076 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\windows\system32\DRIVERS\cdrom.sys
00:03:15.0500 6076 Cdrom - ok
00:03:15.0515 6076 Changer - ok
00:03:15.0546 6076 CiSvc (e390dc1d7c461d7d56ec53402f329928) C:\windows\system32\cisvc.exe
00:03:15.0687 6076 CiSvc - ok
00:03:15.0703 6076 ClipSrv (064507a8dfa8c5c7e2ffddd3e6f424fa) C:\windows\system32\clipsrv.exe
00:03:15.0843 6076 ClipSrv - ok
00:03:15.0937 6076 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:03:16.0000 6076 clr_optimization_v2.0.50727_32 - ok
00:03:16.0031 6076 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\windows\system32\DRIVERS\CmBatt.sys
00:03:16.0171 6076 CmBatt - ok
00:03:16.0171 6076 CmdIde - ok
00:03:16.0234 6076 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\windows\system32\DRIVERS\compbatt.sys
00:03:16.0375 6076 Compbatt - ok
00:03:16.0375 6076 COMSysApp - ok
00:03:16.0390 6076 Cpqarray - ok
00:03:16.0468 6076 CryptSvc (f3ab0933cbd166d271992f411c27ccaf) C:\windows\System32\cryptsvc.dll
00:03:16.0671 6076 CryptSvc - ok
00:03:16.0671 6076 dac2w2k - ok
00:03:16.0687 6076 dac960nt - ok
00:03:16.0781 6076 DcomLaunch (be27674d1cbc3214aec84b4336a38bbf) C:\windows\system32\rpcss.dll
00:03:16.0828 6076 DcomLaunch - ok
00:03:16.0875 6076 Dhcp (8c9a53e285ac5e6704844d0459ec85be) C:\windows\System32\dhcpcsvc.dll
00:03:17.0078 6076 Dhcp - ok
00:03:17.0093 6076 Disk (044452051f3e02e7963599fc8f4f3e25) C:\windows\system32\DRIVERS\disk.sys
00:03:17.0296 6076 Disk - ok
00:03:17.0296 6076 dmadmin - ok
00:03:17.0375 6076 dmboot (db5fd2bf5b07dc54bfcb3664ff05bd7c) C:\windows\system32\drivers\dmboot.sys
00:03:17.0531 6076 dmboot - ok
00:03:17.0562 6076 dmio (fff1720af51171f32f1ead5cf71f2810) C:\windows\system32\drivers\dmio.sys
00:03:17.0687 6076 dmio - ok
00:03:17.0734 6076 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\windows\system32\drivers\dmload.sys
00:03:17.0875 6076 dmload - ok
00:03:17.0968 6076 dmserver (2bfefe9e865655a76982f050450b9591) C:\windows\System32\dmserver.dll
00:03:18.0078 6076 dmserver - ok
00:03:18.0109 6076 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\windows\system32\drivers\DMusic.sys
00:03:18.0250 6076 DMusic - ok
00:03:18.0281 6076 Dnscache (dfaa406bf19f4ee806a6f8d4342137f7) C:\windows\System32\dnsrslvr.dll
00:03:18.0343 6076 Dnscache - ok
00:03:18.0375 6076 Dot3svc (4a3e2bd20157a0946751229e92eb8621) C:\windows\System32\dot3svc.dll
00:03:18.0515 6076 Dot3svc - ok
00:03:18.0515 6076 dpti2o - ok
00:03:18.0546 6076 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\windows\system32\drivers\drmkaud.sys
00:03:18.0656 6076 drmkaud - ok
00:03:18.0734 6076 EapHost (0887d9c2be8d940778cad1e3b85f2a41) C:\windows\System32\eapsvc.dll
00:03:18.0875 6076 EapHost - ok
00:03:18.0921 6076 ERSvc (a2a4912798f2be706abadd3d30800d16) C:\windows\System32\ersvc.dll
00:03:19.0031 6076 ERSvc - ok
00:03:19.0078 6076 Eventlog (9ef697af07bb8dd82c3b02ca953a95b7) C:\windows\system32\services.exe
00:03:19.0109 6076 Eventlog - ok
00:03:19.0171 6076 EventSystem (a371f11ef07653591c8de26afb13ce7f) C:\WINDOWS\system32\es.dll
00:03:19.0218 6076 EventSystem - ok
00:03:19.0281 6076 Fastfat (38d332a6d56af32635675f132548343e) C:\windows\system32\drivers\Fastfat.sys
00:03:19.0437 6076 Fastfat - ok
00:03:19.0500 6076 FastUserSwitchingCompatibility (ee9a2b9ea968a792a053c9d1a86bf870) C:\windows\System32\shsvcs.dll
00:03:19.0593 6076 FastUserSwitchingCompatibility - ok
00:03:19.0625 6076 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\windows\system32\drivers\Fdc.sys
00:03:19.0796 6076 Fdc - ok
00:03:19.0828 6076 Fips (ac366695a0796560aa37215ad5762aaf) C:\windows\system32\drivers\Fips.sys
00:03:20.0015 6076 Fips - ok
00:03:20.0156 6076 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
00:03:20.0187 6076 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
00:03:20.0187 6076 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
00:03:20.0234 6076 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\windows\system32\drivers\Flpydisk.sys
00:03:20.0421 6076 Flpydisk - ok
00:03:20.0453 6076 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\windows\system32\drivers\fltmgr.sys
00:03:20.0625 6076 FltMgr - ok
00:03:20.0781 6076 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
00:03:20.0796 6076 FontCache3.0.0.0 - ok
00:03:20.0828 6076 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\windows\system32\drivers\Fs_Rec.sys
00:03:20.0984 6076 Fs_Rec - ok
00:03:21.0046 6076 Ftdisk (4e664d8541db4a66b73a24257e322e1f) C:\windows\system32\DRIVERS\ftdisk.sys
00:03:21.0203 6076 Ftdisk - ok
00:03:21.0250 6076 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\windows\system32\DRIVERS\msgpc.sys
00:03:21.0406 6076 Gpc - ok
00:03:21.0453 6076 hamachi (d30b31375c40309425c21efe75db90bb) C:\windows\system32\DRIVERS\hamachi.sys
00:03:21.0468 6076 hamachi - ok
00:03:21.0484 6076 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\windows\system32\DRIVERS\HDAudBus.sys
00:03:21.0656 6076 HDAudBus - ok
00:03:21.0796 6076 helpsvc (fcfe31fb75f8a6295b6b0af87a626282) C:\windows\PCHealth\HelpCtr\Binaries\pchsvc.dll
00:03:21.0968 6076 helpsvc - ok
00:03:22.0046 6076 HidServ (00e25ee90166b3e1be6e74aebf858306) C:\windows\System32\hidserv.dll
00:03:22.0218 6076 HidServ - ok
00:03:22.0250 6076 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\windows\system32\DRIVERS\hidusb.sys
00:03:22.0437 6076 HidUsb - ok
00:03:22.0484 6076 hkmsvc (7a6b320928f86bc851530d63c82965d9) C:\windows\System32\kmsvc.dll
00:03:22.0609 6076 hkmsvc - ok
00:03:22.0609 6076 hpn - ok
00:03:22.0656 6076 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\windows\system32\Drivers\HTTP.sys
00:03:22.0687 6076 HTTP - ok
00:03:22.0703 6076 HTTPFilter (58fe2f2da3bc5573f4a35b3760d3125f) C:\windows\System32\w3ssl.dll
00:03:22.0843 6076 HTTPFilter - ok
00:03:22.0843 6076 i2omgmt - ok
00:03:22.0859 6076 i2omp - ok
00:03:22.0953 6076 i8042prt (c528e27945367191e7bae364930b6932) C:\windows\system32\DRIVERS\i8042prt.sys
00:03:23.0093 6076 i8042prt - ok
00:03:23.0406 6076 ialm (c1c2d6940d6ec2f247b0f3c11e0a18e0) C:\windows\system32\DRIVERS\igxpmp32.sys
00:03:23.0718 6076 ialm - ok
00:03:23.0875 6076 IDriverT (daf66902f08796f9c694901660e5a64a) C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
00:03:23.0906 6076 IDriverT ( UnsignedFile.Multi.Generic ) - warning
00:03:23.0906 6076 IDriverT - detected UnsignedFile.Multi.Generic (1)
00:03:24.0203 6076 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:03:24.0296 6076 idsvc - ok
00:03:24.0546 6076 igfx (14f477463246e35f1dc932be6225598c) C:\windows\system32\DRIVERS\igdkmd32.sys
00:03:24.0656 6076 igfx ( UnsignedFile.Multi.Generic ) - warning
00:03:24.0656 6076 igfx - detected UnsignedFile.Multi.Generic (1)
00:03:24.0781 6076 IISADMIN (07ad42303519a955560b5a19fe20b68f) C:\WINDOWS\system32\inetsrv\inetinfo.exe
00:03:25.0000 6076 IISADMIN - ok
00:03:25.0031 6076 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\windows\system32\DRIVERS\imapi.sys
00:03:25.0171 6076 Imapi - ok
00:03:25.0203 6076 ImapiService (f7b93aafad33b2320954c17e26c8d361) C:\windows\system32\imapi.exe
00:03:25.0343 6076 ImapiService - ok
00:03:25.0359 6076 ini910u - ok
00:03:25.0515 6076 InstallShield Licensing Service (199374ae729eeba68a6855db830dc238) C:\Program Files\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe
00:03:25.0531 6076 InstallShield Licensing Service - ok
00:03:25.0796 6076 IntcAzAudAddService (557e20484a095d949912883f5ab29e88) C:\windows\system32\drivers\RtkHDAud.sys
00:03:26.0078 6076 IntcAzAudAddService - ok
00:03:26.0171 6076 IntelIde - ok
00:03:26.0218 6076 intelppm (27b290d632af2cf3cf40bfddb7370985) C:\windows\system32\DRIVERS\intelppm.sys
00:03:26.0421 6076 intelppm - ok
00:03:26.0453 6076 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\windows\system32\drivers\ip6fw.sys
00:03:26.0671 6076 Ip6Fw - ok
00:03:26.0750 6076 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\windows\system32\DRIVERS\ipfltdrv.sys
00:03:26.0890 6076 IpFilterDriver - ok
00:03:26.0953 6076 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\windows\system32\DRIVERS\ipinip.sys
00:03:27.0078 6076 IpInIp - ok
00:03:27.0109 6076 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\windows\system32\DRIVERS\ipnat.sys
00:03:27.0234 6076 IpNat - ok
00:03:27.0328 6076 IPSec (23c74d75e36e7158768dd63d92789a91) C:\windows\system32\DRIVERS\ipsec.sys
00:03:27.0484 6076 IPSec - ok
00:03:27.0515 6076 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\windows\system32\DRIVERS\irenum.sys
00:03:27.0671 6076 IRENUM - ok
00:03:27.0718 6076 isapnp (cc9f8a2d60aed1a51a3ac34c59b987ae) C:\windows\system32\DRIVERS\isapnp.sys
00:03:27.0890 6076 isapnp - ok
00:03:27.0921 6076 Kbdclass (1b6162fe7f66b1a71a4b70f941c4aa9b) C:\windows\system32\DRIVERS\kbdclass.sys
00:03:28.0062 6076 Kbdclass - ok
00:03:28.0093 6076 kbdhid (86c8f23616c6c6e5b2776901c17b945b) C:\windows\system32\DRIVERS\kbdhid.sys
00:03:28.0218 6076 kbdhid - ok
00:03:28.0250 6076 kmixer (692bcf44383d056aed41b045a323d378) C:\windows\system32\drivers\kmixer.sys
00:03:28.0375 6076 kmixer - ok
00:03:28.0406 6076 KSecDD (b467646c54cc746128904e1654c750c1) C:\windows\system32\drivers\KSecDD.sys
00:03:28.0437 6076 KSecDD - ok
00:03:28.0484 6076 lanmanserver (3428e8f86f8add36b42fb23542c7b3e4) C:\windows\System32\srvsvc.dll
00:03:28.0531 6076 lanmanserver - ok
00:03:28.0578 6076 lanmanworkstation (936c1d110232d23b621cb0196e4f80f0) C:\windows\System32\wkssvc.dll
00:03:28.0609 6076 lanmanworkstation - ok
00:03:28.0625 6076 Lbd - ok
00:03:28.0625 6076 lbrtfdc - ok
00:03:28.0640 6076 lischna - ok
00:03:28.0703 6076 LmHosts (0ab159f536e3e8f7f07113702a07cca5) C:\windows\System32\lmhsvc.dll
00:03:28.0828 6076 LmHosts - ok
00:03:28.0843 6076 Messenger (221cd1c815b8a6b79389c3f5d1018de8) C:\windows\System32\msgsvc.dll
00:03:29.0031 6076 Messenger - ok
00:03:29.0203 6076 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
00:03:29.0218 6076 Microsoft Office Groove Audit Service - ok
00:03:29.0265 6076 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\windows\system32\drivers\mnmdd.sys
00:03:29.0468 6076 mnmdd - ok
00:03:29.0531 6076 mnmsrvc (9a57d046f88f4b69751b11fd40088a61) C:\WINDOWS\system32\mnmsrvc.exe
00:03:29.0750 6076 mnmsrvc - ok
00:03:29.0843 6076 Modem (44032b0c6d9954d3fd26438330b99ee7) C:\windows\system32\drivers\Modem.sys
00:03:29.0984 6076 Modem - ok
00:03:30.0109 6076 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\windows\system32\drivers\Monfilt.sys
00:03:30.0171 6076 Monfilt - ok
00:03:30.0281 6076 Mouclass (4cb582831dbde63ce43b45d771218374) C:\windows\system32\DRIVERS\mouclass.sys
00:03:30.0484 6076 Mouclass - ok
00:03:30.0515 6076 mouhid (bb269eba740737ab749b214d568b6812) C:\windows\system32\DRIVERS\mouhid.sys
00:03:30.0687 6076 mouhid - ok
00:03:30.0703 6076 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\windows\system32\drivers\MountMgr.sys
00:03:30.0828 6076 MountMgr - ok
00:03:30.0968 6076 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
00:03:30.0984 6076 MozillaMaintenance - ok
00:03:31.0031 6076 MPE (83eff7b976ae24f1a496ca94a8a19919) C:\windows\system32\DRIVERS\MPE.sys
00:03:31.0078 6076 MPE - ok
00:03:31.0078 6076 mraid35x - ok
00:03:31.0140 6076 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\windows\system32\DRIVERS\mrxdav.sys
00:03:31.0281 6076 MRxDAV - ok
00:03:31.0359 6076 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\windows\system32\DRIVERS\mrxsmb.sys
00:03:31.0421 6076 MRxSmb - ok
00:03:31.0468 6076 MSDTC (6db4d1521caba9a5ffab54ade0ae867d) C:\WINDOWS\system32\msdtc.exe
00:03:31.0609 6076 MSDTC - ok
00:03:31.0625 6076 Msfs (c941ea2454ba8350021d774daf0f1027) C:\windows\system32\drivers\Msfs.sys
00:03:31.0765 6076 Msfs - ok
00:03:31.0765 6076 MSIServer - ok
00:03:31.0812 6076 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\windows\system32\drivers\MSKSSRV.sys
00:03:31.0968 6076 MSKSSRV - ok
00:03:32.0015 6076 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\windows\system32\drivers\MSPCLOCK.sys
00:03:32.0171 6076 MSPCLOCK - ok
00:03:32.0218 6076 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\windows\system32\drivers\MSPQM.sys
00:03:32.0375 6076 MSPQM - ok
00:03:32.0437 6076 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\windows\system32\DRIVERS\mssmbios.sys
00:03:32.0593 6076 mssmbios - ok
00:03:32.0640 6076 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\windows\system32\drivers\MSTEE.sys
00:03:32.0828 6076 MSTEE - ok
00:03:32.0859 6076 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\windows\system32\drivers\Mup.sys
00:03:32.0921 6076 Mup - ok
00:03:32.0968 6076 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\windows\system32\DRIVERS\NABTSFEC.sys
00:03:33.0171 6076 NABTSFEC - ok
00:03:33.0234 6076 napagent (6ea362e9db03d44f6b996f4d8be237e9) C:\windows\System32\qagentrt.dll
00:03:33.0468 6076 napagent - ok
00:03:33.0562 6076 NDIS (1df7f42665c94b825322fae71721130d) C:\windows\system32\drivers\NDIS.sys
00:03:33.0750 6076 NDIS - ok
00:03:33.0843 6076 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\windows\system32\DRIVERS\NdisIP.sys
00:03:34.0031 6076 NdisIP - ok
00:03:34.0078 6076 Ndisprot (a3b80c6e0774815c362aeb5ed5ac047d) C:\windows\system32\drivers\Ndisprot.sys
00:03:34.0093 6076 Ndisprot ( UnsignedFile.Multi.Generic ) - warning
00:03:34.0093 6076 Ndisprot - detected UnsignedFile.Multi.Generic (1)
00:03:34.0156 6076 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\windows\system32\DRIVERS\ndistapi.sys
00:03:34.0187 6076 NdisTapi - ok
00:03:34.0203 6076 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\windows\system32\DRIVERS\ndisuio.sys
00:03:34.0359 6076 Ndisuio - ok
00:03:34.0421 6076 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\windows\system32\DRIVERS\ndiswan.sys
00:03:34.0546 6076 NdisWan - ok
00:03:34.0593 6076 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\windows\system32\drivers\NDProxy.sys
00:03:34.0656 6076 NDProxy - ok
00:03:34.0703 6076 Net Driver HPZ12 (51c6d8bfbd4ea5b62a1ba7f4469250d3) C:\WINDOWS\system32\HPZinw12.dll
00:03:34.0703 6076 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
00:03:34.0703 6076 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
00:03:34.0750 6076 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\windows\system32\DRIVERS\netbios.sys
00:03:34.0875 6076 NetBIOS - ok
00:03:34.0906 6076 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\windows\system32\DRIVERS\netbt.sys
00:03:35.0046 6076 NetBT - ok
00:03:35.0078 6076 NetDDE (933de774986ec85e48210c44ab431de6) C:\windows\system32\netdde.exe
00:03:35.0281 6076 NetDDE - ok
00:03:35.0281 6076 NetDDEdsdm (933de774986ec85e48210c44ab431de6) C:\windows\system32\netdde.exe
00:03:35.0406 6076 NetDDEdsdm - ok
00:03:35.0453 6076 Netlogon (ed0a176354487ceed65b80a7148ab739) C:\windows\system32\lsass.exe
00:03:35.0593 6076 Netlogon - ok
00:03:35.0609 6076 Netman (72e1e9e2977be08bdeedb6d8fd9d4d40) C:\windows\System32\netman.dll
00:03:35.0750 6076 Netman - ok
00:03:35.0890 6076 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:03:35.0906 6076 NetTcpPortSharing - ok
00:03:35.0937 6076 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\windows\system32\DRIVERS\nic1394.sys
00:03:36.0062 6076 NIC1394 - ok
00:03:36.0109 6076 Nla (39ee7c3bfbc64ba87cc8cf67386e814c) C:\windows\System32\mswsock.dll
00:03:36.0171 6076 Nla - ok
00:03:36.0281 6076 nlsvc (c8f536fb328afe64a7f18bbfc00b10ee) C:\Program Files\NetLimiter 2 Pro\nlsvc.exe
00:03:36.0343 6076 nlsvc ( UnsignedFile.Multi.Generic ) - warning
00:03:36.0343 6076 nlsvc - detected UnsignedFile.Multi.Generic (1)
00:03:36.0359 6076 nltdi (3ee27bcff781f07a12df75e8be852b0e) C:\WINDOWS\system32\drivers\nltdi.sys
00:03:36.0375 6076 nltdi ( UnsignedFile.Multi.Generic ) - warning
00:03:36.0375 6076 nltdi - detected UnsignedFile.Multi.Generic (1)
00:03:36.0421 6076 nmwcd (cfe3462a9e94a57dcd9676f6b7fe7f67) C:\windows\system32\drivers\ccdcmb.sys
00:03:36.0625 6076 nmwcd - ok
00:03:36.0671 6076 nmwcdc (8f2a94f991f8c73cec26b4b5620d1edc) C:\windows\system32\drivers\ccdcmbo.sys
00:03:36.0781 6076 nmwcdc - ok
00:03:36.0828 6076 nmwcdnsu (99145c5d4b6c4d6f5ce83ee6abffe294) C:\windows\system32\drivers\nmwcdnsu.sys
00:03:36.0937 6076 nmwcdnsu - ok
00:03:36.0984 6076 nmwcdnsuc (faee7b61c6885b091cec1ff06da2e1ab) C:\windows\system32\drivers\nmwcdnsuc.sys
00:03:37.0109 6076 nmwcdnsuc - ok
00:03:37.0140 6076 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\windows\system32\drivers\Npfs.sys
00:03:37.0328 6076 Npfs - ok
00:03:37.0437 6076 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\windows\system32\drivers\Ntfs.sys
00:03:37.0562 6076 Ntfs - ok
00:03:37.0609 6076 NtLmSsp (ed0a176354487ceed65b80a7148ab739) C:\windows\system32\lsass.exe
00:03:37.0734 6076 NtLmSsp - ok
00:03:37.0843 6076 NtmsSvc (023dd70573d644f3d9c8b1258a7bfd08) C:\windows\system32\ntmssvc.dll
00:03:38.0000 6076 NtmsSvc - ok
00:03:38.0046 6076 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\windows\system32\drivers\Null.sys
00:03:38.0203 6076 Null - ok
00:03:38.0250 6076 NWCWorkstation (adb82fbc435ae7504082b3c714c3885d) C:\windows\System32\nwwks.dll
00:03:38.0375 6076 NWCWorkstation - ok
00:03:38.0421 6076 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\windows\system32\DRIVERS\nwlnkflt.sys
00:03:38.0562 6076 NwlnkFlt - ok
00:03:38.0578 6076 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\windows\system32\DRIVERS\nwlnkfwd.sys
00:03:38.0734 6076 NwlnkFwd - ok
00:03:38.0812 6076 NwlnkIpx (8b8b1be2dba4025da6786c645f77f123) C:\windows\system32\DRIVERS\nwlnkipx.sys
00:03:38.0937 6076 NwlnkIpx - ok
00:03:38.0968 6076 NwlnkNb (56d34a67c05e94e16377c60609741ff8) C:\windows\system32\DRIVERS\nwlnknb.sys
00:03:39.0125 6076 NwlnkNb - ok
00:03:39.0156 6076 NwlnkSpx (c0bb7d1615e1acbdc99757f6ceaf8cf0) C:\windows\system32\DRIVERS\nwlnkspx.sys
00:03:39.0296 6076 NwlnkSpx - ok
00:03:39.0312 6076 NWRDR (36b9b950e3d2e100970a48d8bad86740) C:\windows\system32\DRIVERS\nwrdr.sys
00:03:39.0453 6076 NWRDR - ok
00:03:39.0671 6076 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:03:39.0703 6076 odserv - ok
00:03:39.0765 6076 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\windows\system32\DRIVERS\ohci1394.sys
00:03:39.0890 6076 ohci1394 - ok
00:03:39.0953 6076 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:03:39.0968 6076 ose - ok
00:03:40.0046 6076 PAC7311 (735640d311d27e0095d748f725b9e507) C:\windows\system32\DRIVERS\PA707UCM.SYS
00:03:40.0125 6076 PAC7311 - ok
00:03:40.0156 6076 Parport (46f8db73b4a53e543f8e371dc7c75bae) C:\windows\system32\drivers\Parport.sys
00:03:40.0390 6076 Parport - ok
00:03:40.0406 6076 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\windows\system32\drivers\PartMgr.sys
00:03:40.0531 6076 PartMgr - ok
00:03:40.0578 6076 ParVdm (1fae19d0457176318bba4a8795656ebc) C:\windows\system32\drivers\ParVdm.sys
00:03:40.0734 6076 ParVdm - ok
00:03:40.0828 6076 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\windows\system32\DRIVERS\pccsmcfd.sys
00:03:40.0843 6076 pccsmcfd - ok
00:03:40.0890 6076 PCI (6ce351d149cb4befc702951e471e1730) C:\windows\system32\DRIVERS\pci.sys
00:03:41.0015 6076 PCI - ok
00:03:41.0015 6076 PCIDump - ok
00:03:41.0062 6076 PCIIde (2da4ec85e0ea7a45c6b2a05820492d5a) C:\windows\system32\DRIVERS\pciide.sys
00:03:41.0203 6076 PCIIde - ok
00:03:41.0218 6076 Pcmcia (4fc31e6c19a5ce5198b1abff94cae758) C:\windows\system32\DRIVERS\pcmcia.sys
00:03:41.0375 6076 Pcmcia - ok
00:03:41.0421 6076 pcouffin (5b6c11de7e839c05248ced8825470fef) C:\windows\system32\Drivers\pcouffin.sys
00:03:41.0437 6076 pcouffin ( UnsignedFile.Multi.Generic ) - warning
00:03:41.0437 6076 pcouffin - detected UnsignedFile.Multi.Generic (1)
00:03:41.0437 6076 PDCOMP - ok
00:03:41.0453 6076 PDFRAME - ok
00:03:41.0453 6076 PDRELI - ok
00:03:41.0468 6076 PDRFRAME - ok
00:03:41.0484 6076 perc2 - ok
00:03:41.0500 6076 perc2hib - ok
00:03:41.0562 6076 PlugPlay (9ef697af07bb8dd82c3b02ca953a95b7) C:\windows\system32\services.exe
00:03:41.0593 6076 PlugPlay - ok
00:03:41.0640 6076 Pml Driver HPZ12 (79834aa2fbf9fe81eebb229024f6f7fc) C:\WINDOWS\system32\HPZipm12.dll
00:03:41.0656 6076 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
00:03:41.0656 6076 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
00:03:41.0703 6076 PnkBstrA (0e01d7eebada0b324db0ca1ee73440ba) C:\windows\system32\PnkBstrA.exe
00:03:41.0718 6076 PnkBstrA - ok
00:03:41.0750 6076 PnkBstrB (1428e6cc1458a36cbfc1f2e304c7c42d) C:\windows\system32\PnkBstrB.exe
00:03:41.0765 6076 PnkBstrB - ok
00:03:41.0812 6076 PolicyAgent (ed0a176354487ceed65b80a7148ab739) C:\windows\system32\lsass.exe
00:03:41.0937 6076 PolicyAgent - ok
00:03:42.0031 6076 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\windows\system32\DRIVERS\raspptp.sys
00:03:42.0140 6076 PptpMiniport - ok
00:03:42.0156 6076 ProtectedStorage (ed0a176354487ceed65b80a7148ab739) C:\windows\system32\lsass.exe
00:03:42.0281 6076 ProtectedStorage - ok
00:03:42.0296 6076 PSched (09298ec810b07e5d582cb3a3f9255424) C:\windows\system32\DRIVERS\psched.sys
00:03:42.0437 6076 PSched - ok
00:03:42.0484 6076 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\windows\system32\DRIVERS\ptilink.sys
00:03:42.0625 6076 Ptilink - ok
00:03:42.0734 6076 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\windows\system32\Drivers\PxHelp20.sys
00:03:42.0734 6076 PxHelp20 - ok
00:03:42.0750 6076 ql1080 - ok
00:03:42.0750 6076 Ql10wnt - ok
00:03:42.0765 6076 ql12160 - ok
00:03:42.0765 6076 ql1240 - ok
00:03:42.0781 6076 ql1280 - ok
00:03:42.0781 6076 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\windows\system32\DRIVERS\rasacd.sys
00:03:42.0937 6076 RasAcd - ok
00:03:43.0031 6076 RasAuto (2b5e44ea009f2f374b980e1e9a70635d) C:\windows\System32\rasauto.dll
00:03:43.0156 6076 RasAuto - ok
00:03:43.0187 6076 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\windows\system32\DRIVERS\rasl2tp.sys
00:03:43.0312 6076 Rasl2tp - ok
00:03:43.0421 6076 RasMan (d57554c664b64604bd1ee13ea2c07e77) C:\windows\System32\rasmans.dll
00:03:43.0546 6076 RasMan - ok
00:03:43.0562 6076 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\windows\system32\DRIVERS\raspppoe.sys
00:03:43.0687 6076 RasPppoe - ok
00:03:43.0703 6076 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\windows\system32\DRIVERS\raspti.sys
00:03:43.0859 6076 Raspti - ok
00:03:43.0875 6076 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\windows\system32\DRIVERS\rdbss.sys
00:03:44.0015 6076 Rdbss - ok
00:03:44.0031 6076 RDPCDD (4912d5b403614ce99c28420f75353332) C:\windows\system32\DRIVERS\RDPCDD.sys
00:03:44.0187 6076 RDPCDD - ok
00:03:44.0218 6076 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\windows\system32\DRIVERS\rdpdr.sys
00:03:44.0343 6076 rdpdr - ok
00:03:44.0390 6076 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\windows\system32\drivers\RDPWD.sys
00:03:44.0437 6076 RDPWD - ok
00:03:44.0484 6076 RDSessMgr (c0d9d9711cb74ee9bc66353d8cbdab0e) C:\WINDOWS\system32\sessmgr.exe
00:03:44.0625 6076 RDSessMgr - ok
00:03:44.0671 6076 redbook (611bfd220305be3a85ae876ea47d4aa5) C:\windows\system32\DRIVERS\redbook.sys
00:03:44.0796 6076 redbook - ok
00:03:44.0859 6076 RemoteAccess (127c26b5371651043450e52542099aba) C:\windows\System32\mprdim.dll
00:03:44.0984 6076 RemoteAccess - ok
00:03:45.0031 6076 RemoteRegistry (8f31505484a190d5b22274708799f4ec) C:\windows\system32\regsvc.dll
00:03:45.0156 6076 RemoteRegistry - ok
00:03:45.0187 6076 RpcLocator (718b3bdc0bc3c2f7d065a53d26202af9) C:\windows\system32\locator.exe
00:03:45.0328 6076 RpcLocator - ok
00:03:45.0437 6076 RpcSs (be27674d1cbc3214aec84b4336a38bbf) C:\windows\System32\rpcss.dll
00:03:45.0500 6076 RpcSs - ok
00:03:45.0546 6076 RSVP (09ab2e71e58b078038e3bfdba7ffc984) C:\windows\system32\rsvp.exe
00:03:45.0687 6076 RSVP - ok
00:03:45.0734 6076 RTLE8023xp (bb0ae2171f08129f4f3ff9df20ffbf89) C:\windows\system32\DRIVERS\Rtenicxp.sys
00:03:45.0765 6076 RTLE8023xp - ok
00:03:45.0812 6076 SamSs (ed0a176354487ceed65b80a7148ab739) C:\windows\system32\lsass.exe
00:03:45.0984 6076 SamSs - ok
00:03:46.0015 6076 SASKUTIL - ok
00:03:46.0062 6076 SCardSvr (410046e401eb11e1e6749e9deea41d4a) C:\windows\System32\SCardSvr.exe
00:03:46.0265 6076 SCardSvr - ok
00:03:46.0343 6076 Schedule (3ff232a7731621b8902d81d42418c93c) C:\windows\system32\schedsvc.dll
00:03:46.0484 6076 Schedule - ok
00:03:46.0500 6076 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\windows\system32\DRIVERS\sdbus.sys
00:03:46.0625 6076 sdbus - ok
00:03:46.0671 6076 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\DRIVERS\secdrv.sys
00:03:46.0828 6076 Secdrv - ok
00:03:46.0890 6076 seclogon (477e2c3cc5e4a0d635bcb0ea8dcac3c6) C:\windows\System32\seclogon.dll
00:03:47.0031 6076 seclogon - ok
00:03:47.0046 6076 SENS (a530b75c10c23c9ab28fdb6ce719e21f) C:\windows\system32\sens.dll
00:03:47.0187 6076 SENS - ok
00:03:47.0218 6076 Serial (b842729337c9b921615c40d3c1a1af96) C:\windows\system32\drivers\Serial.sys
00:03:47.0359 6076 Serial - ok
00:03:47.0484 6076 ServiceLayer (8c1f87f5fdd92229d1754b98f073913f) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
00:03:47.0531 6076 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
00:03:47.0531 6076 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
00:03:47.0562 6076 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\windows\system32\DRIVERS\sffdisk.sys
00:03:47.0687 6076 sffdisk - ok
00:03:47.0718 6076 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\windows\system32\DRIVERS\sffp_sd.sys
00:03:47.0843 6076 sffp_sd - ok
00:03:47.0859 6076 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\windows\system32\DRIVERS\sfloppy.sys
00:03:48.0000 6076 Sfloppy - ok
00:03:48.0062 6076 SharedAccess (f58faca9621d2db01bd0927d9a0a208e) C:\windows\System32\ipnathlp.dll
00:03:48.0250 6076 SharedAccess - ok
00:03:48.0328 6076 ShellHWDetection (ee9a2b9ea968a792a053c9d1a86bf870) C:\windows\System32\shsvcs.dll
00:03:48.0343 6076 ShellHWDetection - ok
00:03:48.0359 6076 Simbad - ok
00:03:48.0390 6076 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\windows\system32\DRIVERS\SLIP.sys
00:03:48.0546 6076 SLIP - ok
00:03:48.0656 6076 SMTPSVC (07ad42303519a955560b5a19fe20b68f) C:\WINDOWS\system32\inetsrv\inetinfo.exe
00:03:48.0796 6076 SMTPSVC - ok
00:03:48.0796 6076 Sparrow - ok
00:03:48.0906 6076 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\windows\system32\drivers\splitter.sys
00:03:49.0046 6076 splitter - ok
00:03:49.0093 6076 Spooler (60784f891563fb1b767f70117fc2428f) C:\windows\system32\spoolsv.exe
00:03:49.0125 6076 Spooler - ok
00:03:49.0203 6076 sptd (cdddec541bc3c96f91ecb48759673505) C:\windows\system32\Drivers\sptd.sys
00:03:49.0203 6076 Suspicious file (NoAccess): C:\windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
00:03:49.0203 6076 sptd ( LockedFile.Multi.Generic ) - warning
00:03:49.0203 6076 sptd - detected LockedFile.Multi.Generic (1)
00:03:49.0234 6076 sr (94610c8653635e4459316a0050d55ce7) C:\windows\system32\DRIVERS\sr.sys
00:03:49.0375 6076 sr - ok
00:03:49.0437 6076 srservice (35b91147124f64ac8081a2edb9ea4dee) C:\windows\system32\srsvc.dll
00:03:49.0656 6076 srservice - ok
00:03:49.0718 6076 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\windows\system32\DRIVERS\srv.sys
00:03:49.0765 6076 Srv - ok
00:03:49.0781 6076 SSDPSRV (becd5271dc4e3b7c3d035f790fcbc1e5) C:\windows\System32\ssdpsrv.dll
00:03:49.0906 6076 SSDPSRV - ok
00:03:50.0015 6076 ssm_bus (14622ae81c72b08691eedaabc1d4a129) C:\windows\system32\DRIVERS\ssm_bus.sys
00:03:50.0031 6076 ssm_bus - ok
00:03:50.0062 6076 ssm_mdfl (43ee5e9fda61a5e0eac4c1de699e6e4d) C:\windows\system32\DRIVERS\ssm_mdfl.sys
00:03:50.0078 6076 ssm_mdfl - ok
00:03:50.0140 6076 ssm_mdm (918cfd32c7feb174f356a0a6fad11f4b) C:\windows\system32\DRIVERS\ssm_mdm.sys
00:03:50.0156 6076 ssm_mdm - ok
00:03:50.0203 6076 StarOpen (306521935042fc0a6988d528643619b3) C:\windows\system32\drivers\StarOpen.sys
00:03:50.0218 6076 StarOpen ( UnsignedFile.Multi.Generic ) - warning
00:03:50.0218 6076 StarOpen - detected UnsignedFile.Multi.Generic (1)
00:03:50.0281 6076 stisvc (c1cdd9275f6a115bb0ae1d55d8d27ba6) C:\windows\system32\wiaservc.dll
00:03:50.0421 6076 stisvc - ok
00:03:50.0468 6076 StMp3Rec (d59c1c8c2a75068ef73ff6e66983f296) C:\windows\system32\Drivers\StMp3Rec.sys
00:03:50.0500 6076 StMp3Rec ( UnsignedFile.Multi.Generic ) - warning
00:03:50.0500 6076 StMp3Rec - detected UnsignedFile.Multi.Generic (1)
00:03:50.0546 6076 streamip (77813007ba6265c4b6098187e6ed79d2) C:\windows\system32\DRIVERS\StreamIP.sys
00:03:50.0734 6076 streamip - ok
00:03:50.0812 6076 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\windows\system32\DRIVERS\swenum.sys
00:03:51.0031 6076 swenum - ok
00:03:51.0062 6076 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\windows\system32\drivers\swmidi.sys
00:03:51.0281 6076 swmidi - ok
00:03:51.0281 6076 SwPrv - ok
00:03:51.0281 6076 symc810 - ok
00:03:51.0296 6076 symc8xx - ok
00:03:51.0296 6076 SymIM - ok
00:03:51.0312 6076 SymIMMP - ok
00:03:51.0359 6076 symlcbrd (b226f8a4d780acdf76145b58bb791d5b) C:\WINDOWS\system32\drivers\symlcbrd.sys
00:03:51.0375 6076 symlcbrd - ok
00:03:51.0375 6076 sym_hi - ok
00:03:51.0375 6076 sym_u3 - ok
00:03:51.0406 6076 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\windows\system32\drivers\sysaudio.sys
00:03:51.0515 6076 sysaudio - ok
00:03:51.0562 6076 SysmonLog (ce06f01b88ace199a1bf460cac29c110) C:\windows\system32\smlogsvc.exe
00:03:51.0703 6076 SysmonLog - ok
00:03:51.0718 6076 TapiSrv (c2546cd7a398476f9df5614b2ae160e8) C:\windows\System32\tapisrv.dll
00:03:51.0859 6076 TapiSrv - ok
00:03:51.0968 6076 tbhMonitor.exe (ebb2ab0e249202b1d9c734b3dcf712c0) C:\Program Files\tbh\monitor\bin\tbhMonitor.exe
00:03:52.0000 6076 tbhMonitor.exe - ok
00:03:52.0062 6076 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\windows\system32\DRIVERS\tcpip.sys
00:03:52.0109 6076 Tcpip - ok
00:03:52.0171 6076 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\windows\system32\drivers\TDPIPE.sys
00:03:52.0296 6076 TDPIPE - ok
00:03:52.0328 6076 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\windows\system32\drivers\TDTCP.sys
00:03:52.0453 6076 TDTCP - ok
00:03:52.0468 6076 TermDD (88155247177638048422893737429d9e) C:\windows\system32\DRIVERS\termdd.sys
00:03:52.0593 6076 TermDD - ok
00:03:52.0718 6076 TermService (a75dd6fc3dbee4fff5ebc9f2c28bb66e) C:\windows\System32\termsrv.dll
00:03:52.0859 6076 TermService - ok
00:03:52.0906 6076 Themes (ee9a2b9ea968a792a053c9d1a86bf870) C:\windows\System32\shsvcs.dll
00:03:52.0937 6076 Themes - ok
00:03:52.0984 6076 tifm21 (f779ba4cd37963ab4600c9871b7752a3) C:\windows\system32\drivers\tifm21.sys
00:03:53.0000 6076 tifm21 ( UnsignedFile.Multi.Generic ) - warning
00:03:53.0000 6076 tifm21 - detected UnsignedFile.Multi.Generic (1)
00:03:53.0046 6076 TlntSvr (cd0cc7b167d78043a41c98d4921efb54) C:\WINDOWS\system32\tlntsvr.exe
00:03:53.0203 6076 TlntSvr - ok
00:03:53.0203 6076 TosIde - ok
00:03:53.0234 6076 TrkWks (38853304ccb938d30e0c4cde8d2c2a8a) C:\windows\system32\trkwks.dll
00:03:53.0375 6076 TrkWks - ok
00:03:53.0406 6076 TrueSight (b3c9c35dc93563b8d19ad414edf2fc82) c:\windows\system32\drivers\TrueSight.sys
00:03:53.0437 6076 TrueSight ( UnsignedFile.Multi.Generic ) - warning
00:03:53.0437 6076 TrueSight - detected UnsignedFile.Multi.Generic (1)
00:03:53.0484 6076 TVICHW32 (e266683fc95abdec17cd378564e1b54b) C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS
00:03:53.0515 6076 TVICHW32 ( UnsignedFile.Multi.Generic ) - warning
00:03:53.0515 6076 TVICHW32 - detected UnsignedFile.Multi.Generic (1)
00:03:53.0531 6076 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\windows\system32\drivers\Udfs.sys
00:03:53.0656 6076 Udfs - ok
00:03:53.0671 6076 ultra - ok
00:03:53.0734 6076 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\windows\system32\DRIVERS\update.sys
00:03:53.0890 6076 Update - ok
00:03:53.0953 6076 upnphost (651bd90dcee5b7bdc74a2eb7c9266f9e) C:\windows\System32\upnphost.dll
00:03:54.0171 6076 upnphost - ok
00:03:54.0218 6076 upperdev (ec01da44b090d2651fc032c8b9257232) C:\windows\system32\DRIVERS\usbser_lowerflt.sys
00:03:54.0328 6076 upperdev - ok
00:03:54.0343 6076 UPS (20a0f6a11959e92908717d09e87d670d) C:\windows\System32\ups.exe
00:03:54.0484 6076 UPS - ok
00:03:54.0531 6076 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\windows\system32\Drivers\usbaapl.sys
00:03:54.0562 6076 USBAAPL - ok
00:03:54.0625 6076 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\windows\system32\DRIVERS\usbccgp.sys
00:03:54.0750 6076 usbccgp - ok
00:03:54.0781 6076 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\windows\system32\DRIVERS\usbehci.sys
00:03:54.0890 6076 usbehci - ok
00:03:54.0906 6076 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\windows\system32\DRIVERS\usbhub.sys
00:03:55.0046 6076 usbhub - ok
00:03:55.0078 6076 usbprint (a717c8721046828520c9edf31288fc00) C:\windows\system32\DRIVERS\usbprint.sys
00:03:55.0234 6076 usbprint - ok
00:03:55.0281 6076 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\windows\system32\DRIVERS\usbscan.sys
00:03:55.0437 6076 usbscan - ok
00:03:55.0468 6076 usbser (1c888b000c2f9492f4b15b5b6b84873e) C:\windows\system32\drivers\usbser.sys
00:03:55.0593 6076 usbser - ok
00:03:55.0640 6076 UsbserFilt (4abd37cfbd710e64f01f9da8710c73f7) C:\windows\system32\DRIVERS\usbser_lowerfltj.sys
00:03:55.0734 6076 UsbserFilt - ok
00:03:55.0765 6076 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\windows\system32\DRIVERS\USBSTOR.SYS
00:03:55.0890 6076 USBSTOR - ok
00:03:55.0890 6076 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\windows\system32\DRIVERS\usbuhci.sys
00:03:56.0031 6076 usbuhci - ok
00:03:56.0046 6076 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\windows\System32\drivers\vga.sys
00:03:56.0187 6076 VgaSave - ok
00:03:56.0187 6076 ViaIde - ok
00:03:56.0203 6076 VolSnap (28a4b296b47782173c346e376cb374d1) C:\windows\system32\drivers\VolSnap.sys
00:03:56.0328 6076 VolSnap - ok
00:03:56.0406 6076 VSS (d6ba1a63d9e00933f1cd2a885573afb2) C:\windows\System32\vssvc.exe
00:03:56.0531 6076 VSS - ok
00:03:56.0562 6076 W32Time (fa4e1cdba256787f2149f4aad07bc91f) C:\windows\system32\w32time.dll
00:03:56.0687 6076 W32Time - ok
00:03:56.0781 6076 W3SVC (07ad42303519a955560b5a19fe20b68f) C:\windows\system32\inetsrv\inetinfo.exe
00:03:56.0890 6076 W3SVC - ok
00:03:56.0906 6076 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\windows\system32\DRIVERS\wanarp.sys
00:03:57.0031 6076 Wanarp - ok
00:03:57.0093 6076 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\windows\system32\DRIVERS\Wdf01000.sys
00:03:57.0125 6076 Wdf01000 - ok
00:03:57.0125 6076 WDICA - ok
00:03:57.0171 6076 wdmaud (6768acf64b18196494413695f0c3a00f) C:\windows\system32\drivers\wdmaud.sys
00:03:57.0328 6076 wdmaud - ok
00:03:57.0375 6076 WebClient (47ae51048a82dfa1cd6b51d369f7e169) C:\windows\System32\webclnt.dll
00:03:57.0500 6076 WebClient - ok
00:03:57.0578 6076 winmgmt (e488332126e3b1182d2b8a0c35408ec6) C:\windows\system32\wbem\WMIsvc.dll
00:03:57.0718 6076 winmgmt - ok
00:03:57.0781 6076 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\windows\system32\MsPMSNSv.dll
00:03:57.0828 6076 WmdmPmSN - ok
00:03:57.0906 6076 Wmi (0171cff34bba8c5977f18c48d8aef8c6) C:\windows\System32\advapi32.dll
00:03:57.0953 6076 Wmi - ok
00:03:58.0046 6076 WmiApSrv (23f6f03272f7e5679f1f050aed5acee6) C:\WINDOWS\system32\wbem\wmiapsrv.exe
00:03:58.0281 6076 WmiApSrv - ok
00:03:58.0453 6076 WMPNetworkSvc (3739866d20abd42f26a7b85f9e2560af) C:\Program Files\Windows Media Player\WMPNetwk.exe
00:03:58.0515 6076 WMPNetworkSvc - ok
00:03:58.0593 6076 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\windows\system32\Drivers\wpdusb.sys
00:03:58.0625 6076 WpdUsb - ok
00:03:58.0703 6076 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\windows\System32\drivers\ws2ifsl.sys
00:03:58.0968 6076 WS2IFSL - ok
00:03:59.0015 6076 wscsvc (4c86d5faf78194995af9cc1075f65dd3) C:\windows\system32\wscsvc.dll
00:03:59.0156 6076 wscsvc - ok
00:03:59.0187 6076 WSIMD (e23437e5b715b999e280d00d9eea64da) C:\windows\system32\DRIVERS\wsimd.sys
00:03:59.0234 6076 WSIMD - ok
00:03:59.0281 6076 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\windows\system32\DRIVERS\WSTCODEC.SYS
00:03:59.0406 6076 WSTCODEC - ok
00:03:59.0421 6076 wuauserv (c1364564800ee9784192145324a23308) C:\windows\system32\wuauserv.dll
00:03:59.0640 6076 wuauserv - ok
00:03:59.0671 6076 WudfPf (eaa6324f51214d2f6718977ec9ce0def) C:\windows\system32\DRIVERS\WudfPf.sys
00:03:59.0718 6076 WudfPf - ok
00:03:59.0750 6076 WudfRd (f91ff1e51fca30b3c3981db7d5924252) C:\windows\system32\DRIVERS\wudfrd.sys
00:03:59.0781 6076 WudfRd - ok
00:03:59.0796 6076 WudfSvc (ddee3682fe97037c45f4d7ab467cb8b6) C:\windows\System32\WUDFSvc.dll
00:03:59.0812 6076 WudfSvc - ok
00:03:59.0890 6076 WZCSVC (a27d4ba7264c0bf52f32d10405bea1d4) C:\windows\System32\wzcsvc.dll
00:04:00.0125 6076 WZCSVC - ok
00:04:00.0171 6076 xmlprov (eaa4bb9edb3fb10cf8979fe65e63658f) C:\windows\System32\xmlprov.dll
00:04:00.0390 6076 xmlprov - ok
00:04:00.0484 6076 MBR (0x1B8) (413fc2a0c716421b3158746d63736515) \Device\Harddisk0\DR0
00:04:01.0031 6076 \Device\Harddisk0\DR0 - ok
00:04:01.0046 6076 Boot (0x1200) (4ca597de7004aa77e9ec4d8328dd2fb2) \Device\Harddisk0\DR0\Partition0
00:04:01.0046 6076 \Device\Harddisk0\DR0\Partition0 - ok
00:04:01.0046 6076 ============================================================
00:04:01.0046 6076 Scan finished
00:04:01.0046 6076 ============================================================
00:04:01.0171 5472 Detected object count: 17
00:04:01.0171 5472 Actual detected object count: 17
00:04:26.0609 5472 acs ( UnsignedFile.Multi.Generic ) - skipped by user
00:04:26.0609 5472 acs ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:04:26.0609 5472 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
00:04:26.0609 5472 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:04:26.0609 5472 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
00:04:26.0609 5472 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:04:26.0609 5472 igfx ( UnsignedFile.Multi.Generic ) - skipped by user
00:04:26.0609 5472 igfx ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:04:26.0625 5472 Ndisprot ( UnsignedFile.Multi.Generic ) - skipped by user
00:04:26.0625 5472 Ndisprot ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:04:26.0625 5472 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
00:04:26.0625 5472 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:04:26.0625 5472 nlsvc ( UnsignedFile.Multi.Generic ) - skipped by user
00:04:26.0625 5472 nlsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:04:26.0625 5472 nltdi ( UnsignedFile.Multi.Generic ) - skipped by user
00:04:26.0625 5472 nltdi ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:04:26.0625 5472 pcouffin ( UnsignedFile.Multi.Generic ) - skipped by user
00:04:26.0625 5472 pcouffin ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:04:26.0640 5472 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
00:04:26.0640 5472 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:04:26.0640 5472 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
00:04:26.0640 5472 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:04:26.0640 5472 sptd ( LockedFile.Multi.Generic ) - skipped by user
00:04:26.0640 5472 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
00:04:26.0640 5472 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
00:04:26.0640 5472 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:04:26.0640 5472 StMp3Rec ( UnsignedFile.Multi.Generic ) - skipped by user
00:04:26.0640 5472 StMp3Rec ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:04:26.0640 5472 tifm21 ( UnsignedFile.Multi.Generic ) - skipped by user
00:04:26.0640 5472 tifm21 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:04:26.0656 5472 TrueSight ( UnsignedFile.Multi.Generic ) - skipped by user
00:04:26.0656 5472 TrueSight ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:04:26.0656 5472 TVICHW32 ( UnsignedFile.Multi.Generic ) - skipped by user
00:04:26.0656 5472 TVICHW32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
Re: Pomaly pocitac, zejmena mozilla
Spustte znovu RogueKiller
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
- Zvolte moznost Prohledat a pote Smazat a nasledne Zprava - otevre se log, ten sem vlozte
- Pak kliknete na Oprava Host a Zprava - otevre se log, ten sem vlozte
- Pak kliknete na Oprava Proxy a Zprava - otevre se log, ten sem vlozte
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
- Pokud mate Win XP spustte pod uctem Spravce\Administratora
- Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
- Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
- Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
- Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
- Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
- Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
- Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
Re: Pomaly pocitac, zejmena mozilla
Bohuzel, pri "prohledani" mi program spadl a pri opakovanem "prohledani" uz nebylo co vymazat.
RogueKiller V7.6.3 [07/08/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v: Normální režim
Uživatel: pavel [Práva správce]
Mód: Oprava HOSTS -- Datum: 07/13/2012 00:46:55
¤¤¤ Škodlivé procesy: 0 ¤¤¤
¤¤¤ Ovladač: [NAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
ÿþ1
¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost
Dokončeno : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt
RogueKiller V7.6.3 [07/08/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v: Normální režim
Uživatel: pavel [Práva správce]
Mód: Oprava Proxy -- Datum: 07/13/2012 00:47:53
¤¤¤ Škodlivé procesy: 0 ¤¤¤
¤¤¤ Ovladač: [NAHRÁNO] ¤¤¤
¤¤¤ Záznamy Registrů: 0 ¤¤¤
Dokončeno : << RKreport[4].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt6F8D75
RogueKiller V7.6.3 [07/08/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v: Normální režim
Uživatel: pavel [Práva správce]
Mód: Oprava HOSTS -- Datum: 07/13/2012 00:46:55
¤¤¤ Škodlivé procesy: 0 ¤¤¤
¤¤¤ Ovladač: [NAHRÁNO] ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
ÿþ1
¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost
Dokončeno : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt
RogueKiller V7.6.3 [07/08/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Podpora: http://www.geekstogo.com/forum/files/fi ... guekiller/
Operační systém: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v: Normální režim
Uživatel: pavel [Práva správce]
Mód: Oprava Proxy -- Datum: 07/13/2012 00:47:53
¤¤¤ Škodlivé procesy: 0 ¤¤¤
¤¤¤ Ovladač: [NAHRÁNO] ¤¤¤
¤¤¤ Záznamy Registrů: 0 ¤¤¤
Dokončeno : << RKreport[4].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt ; RKreport[4].txt6F8D75
Re: Pomaly pocitac, zejmena mozilla
a jeste log z comba
- Přílohy
-
- log combofix.rar
- (33.3 KiB) Staženo 27 x
Re: Pomaly pocitac, zejmena mozilla
Log si sem vlozim, bez casti SnapShot
ComboFix 12-07-12.02 - pavel 2012-07-13 0:59.14.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.2038.1132 [GMT 2:00]
Spuštěný z: c:\documents and settings\pavel\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\pavel\Local Settings\tempNER57E945ED.TMP
c:\documents and settings\pavel\Local Settings\tempNER59DD58DD.TMP
c:\documents and settings\pavel\Local Settings\tempNER5A983E5F.TMP
c:\documents and settings\pavel\Local Settings\tempNER5B157596.TMP
c:\documents and settings\pavel\Local Settings\tempNER5B927C63.TMP
c:\documents and settings\pavel\Local Settings\tempNER5BFF38AC.TMP
c:\documents and settings\pavel\Local Settings\tempNER5C8C2682.TMP
c:\documents and settings\pavel\Local Settings\tempNER5D6727C8.TMP
c:\documents and settings\pavel\Local Settings\tempNER5DC546C9.TMP
c:\documents and settings\pavel\WINDOWS
c:\windows\iun6002.exe
c:\windows\msmqinst.log
c:\windows\msxml4-KB2721691-enu.LOG
c:\windows\system32\AF15BDAEX.dll
c:\windows\system32\CF14073.exe
c:\windows\system32\dllcache\dlimport.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-12 do 2012-07-12 )))))))))))))))))))))))))))))))
.
.
2012-07-12 17:01 . 2012-07-12 17:01 9822920 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2012-06-29 10:28 . 2012-06-29 10:28 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Juniper Networks
2012-06-29 10:28 . 2012-07-01 11:08 -------- d-----w- c:\documents and settings\pavel\Data aplikací\Juniper Networks
2012-06-25 14:04 . 2012-06-25 14:04 1394248 ----a-w- c:\windows\system32\msxml4.dll
2012-06-18 13:33 . 2012-06-18 13:33 770384 ----a-w- c:\program files\Mozilla Firefox\msvcr100.dll
2012-06-18 13:33 . 2012-06-18 13:33 421200 ----a-w- c:\program files\Mozilla Firefox\msvcp100.dll
2012-06-17 17:36 . 2012-05-11 14:44 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-12 17:01 . 2012-04-11 23:06 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-12 17:01 . 2011-12-08 21:53 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-13 13:55 . 2004-08-18 12:00 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-06-05 15:49 . 2009-03-04 14:22 1372672 ----a-w- c:\windows\system32\msxml6.dll
2012-06-05 15:49 . 2004-08-18 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 04:32 . 2004-08-18 12:00 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 13:19 . 2007-04-16 20:46 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 2007-04-16 20:44 22552 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 13:19 . 2007-08-06 04:33 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2007-08-06 04:33 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 13:19 . 2007-08-06 04:33 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2007-08-06 04:33 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2007-08-06 04:33 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 13:19 . 2007-04-16 20:46 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2007-04-16 20:45 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2007-04-16 20:44 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 13:19 . 2004-08-18 12:00 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2007-08-06 04:33 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2007-08-06 04:33 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 13:19 . 2009-12-02 20:37 17648 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-06-02 13:18 . 2009-12-02 20:37 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-06-02 13:18 . 2009-12-02 20:37 214256 ----a-w- c:\windows\system32\muweb.dll
2012-05-31 13:22 . 2004-08-18 12:00 602112 ----a-w- c:\windows\system32\crypt32.dll
2012-05-16 15:09 . 2004-08-18 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-05-11 14:44 . 2004-08-18 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2012-05-11 14:44 . 2004-08-18 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-05-11 11:38 . 2004-08-18 12:00 385024 ------w- c:\windows\system32\html.iec
2012-05-05 03:14 . 2004-08-18 12:00 2150400 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-05 03:14 . 2004-08-17 15:45 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-02 13:46 . 2007-08-06 04:31 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2005-07-20 19:07 . 2005-07-20 19:07 510 ----a-w- c:\program files\layout.bin
2005-07-20 19:07 . 2005-07-20 19:07 176128 ----a-w- c:\program files\nvudisp.exe
2012-06-30 07:20 . 2011-09-08 17:42 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 123536 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaOviSuite2"="c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" [2011-09-01 966712]
"Center Agent"="c:\program files\Genius Multimedia\HyperMediaCenter\DTVR\Scheduled.exe" [2008-11-07 1520128]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-11-11 1451520]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"TPSODDCtl"="TPSODDCtl.exe" [2006-03-21 102400]
"00Hotkeys"="c:\program files\Hotkeys\HotKeys.exe" [2006-12-02 45056]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"PAC7311_Monitor"="c:\windows\PixArt\PAC7311\Monitor.exe" [2006-11-03 319488]
"tbhSystray"="c:\program files\tbh\base\bin\tbhSystray.exe" [2012-07-12 492840]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-02-26 155648]
"RTHDCPL"="RTHDCPL.EXE" [2008-06-27 16875008]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-06 4241512]
"NSU_agent"="c:\program files\Nokia\Nokia Software Updater\nsu3ui_agent.exe" [2011-12-13 190768]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-09-08 421888]
.
c:\documents and settings\pavel\Nabídka Start\Programy\Po spuštění\
Remote Control.lnk - c:\program files\Genius TVGo DVB-T03\Genius TVGo DVB-T03 Utilities\AFRCtl.exe [2010-1-5 81920]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-8-7 113664]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\games\\Warcraft III\\Warcraft III.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\games\\Command and Conquer Generals\\game.dat"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\tbh\\base\\bin\\tbhDaemon.exe"=
"c:\\Program Files\\tbh\\monitor\\bin\\tbhMonitor.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5191:TCP"= 5191:TCP:The Browser Highlighter XCOM
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2007-08-07 691696]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-12-12 612184]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-12-12 337880]
R1 nltdi;nltdi;c:\windows\system32\drivers\nltdi.sys [2007-04-23 82200]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-12-12 20696]
R2 tbhMonitor.exe;The Browser Highlighter Monitor;c:\program files\tbh\monitor\bin\tbhMonitor.exe [2009-10-22 70952]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S0 lischna;lischna;c:\windows\system32\drivers\jwupsc.sys --> c:\windows\system32\drivers\jwupsc.sys [?]
S1 SASKUTIL;SASKUTIL;\??\c:\program files\SUPERAntiSpyware\SASKUTIL.sys --> c:\program files\SUPERAntiSpyware\SASKUTIL.sys [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 250056]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-07-23 1691480]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-08 113120]
S3 Ndisprot;ArcNet NDIS Protocol Driver;c:\windows\system32\drivers\ndisprot.sys [2008-11-23 27904]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2011-09-14 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2011-09-14 8576]
S3 PAC7311;Trust Webcam Live;c:\windows\system32\drivers\PA707UCM.SYS [2007-03-14 449024]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [2007-08-09 47360]
S3 TVICHW32;TVICHW32;c:\windows\system32\drivers\TVICHW32.SYS [2007-08-06 23600]
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - TrueSight
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Obsah adresáře 'Naplánované úlohy'
.
2012-07-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 17:01]
.
2012-07-12 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2052111302-1659004503-725345543-1009.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]
.
2012-07-12 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2052111302-1659004503-725345543-1009.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\documents and settings\pavel\Data aplikací\Mozilla\Firefox\Profiles\ojskzefh.default\
FF - prefs.js: browser.startup.homepage - google.com
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-07-13 01:13
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2052111302-1659004503-725345543-1009\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:e2,3b,b6,2c,dc,6e,97,c3,6c,c3,66,7a,d9,4b,37,4f,7b,c5,ed,aa,a9,1c,ca,
c5,8b,20,c3,2c,63,b7,96,69,cf,a2,13,79,ae,c0,a3,b8,25,fa,39,b6,f3,8a,a0,16,\
"??"=hex:97,70,c7,91,72,fd,05,63,99,f6,0d,b1,bf,95,41,24
.
Celkový čas: 2012-07-13 01:16:51
ComboFix-quarantined-files.txt 2012-07-12 23:16
ComboFix2.txt 2011-01-18 22:19
ComboFix3.txt 2011-01-18 20:18
.
Před spuštěním: 6,766,534,656
Po spuštění: 7,007,096,832
.
- - End Of File - - 0CFDC4351147CC6747A2C742216F8D75
ComboFix 12-07-12.02 - pavel 2012-07-13 0:59.14.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.2038.1132 [GMT 2:00]
Spuštěný z: c:\documents and settings\pavel\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\pavel\Local Settings\tempNER57E945ED.TMP
c:\documents and settings\pavel\Local Settings\tempNER59DD58DD.TMP
c:\documents and settings\pavel\Local Settings\tempNER5A983E5F.TMP
c:\documents and settings\pavel\Local Settings\tempNER5B157596.TMP
c:\documents and settings\pavel\Local Settings\tempNER5B927C63.TMP
c:\documents and settings\pavel\Local Settings\tempNER5BFF38AC.TMP
c:\documents and settings\pavel\Local Settings\tempNER5C8C2682.TMP
c:\documents and settings\pavel\Local Settings\tempNER5D6727C8.TMP
c:\documents and settings\pavel\Local Settings\tempNER5DC546C9.TMP
c:\documents and settings\pavel\WINDOWS
c:\windows\iun6002.exe
c:\windows\msmqinst.log
c:\windows\msxml4-KB2721691-enu.LOG
c:\windows\system32\AF15BDAEX.dll
c:\windows\system32\CF14073.exe
c:\windows\system32\dllcache\dlimport.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-12 do 2012-07-12 )))))))))))))))))))))))))))))))
.
.
2012-07-12 17:01 . 2012-07-12 17:01 9822920 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2012-06-29 10:28 . 2012-06-29 10:28 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Juniper Networks
2012-06-29 10:28 . 2012-07-01 11:08 -------- d-----w- c:\documents and settings\pavel\Data aplikací\Juniper Networks
2012-06-25 14:04 . 2012-06-25 14:04 1394248 ----a-w- c:\windows\system32\msxml4.dll
2012-06-18 13:33 . 2012-06-18 13:33 770384 ----a-w- c:\program files\Mozilla Firefox\msvcr100.dll
2012-06-18 13:33 . 2012-06-18 13:33 421200 ----a-w- c:\program files\Mozilla Firefox\msvcp100.dll
2012-06-17 17:36 . 2012-05-11 14:44 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-12 17:01 . 2012-04-11 23:06 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-12 17:01 . 2011-12-08 21:53 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-13 13:55 . 2004-08-18 12:00 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-06-05 15:49 . 2009-03-04 14:22 1372672 ----a-w- c:\windows\system32\msxml6.dll
2012-06-05 15:49 . 2004-08-18 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 04:32 . 2004-08-18 12:00 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 13:19 . 2007-04-16 20:46 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 2007-04-16 20:44 22552 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 13:19 . 2007-08-06 04:33 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2007-08-06 04:33 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 13:19 . 2007-08-06 04:33 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2007-08-06 04:33 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2007-08-06 04:33 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 13:19 . 2007-04-16 20:46 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2007-04-16 20:45 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2007-04-16 20:44 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 13:19 . 2004-08-18 12:00 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2007-08-06 04:33 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2007-08-06 04:33 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 13:19 . 2009-12-02 20:37 17648 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-06-02 13:18 . 2009-12-02 20:37 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-06-02 13:18 . 2009-12-02 20:37 214256 ----a-w- c:\windows\system32\muweb.dll
2012-05-31 13:22 . 2004-08-18 12:00 602112 ----a-w- c:\windows\system32\crypt32.dll
2012-05-16 15:09 . 2004-08-18 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-05-11 14:44 . 2004-08-18 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2012-05-11 14:44 . 2004-08-18 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-05-11 11:38 . 2004-08-18 12:00 385024 ------w- c:\windows\system32\html.iec
2012-05-05 03:14 . 2004-08-18 12:00 2150400 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-05 03:14 . 2004-08-17 15:45 2028544 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-02 13:46 . 2007-08-06 04:31 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2005-07-20 19:07 . 2005-07-20 19:07 510 ----a-w- c:\program files\layout.bin
2005-07-20 19:07 . 2005-07-20 19:07 176128 ----a-w- c:\program files\nvudisp.exe
2012-06-30 07:20 . 2011-09-08 17:42 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 123536 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaOviSuite2"="c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" [2011-09-01 966712]
"Center Agent"="c:\program files\Genius Multimedia\HyperMediaCenter\DTVR\Scheduled.exe" [2008-11-07 1520128]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2009-11-11 1451520]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"TPSODDCtl"="TPSODDCtl.exe" [2006-03-21 102400]
"00Hotkeys"="c:\program files\Hotkeys\HotKeys.exe" [2006-12-02 45056]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"PAC7311_Monitor"="c:\windows\PixArt\PAC7311\Monitor.exe" [2006-11-03 319488]
"tbhSystray"="c:\program files\tbh\base\bin\tbhSystray.exe" [2012-07-12 492840]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-02-26 155648]
"RTHDCPL"="RTHDCPL.EXE" [2008-06-27 16875008]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-06 4241512]
"NSU_agent"="c:\program files\Nokia\Nokia Software Updater\nsu3ui_agent.exe" [2011-12-13 190768]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-09-08 421888]
.
c:\documents and settings\pavel\Nabídka Start\Programy\Po spuštění\
Remote Control.lnk - c:\program files\Genius TVGo DVB-T03\Genius TVGo DVB-T03 Utilities\AFRCtl.exe [2010-1-5 81920]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-8-7 113664]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\games\\Warcraft III\\Warcraft III.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\games\\Command and Conquer Generals\\game.dat"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\tbh\\base\\bin\\tbhDaemon.exe"=
"c:\\Program Files\\tbh\\monitor\\bin\\tbhMonitor.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5191:TCP"= 5191:TCP:The Browser Highlighter XCOM
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2007-08-07 691696]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-12-12 612184]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-12-12 337880]
R1 nltdi;nltdi;c:\windows\system32\drivers\nltdi.sys [2007-04-23 82200]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-12-12 20696]
R2 tbhMonitor.exe;The Browser Highlighter Monitor;c:\program files\tbh\monitor\bin\tbhMonitor.exe [2009-10-22 70952]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S0 lischna;lischna;c:\windows\system32\drivers\jwupsc.sys --> c:\windows\system32\drivers\jwupsc.sys [?]
S1 SASKUTIL;SASKUTIL;\??\c:\program files\SUPERAntiSpyware\SASKUTIL.sys --> c:\program files\SUPERAntiSpyware\SASKUTIL.sys [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 250056]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-07-23 1691480]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-08 113120]
S3 Ndisprot;ArcNet NDIS Protocol Driver;c:\windows\system32\drivers\ndisprot.sys [2008-11-23 27904]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2011-09-14 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2011-09-14 8576]
S3 PAC7311;Trust Webcam Live;c:\windows\system32\drivers\PA707UCM.SYS [2007-03-14 449024]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [2007-08-09 47360]
S3 TVICHW32;TVICHW32;c:\windows\system32\drivers\TVICHW32.SYS [2007-08-06 23600]
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - TrueSight
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Obsah adresáře 'Naplánované úlohy'
.
2012-07-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 17:01]
.
2012-07-12 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2052111302-1659004503-725345543-1009.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]
.
2012-07-12 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2052111302-1659004503-725345543-1009.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\documents and settings\pavel\Data aplikací\Mozilla\Firefox\Profiles\ojskzefh.default\
FF - prefs.js: browser.startup.homepage - google.com
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-07-13 01:13
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2052111302-1659004503-725345543-1009\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:e2,3b,b6,2c,dc,6e,97,c3,6c,c3,66,7a,d9,4b,37,4f,7b,c5,ed,aa,a9,1c,ca,
c5,8b,20,c3,2c,63,b7,96,69,cf,a2,13,79,ae,c0,a3,b8,25,fa,39,b6,f3,8a,a0,16,\
"??"=hex:97,70,c7,91,72,fd,05,63,99,f6,0d,b1,bf,95,41,24
.
Celkový čas: 2012-07-13 01:16:51
ComboFix-quarantined-files.txt 2012-07-12 23:16
ComboFix2.txt 2011-01-18 22:19
ComboFix3.txt 2011-01-18 20:18
.
Před spuštěním: 6,766,534,656
Po spuštění: 7,007,096,832
.
- - End Of File - - 0CFDC4351147CC6747A2C742216F8D75
Re: Pomaly pocitac, zejmena mozilla
Pokud nemate, tak presunte Combofix na plochu
Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
KillAll:: Registry:: [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NokiaOviSuite2"=- "PC Suite Tray"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NokiaMServer"=- "NSU_agent"=- "QuickTime Task"=- [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000000 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000000 [-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] [-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] Collect:: c:\windows\system32\drivers\jwupsc.sys Driver:: lischna File:: c:\documents and settings\pavel\Nabídka Start\Programy\Po spuštění\Remote Control.lnk c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.lnk C:\windows\tasks\Adobe Flash Player Updater.job C:\windows\tasks\AppleSoftwareUpdate.job C:\windows\tasks\RealUpgradeLogonTaskS-1-5-21-2052111302-1659004503-725345543-1009.job C:\windows\tasks\RealUpgradeScheduledTaskS-1-5-21-2052111302-1659004503-725345543-1009.job RegNull:: [HKEY_USERS\S-1-5-21-2052111302-1659004503-725345543-1009\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] ClearJavaCache:: Reboot::
- Ulozte vytvoreny TXT jako CFScript.txt
- Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
- Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte
Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci
Re: Pomaly pocitac, zejmena mozilla
Omlouvam se za delsi odmlku a posilam vysledny log z ComboFixu.
Dekuji
ComboFix 12-07-31.06 - pavel 2012-08-03 23:18:53.15.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.2038.1191 [GMT 2:00]
Spuštěný z: c:\documents and settings\pavel\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\pavel\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
FILE ::
"c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.lnk"
"c:\documents and settings\pavel\Nabídka Start\Programy\Po spuštění\Remote Control.lnk"
"c:\windows\tasks\Adobe Flash Player Updater.job"
"c:\windows\tasks\AppleSoftwareUpdate.job"
"c:\windows\tasks\RealUpgradeLogonTaskS-1-5-21-2052111302-1659004503-725345543-1009.job"
"c:\windows\tasks\RealUpgradeScheduledTaskS-1-5-21-2052111302-1659004503-725345543-1009.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_lischna
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-07-03 do 2012-08-03 )))))))))))))))))))))))))))))))
.
.
2012-07-17 20:43 . 2012-07-17 20:45 -------- d-----w- c:\program files\TO2SSM
2012-07-17 20:36 . 2012-07-17 20:52 -------- d-----w- c:\documents and settings\pavel\Data aplikací\Motive
2012-07-17 20:36 . 2012-07-17 20:45 -------- d-----w- c:\program files\Common Files\Motive
2012-07-17 20:35 . 2012-07-17 20:45 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Motive
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-02 21:01 . 2012-04-11 23:06 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-02 21:01 . 2011-12-08 21:53 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-25 14:04 . 2012-06-25 14:04 1394248 ----a-w- c:\windows\system32\msxml4.dll
2012-06-13 13:55 . 2004-08-18 12:00 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-06-05 15:49 . 2009-03-04 14:22 1372672 ----a-w- c:\windows\system32\msxml6.dll
2012-06-05 15:49 . 2004-08-18 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 04:32 . 2004-08-18 12:00 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 13:19 . 2007-04-16 20:46 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 2007-04-16 20:44 22552 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 13:19 . 2007-08-06 04:33 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2007-08-06 04:33 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 13:19 . 2007-08-06 04:33 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2007-08-06 04:33 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2007-08-06 04:33 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 13:19 . 2007-04-16 20:46 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2007-04-16 20:45 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2007-04-16 20:44 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 13:19 . 2004-08-18 12:00 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2007-08-06 04:33 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2007-08-06 04:33 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 13:19 . 2009-12-02 20:37 17648 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-06-02 13:18 . 2009-12-02 20:37 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-06-02 13:18 . 2009-12-02 20:37 214256 ----a-w- c:\windows\system32\muweb.dll
2012-05-31 13:22 . 2004-08-18 12:00 602112 ----a-w- c:\windows\system32\crypt32.dll
2012-05-16 15:09 . 2004-08-18 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-05-11 14:44 . 2004-08-18 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2012-05-11 14:44 . 2004-08-18 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-05-11 11:38 . 2004-08-18 12:00 385024 ------w- c:\windows\system32\html.iec
2005-07-20 19:07 . 2005-07-20 19:07 510 ----a-w- c:\program files\layout.bin
2005-07-20 19:07 . 2005-07-20 19:07 176128 ----a-w- c:\program files\nvudisp.exe
2012-06-30 07:20 . 2011-09-08 17:42 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2012-07-12_23.13.33 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-08-02 21:01 . 2012-08-02 21:01 686792 c:\windows\system32\Macromed\Flash\FlashUtil32_11_3_300_270_Plugin.exe
+ 2012-08-02 20:01 . 2012-08-02 20:01 686792 c:\windows\system32\Macromed\Flash\FlashUtil32_11_3_300_270_ActiveX.exe
+ 2012-08-02 20:01 . 2012-08-02 20:01 466632 c:\windows\system32\Macromed\Flash\FlashUtil32_11_3_300_270_ActiveX.dll
+ 2012-04-11 23:06 . 2012-08-02 21:01 250056 c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
- 2012-04-11 23:06 . 2012-07-12 17:01 250056 c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
+ 2007-08-07 21:38 . 2012-08-03 21:37 225435 c:\windows\system32\inetsrv\MetaBase.bin
+ 2012-08-02 21:01 . 2012-08-02 21:01 9465032 c:\windows\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 123536 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Center Agent"="c:\program files\Genius Multimedia\HyperMediaCenter\DTVR\Scheduled.exe" [2008-11-07 1520128]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TPSODDCtl"="TPSODDCtl.exe" [2006-03-21 102400]
"00Hotkeys"="c:\program files\Hotkeys\HotKeys.exe" [2006-12-02 45056]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"PAC7311_Monitor"="c:\windows\PixArt\PAC7311\Monitor.exe" [2006-11-03 319488]
"tbhSystray"="c:\program files\tbh\base\bin\tbhSystray.exe" [2012-08-03 492840]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-02-26 155648]
"RTHDCPL"="RTHDCPL.EXE" [2008-06-27 16875008]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-06 4241512]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"TO2SSM_McciTrayApp"="c:\program files\TO2SSM\McciTrayApp.exe" [2008-08-15 1473536]
.
c:\documents and settings\pavel\Nabídka Start\Programy\Po spuštění\
Remote Control.lnk - c:\program files\Genius TVGo DVB-T03\Genius TVGo DVB-T03 Utilities\AFRCtl.exe [2010-1-5 81920]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-8-7 113664]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\games\\Warcraft III\\Warcraft III.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\games\\Command and Conquer Generals\\game.dat"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\tbh\\base\\bin\\tbhDaemon.exe"=
"c:\\Program Files\\tbh\\monitor\\bin\\tbhMonitor.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5191:TCP"= 5191:TCP:The Browser Highlighter XCOM
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2007-08-07 691696]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-12-12 612184]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-12-12 337880]
R1 nltdi;nltdi;c:\windows\system32\drivers\nltdi.sys [2007-04-23 82200]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-12-12 20696]
R2 tbhMonitor.exe;The Browser Highlighter Monitor;c:\program files\tbh\monitor\bin\tbhMonitor.exe [2009-10-22 70952]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S1 SASKUTIL;SASKUTIL;\??\c:\program files\SUPERAntiSpyware\SASKUTIL.sys --> c:\program files\SUPERAntiSpyware\SASKUTIL.sys [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 250056]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-07-23 1691480]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-08 113120]
S3 Ndisprot;ArcNet NDIS Protocol Driver;c:\windows\system32\drivers\ndisprot.sys [2008-11-23 27904]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2011-09-14 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2011-09-14 8576]
S3 PAC7311;Trust Webcam Live;c:\windows\system32\drivers\PA707UCM.SYS [2007-03-14 449024]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [2007-08-09 47360]
S3 TVICHW32;TVICHW32;c:\windows\system32\drivers\TVICHW32.SYS [2007-08-06 23600]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Obsah adresáře 'Naplánované úlohy'
.
2012-08-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 21:01]
.
2012-08-03 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2052111302-1659004503-725345543-1009.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]
.
2012-07-30 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2052111302-1659004503-725345543-1009.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\documents and settings\pavel\Data aplikací\Mozilla\Firefox\Profiles\ojskzefh.default\
FF - prefs.js: browser.startup.homepage - google.com
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-MotiveReportAgent - c:\program files\TO2SAM\McciBrowser.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-03 23:35
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(648)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\program files\WinSCP\DragExt.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\acs.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\InterVideo\DeviceService\DevSvc.exe
c:\windows\system32\inetsrv\inetinfo.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\program files\NetLimiter 2 Pro\nlsvc.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\tbh\base\bin\tbhDaemon.exe
c:\program files\NetLimiter 2 Pro\NLClient.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2012-08-03 23:42:49 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-08-03 21:42
ComboFix2.txt 2012-07-12 23:16
ComboFix3.txt 2011-01-18 22:19
ComboFix4.txt 2011-01-18 20:18
.
Před spuštěním: 5,391,126,528
Po spuštění: 5,495,447,552
.
- - End Of File - - B2F0391AEC08EC624BACA621EE55083D
Dekuji
ComboFix 12-07-31.06 - pavel 2012-08-03 23:18:53.15.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1029.18.2038.1191 [GMT 2:00]
Spuštěný z: c:\documents and settings\pavel\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\pavel\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
VAROVÁNÍ - NA TOMTO POČÍTAČI NENÍ NAINSTALOVÁNA KONZOLA PRO ZOTAVENÍ !!
.
FILE ::
"c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.lnk"
"c:\documents and settings\pavel\Nabídka Start\Programy\Po spuštění\Remote Control.lnk"
"c:\windows\tasks\Adobe Flash Player Updater.job"
"c:\windows\tasks\AppleSoftwareUpdate.job"
"c:\windows\tasks\RealUpgradeLogonTaskS-1-5-21-2052111302-1659004503-725345543-1009.job"
"c:\windows\tasks\RealUpgradeScheduledTaskS-1-5-21-2052111302-1659004503-725345543-1009.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_lischna
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-07-03 do 2012-08-03 )))))))))))))))))))))))))))))))
.
.
2012-07-17 20:43 . 2012-07-17 20:45 -------- d-----w- c:\program files\TO2SSM
2012-07-17 20:36 . 2012-07-17 20:52 -------- d-----w- c:\documents and settings\pavel\Data aplikací\Motive
2012-07-17 20:36 . 2012-07-17 20:45 -------- d-----w- c:\program files\Common Files\Motive
2012-07-17 20:35 . 2012-07-17 20:45 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Motive
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-02 21:01 . 2012-04-11 23:06 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-02 21:01 . 2011-12-08 21:53 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-25 14:04 . 2012-06-25 14:04 1394248 ----a-w- c:\windows\system32\msxml4.dll
2012-06-13 13:55 . 2004-08-18 12:00 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-06-05 15:49 . 2009-03-04 14:22 1372672 ----a-w- c:\windows\system32\msxml6.dll
2012-06-05 15:49 . 2004-08-18 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 04:32 . 2004-08-18 12:00 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 13:19 . 2007-04-16 20:46 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 13:19 . 2007-04-16 20:44 22552 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 13:19 . 2007-08-06 04:33 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 13:19 . 2007-08-06 04:33 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 13:19 . 2007-08-06 04:33 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 13:19 . 2007-08-06 04:33 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 13:19 . 2007-08-06 04:33 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 13:19 . 2007-04-16 20:46 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 13:19 . 2007-04-16 20:45 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 13:19 . 2007-04-16 20:44 18456 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 13:19 . 2004-08-18 12:00 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 13:19 . 2007-08-06 04:33 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 13:19 . 2007-08-06 04:33 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 13:19 . 2009-12-02 20:37 17648 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-06-02 13:18 . 2009-12-02 20:37 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-06-02 13:18 . 2009-12-02 20:37 214256 ----a-w- c:\windows\system32\muweb.dll
2012-05-31 13:22 . 2004-08-18 12:00 602112 ----a-w- c:\windows\system32\crypt32.dll
2012-05-16 15:09 . 2004-08-18 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-05-11 14:44 . 2004-08-18 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2012-05-11 14:44 . 2004-08-18 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-05-11 11:38 . 2004-08-18 12:00 385024 ------w- c:\windows\system32\html.iec
2005-07-20 19:07 . 2005-07-20 19:07 510 ----a-w- c:\program files\layout.bin
2005-07-20 19:07 . 2005-07-20 19:07 176128 ----a-w- c:\program files\nvudisp.exe
2012-06-30 07:20 . 2011-09-08 17:42 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot_2012-07-12_23.13.33 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-08-02 21:01 . 2012-08-02 21:01 686792 c:\windows\system32\Macromed\Flash\FlashUtil32_11_3_300_270_Plugin.exe
+ 2012-08-02 20:01 . 2012-08-02 20:01 686792 c:\windows\system32\Macromed\Flash\FlashUtil32_11_3_300_270_ActiveX.exe
+ 2012-08-02 20:01 . 2012-08-02 20:01 466632 c:\windows\system32\Macromed\Flash\FlashUtil32_11_3_300_270_ActiveX.dll
+ 2012-04-11 23:06 . 2012-08-02 21:01 250056 c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
- 2012-04-11 23:06 . 2012-07-12 17:01 250056 c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
+ 2007-08-07 21:38 . 2012-08-03 21:37 225435 c:\windows\system32\inetsrv\MetaBase.bin
+ 2012-08-02 21:01 . 2012-08-02 21:01 9465032 c:\windows\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 123536 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Center Agent"="c:\program files\Genius Multimedia\HyperMediaCenter\DTVR\Scheduled.exe" [2008-11-07 1520128]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TPSODDCtl"="TPSODDCtl.exe" [2006-03-21 102400]
"00Hotkeys"="c:\program files\Hotkeys\HotKeys.exe" [2006-12-02 45056]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"PAC7311_Monitor"="c:\windows\PixArt\PAC7311\Monitor.exe" [2006-11-03 319488]
"tbhSystray"="c:\program files\tbh\base\bin\tbhSystray.exe" [2012-08-03 492840]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-02-26 155648]
"RTHDCPL"="RTHDCPL.EXE" [2008-06-27 16875008]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-06 4241512]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"TO2SSM_McciTrayApp"="c:\program files\TO2SSM\McciTrayApp.exe" [2008-08-15 1473536]
.
c:\documents and settings\pavel\Nabídka Start\Programy\Po spuštění\
Remote Control.lnk - c:\program files\Genius TVGo DVB-T03\Genius TVGo DVB-T03 Utilities\AFRCtl.exe [2010-1-5 81920]
.
c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-8-7 113664]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\games\\Warcraft III\\Warcraft III.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\\games\\Command and Conquer Generals\\game.dat"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\tbh\\base\\bin\\tbhDaemon.exe"=
"c:\\Program Files\\tbh\\monitor\\bin\\tbhMonitor.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5191:TCP"= 5191:TCP:The Browser Highlighter XCOM
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [2007-08-07 691696]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-12-12 612184]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-12-12 337880]
R1 nltdi;nltdi;c:\windows\system32\drivers\nltdi.sys [2007-04-23 82200]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-12-12 20696]
R2 tbhMonitor.exe;The Browser Highlighter Monitor;c:\program files\tbh\monitor\bin\tbhMonitor.exe [2009-10-22 70952]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S1 SASKUTIL;SASKUTIL;\??\c:\program files\SUPERAntiSpyware\SASKUTIL.sys --> c:\program files\SUPERAntiSpyware\SASKUTIL.sys [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 250056]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-07-23 1691480]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-08 113120]
S3 Ndisprot;ArcNet NDIS Protocol Driver;c:\windows\system32\drivers\ndisprot.sys [2008-11-23 27904]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2011-09-14 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2011-09-14 8576]
S3 PAC7311;Trust Webcam Live;c:\windows\system32\drivers\PA707UCM.SYS [2007-03-14 449024]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [2007-08-09 47360]
S3 TVICHW32;TVICHW32;c:\windows\system32\drivers\TVICHW32.SYS [2007-08-06 23600]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Obsah adresáře 'Naplánované úlohy'
.
2012-08-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 21:01]
.
2012-08-03 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2052111302-1659004503-725345543-1009.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]
.
2012-07-30 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2052111302-1659004503-725345543-1009.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-03-29 08:47]
.
.
------- Doplňkový sken -------
.
uInternet Settings,ProxyOverride = *.local
IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\documents and settings\pavel\Data aplikací\Mozilla\Firefox\Profiles\ojskzefh.default\
FF - prefs.js: browser.startup.homepage - google.com
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-MotiveReportAgent - c:\program files\TO2SAM\McciBrowser.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-08-03 23:35
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(648)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\program files\WinSCP\DragExt.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\acs.exe
c:\windows\system32\agrsmsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\InterVideo\DeviceService\DevSvc.exe
c:\windows\system32\inetsrv\inetinfo.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\program files\NetLimiter 2 Pro\nlsvc.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\tbh\base\bin\tbhDaemon.exe
c:\program files\NetLimiter 2 Pro\NLClient.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2012-08-03 23:42:49 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-08-03 21:42
ComboFix2.txt 2012-07-12 23:16
ComboFix3.txt 2011-01-18 22:19
ComboFix4.txt 2011-01-18 20:18
.
Před spuštěním: 5,391,126,528
Po spuštění: 5,495,447,552
.
- - End Of File - - B2F0391AEC08EC624BACA621EE55083D
Re: Pomaly pocitac, zejmena mozilla
Zdravim,
jak se chova nas pacient
jak se chova nas pacient
Re: Pomaly pocitac, zejmena mozilla
Zdravim,
relativne prijatelne. Zda se rychlejsi, nez predtim. Chtel jsem se hlavne ujistit, ze ComboFix vyresil co mel.
Pokud ano, dekuji za pomoc. Jiz jsem poskytl maly prispevek jako podekovani za Vase sluzby
relativne prijatelne. Zda se rychlejsi, nez predtim. Chtel jsem se hlavne ujistit, ze ComboFix vyresil co mel.
Pokud ano, dekuji za pomoc. Jiz jsem poskytl maly prispevek jako podekovani za Vase sluzby
Re: Pomaly pocitac, zejmena mozilla
Tak jeste uklidime
Odinstalujte Combofix
TFC http://oldtimer.geekstogo.com/TFC.exe
Panel čistič
Za podporu fora jmenem celeho tymu dekuji
A pokud nejsou problemy ci dotazy, je to z me strany vse
Odinstalujte Combofix
- Prejmenujte ComboFix na Uninstall
- Spustte jej
- Tohle smaze Combofix a jeho slozky
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
Za podporu fora jmenem celeho tymu dekuji
A pokud nejsou problemy ci dotazy, je to z me strany vse