Kontrola logu

Puzzler · Příspěvekod **Puzzler** » 13 lis 2013 11:31

RogueKiller V8.7.6 _x64_ [Oct 28 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : asus [Práva správce]
Mód : Kontrola -- Datum : 11/13/2013 09:50:25
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP PATH] setup.exe -- C:\windows\TEMP\CR_5EED2.tmp\setup.exe [x] -> SMAZÁNO [TermThr]

¤¤¤ ¤¤¤ Záznamy Registrů: : 11 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : Boxoft Tools ("C:\ProgramData\Boxtools\Boxofttoolbox.exe" -autorun [-]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-1946843517-722322352-3031627691-1001\[...]\Run : Boxoft Tools ("C:\ProgramData\Boxtools\Boxofttoolbox.exe" -autorun [-]) -> NALEZENO
[RUN][SUSP PATH] HKLM\[...]\Wow6432Node\[...]\RunOnce : Delete (AsusSender.exe C:\Windows\Delete.exe [x][-]) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 1 ¤¤¤
[asus][SUSP UNIC] Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk : C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk @C:\PROGRA~2\MIF5BA~1\Office14\ONENOTEM.EXE /tsr [-][7] -> NALEZENO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 3dns.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com
127.0.0.1 activate.wip2.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip4.adobe.com
127.0.0.1 adobe-dns-1.adobe.com
[...]

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9500325AS +++++
--- User ---
[MBR] 5b30288b69502bbc4146c136c766b14f
[BSP] 56d8289e8b12eb96ab688e6714ed55d6 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 102400 Mo
1 - [XXXXXX] FAT32 (0x1b) [HIDDEN!] Offset (sectors): 209717248 | Size: 15360 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 241174528 | Size: 359162 Mo
3 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 976738304 | Size: 16 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_11132013_095025.txt >>
RKreport[0]_S_11032013_174959.txt

Reklama

Příspěvekod **jaro3** » 13 lis 2013 18:53

Zase nelegální adobe...

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.

Puzzler · Příspěvekod **Puzzler** » 15 lis 2013 14:36

Zdravím. Moc se omlouvám, ale ještě jednou můj dotaz, abych nesmazal něco, co nemám. V případě toho RogueKiller, spustím jako správce, kliknu Prescan (to mi našlo jeden odkaz) - ZATÍM NIC NEMAZAT ?, pak kliknu Prohledat (to mi našlo cca 14 odkazů registrů) a teprve toto všechno dát SMAZAT ? Jde mi o to, jestli mám dát SMAZAT po Prescam anebo až po Prohledat. Díky za upřesnění. Log pak hned vložím, stejně tak jako pak TDSSKiller. Díky.

Příspěvekod **memphisto** » 15 lis 2013 16:42

Až po skenu dej smazat.

Puzzler · Příspěvekod **Puzzler** » 16 lis 2013 14:04

Dal jsem RougeKiller, po Prescan to nenašlo nic (nebylo tedy co mazat), tak jsem dal Prohledat a našlo to 12 odkazů, nic jsem zatím NEMAZAL a tady je Zpráva : je to tak ok nebo jsem měl dát po Prohledat Smazat těch 12 odkazů ?

RogueKiller V8.7.6 _x64_ [Oct 28 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : asus [Práva správce]
Mód : Kontrola -- Datum : 11/16/2013 13:43:01
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 11 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : Boxoft Tools ("C:\ProgramData\Boxtools\Boxofttoolbox.exe" -autorun [-]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-1946843517-722322352-3031627691-1001\[...]\Run : Boxoft Tools ("C:\ProgramData\Boxtools\Boxofttoolbox.exe" -autorun [-]) -> NALEZENO
[RUN][SUSP PATH] HKLM\[...]\Wow6432Node\[...]\RunOnce : Delete (AsusSender.exe C:\Windows\Delete.exe [x][-]) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 1 ¤¤¤
[asus][SUSP UNIC] Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk : C:\Users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk @C:\PROGRA~2\MIF5BA~1\Office14\ONENOTEM.EXE /tsr [-][7] -> NALEZENO

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 3dns.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com
127.0.0.1 activate.wip2.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip4.adobe.com
127.0.0.1 adobe-dns-1.adobe.com
[...]

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9500325AS +++++
--- User ---
[MBR] 5b30288b69502bbc4146c136c766b14f
[BSP] 56d8289e8b12eb96ab688e6714ed55d6 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 102400 Mo
1 - [XXXXXX] FAT32 (0x1b) [HIDDEN!] Offset (sectors): 209717248 | Size: 15360 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 241174528 | Size: 359162 Mo
3 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 976738304 | Size: 16 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_11162013_134301.txt >>
RKreport[0]_S_11032013_174959.txt;RKreport[0]_S_11132013_095025.txt

Puzzler · Příspěvekod **Puzzler** » 16 lis 2013 19:41

18:53:38.0882 4780 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:53:43.0889 4780 ============================================================
18:53:43.0889 4780 Current date / time: 2013/11/16 18:53:43.0889
18:53:43.0889 4780 SystemInfo:
18:53:43.0889 4780
18:53:43.0889 4780 OS Version: 6.1.7601 ServicePack: 1.0
18:53:43.0889 4780 Product type: Workstation
18:53:43.0889 4780 ComputerName: ASUS-PC
18:53:43.0889 4780 UserName: asus
18:53:43.0889 4780 Windows directory: C:\windows
18:53:43.0889 4780 System windows directory: C:\windows
18:53:43.0889 4780 Running under WOW64
18:53:43.0889 4780 Processor architecture: Intel x64
18:53:43.0889 4780 Number of processors: 4
18:53:43.0889 4780 Page size: 0x1000
18:53:43.0889 4780 Boot type: Normal boot
18:53:43.0889 4780 ============================================================
18:54:34.0964 4780 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:54:37.0553 4780 ============================================================
18:54:37.0709 4780 \Device\Harddisk0\DR0:
18:54:37.0709 4780 MBR partitions:
18:54:37.0709 4780 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xC800000
18:54:37.0709 4780 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xE600800, BlocksNum 0x2BD7D000
18:54:37.0709 4780 ============================================================
18:54:37.0741 4780 C: <-> \Device\Harddisk0\DR0\Partition1
18:54:40.0315 4780 D: <-> \Device\Harddisk0\DR0\Partition2
18:54:40.0315 4780 ============================================================
18:54:40.0315 4780 Initialize success
18:54:40.0315 4780 ============================================================
18:54:54.0308 4968 ============================================================
18:54:54.0308 4968 Scan started
18:54:54.0308 4968 Mode: Manual;
18:54:54.0308 4968 ============================================================
18:55:07.0989 4968 ================ Scan system memory ========================
18:55:07.0989 4968 System memory - ok
18:55:07.0989 4968 ================ Scan services =============================
18:56:20.0685 4968 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
18:56:20.0701 4968 1394ohci - ok
18:56:39.0951 4968 [ 42FAEEF297D64C132862266418DBEF7F ] 602XML Updater C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
18:56:39.0967 4968 602XML Updater - ok
18:56:47.0034 4968 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
18:56:47.0049 4968 ACPI - ok
18:56:51.0823 4968 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
18:56:51.0823 4968 AcpiPmi - ok
18:58:08.0965 4968 [ A283108E14F3970432C21AF4C0CB1BCE ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:58:08.0981 4968 AdobeFlashPlayerUpdateSvc - ok
18:58:20.0946 4968 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
18:58:23.0364 4968 adp94xx - ok
18:58:23.0457 4968 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
18:58:23.0473 4968 adpahci - ok
18:58:28.0293 4968 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
18:58:28.0309 4968 adpu320 - ok
18:58:30.0743 4968 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
18:58:30.0743 4968 AeLookupSvc - ok
18:58:40.0352 4968 [ 79059559E89D06E8B80CE2944BE20228 ] AFD C:\windows\system32\drivers\afd.sys
18:58:40.0352 4968 AFD - ok
18:58:45.0126 4968 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
18:58:45.0141 4968 agp440 - ok
18:58:47.0591 4968 [ DFE51173CDC34BFEBE399FE1C32F4EB7 ] AiDriver C:\windows\system32\DRIVERS\AiDriver.sys
18:58:47.0591 4968 AiDriver - ok
18:58:52.0395 4968 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
18:58:52.0395 4968 ALG - ok
18:58:59.0540 4968 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
18:58:59.0556 4968 aliide - ok
18:58:59.0618 4968 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
18:58:59.0618 4968 amdide - ok
18:59:04.0470 4968 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
18:59:04.0470 4968 AmdK8 - ok
18:59:06.0919 4968 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
18:59:06.0935 4968 AmdPPM - ok
18:59:09.0337 4968 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
18:59:09.0353 4968 amdsata - ok
18:59:14.0189 4968 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
18:59:14.0189 4968 amdsbs - ok
18:59:18.0978 4968 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
18:59:18.0993 4968 amdxata - ok
18:59:26.0247 4968 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
18:59:26.0247 4968 AppID - ok
18:59:28.0603 4968 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
18:59:28.0603 4968 AppIDSvc - ok
18:59:35.0841 4968 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\windows\System32\appinfo.dll
18:59:35.0857 4968 Appinfo - ok
18:59:40.0615 4968 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
18:59:40.0615 4968 arc - ok
18:59:45.0389 4968 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
18:59:45.0389 4968 arcsas - ok
18:59:54.0936 4968 [ 1DC94A6A82697C62A04E461D7A94D0B0 ] AsIO C:\windows\syswow64\drivers\AsIO.sys
18:59:54.0936 4968 AsIO - ok
19:00:11.0800 4968 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:00:11.0800 4968 aspnet_state - ok
19:00:11.0831 4968 [ 1392B92179B07B672720763D9B1028A5 ] AsUpIO C:\windows\syswow64\drivers\AsUpIO.sys
19:00:11.0831 4968 AsUpIO - ok
19:00:11.0924 4968 [ BDEDD780A12E75AC5902CA6BB027EAB7 ] AsusService C:\windows\SysWOW64\AsusService.exe
19:00:11.0940 4968 AsusService - ok
19:00:11.0987 4968 [ 79EB7B1733F0EA220C95335795C806EB ] aswFsBlk C:\windows\system32\drivers\aswFsBlk.sys
19:00:11.0987 4968 aswFsBlk - ok
19:00:12.0018 4968 [ 9FB1012D9EE3B9510FAA4C8D34DECD1C ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
19:00:12.0018 4968 aswMonFlt - ok
19:00:12.0080 4968 [ 679712B7A353EE665B9301592164A172 ] aswRdr C:\windows\system32\drivers\aswRdr2.sys
19:00:12.0080 4968 aswRdr - ok
19:00:12.0127 4968 [ C04F7B373881009D7994D9BF55D24AB4 ] aswRvrt C:\windows\system32\drivers\aswRvrt.sys
19:00:12.0127 4968 aswRvrt - ok
19:00:12.0174 4968 [ DF97409EBD35C5A40AF5594806724F75 ] aswSnx C:\windows\system32\drivers\aswSnx.sys
19:00:12.0221 4968 aswSnx - ok
19:00:12.0268 4968 [ 79ADA401A6E2054F110E7FBDFAC71942 ] aswSP C:\windows\system32\drivers\aswSP.sys
19:00:12.0283 4968 aswSP - ok
19:00:12.0408 4968 [ 47BC12AC7D5B4F8D2086C6EAD759355E ] aswTdi C:\windows\system32\drivers\aswTdi.sys
19:00:12.0424 4968 aswTdi - ok
19:00:12.0486 4968 [ 59787B95DD9CA44CB139D96863438587 ] aswVmm C:\windows\system32\drivers\aswVmm.sys
19:00:12.0502 4968 aswVmm - ok
19:00:12.0517 4968 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
19:00:12.0533 4968 AsyncMac - ok
19:00:12.0580 4968 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
19:00:12.0580 4968 atapi - ok
19:00:24.0638 4968 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
19:00:29.0459 4968 AudioEndpointBuilder - ok
19:00:39.0100 4968 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
19:00:39.0100 4968 AudioSrv - ok
19:00:53.0405 4968 [ 4BE7EC02133544CDE7A580875E130208 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
19:00:53.0405 4968 avast! Antivirus - ok
19:00:55.0885 4968 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
19:00:55.0901 4968 AxInstSV - ok
19:00:55.0932 4968 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
19:00:55.0948 4968 b06bdrv - ok
19:00:56.0041 4968 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
19:00:58.0428 4968 b57nd60a - ok
19:01:17.0788 4968 [ 257FFEDBD1296405FA4EE66A10ED1FEC ] BCM43XX C:\windows\system32\DRIVERS\bcmwl664.sys
19:01:17.0897 4968 BCM43XX - ok
19:01:20.0346 4968 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
19:01:20.0346 4968 BDESVC - ok
19:01:25.0182 4968 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
19:01:25.0198 4968 Beep - ok
19:01:32.0405 4968 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
19:01:32.0436 4968 BFE - ok
19:01:39.0581 4968 [ 5E70BFA2F6D20D0CE0C4BC8CB9978695 ] BITS C:\windows\System32\qmgr.dll
19:01:40.0657 4968 Suspicious file (Forged): C:\windows\System32\qmgr.dll. Real md5: 5E70BFA2F6D20D0CE0C4BC8CB9978695, Fake md5: 1EA7969E3271CBC59E1730697DC74682
19:01:40.0673 4968 BITS ( ForgedFile.Multi.Generic ) - warning
19:01:40.0673 4968 BITS - detected ForgedFile.Multi.Generic (1)
19:01:43.0075 4968 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
19:01:43.0091 4968 blbdrive - ok
19:01:43.0278 4968 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
19:01:43.0278 4968 bowser - ok
19:01:43.0325 4968 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
19:01:43.0325 4968 BrFiltLo - ok
19:01:52.0981 4968 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
19:01:52.0997 4968 BrFiltUp - ok
19:01:53.0044 4968 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
19:01:53.0059 4968 Browser - ok
19:02:04.0993 4968 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
19:02:05.0009 4968 Brserid - ok
19:02:05.0025 4968 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
19:02:05.0040 4968 BrSerWdm - ok
19:02:05.0071 4968 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
19:02:05.0087 4968 BrUsbMdm - ok
19:02:05.0103 4968 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
19:02:05.0118 4968 BrUsbSer - ok
19:02:05.0181 4968 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
19:02:05.0181 4968 BthEnum - ok
19:02:05.0227 4968 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
19:02:05.0227 4968 BTHMODEM - ok
19:02:05.0259 4968 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
19:02:05.0274 4968 BthPan - ok
19:02:22.0122 4968 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
19:02:24.0649 4968 BTHPORT - ok
19:02:27.0052 4968 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
19:02:27.0052 4968 bthserv - ok
19:02:41.0825 4968 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
19:02:41.0825 4968 BTHUSB - ok
19:02:51.0871 4968 [ E1DDC25788A1D6FECF155CCE8159BE9B ] btwampfl C:\windows\system32\drivers\btwampfl.sys
19:02:51.0887 4968 btwampfl - ok
19:02:59.0266 4968 [ EBC9E33C13CDD6C51C1134EAE46466A1 ] btwaudio C:\windows\system32\drivers\btwaudio.sys
19:02:59.0266 4968 btwaudio - ok
19:02:59.0313 4968 [ 43FB7FA896D87AA5A9F3E743D7E2303F ] btwavdt C:\windows\system32\drivers\btwavdt.sys
19:02:59.0328 4968 btwavdt - ok
19:03:26.0940 4968 [ 8F16B32469F092F7CD8BCFB5BB0E8B33 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
19:03:29.0514 4968 btwdins - ok
19:03:34.0413 4968 [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys
19:03:34.0413 4968 btwl2cap - ok
19:03:36.0831 4968 [ 1AED551A8CB2F2343EDA09109EEF4807 ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys
19:03:36.0831 4968 btwrchid - ok
19:03:39.0218 4968 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
19:03:39.0218 4968 cdfs - ok
19:03:48.0812 4968 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
19:03:48.0812 4968 cdrom - ok
19:03:53.0616 4968 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
19:03:53.0632 4968 CertPropSvc - ok
19:03:58.0374 4968 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
19:03:58.0374 4968 circlass - ok
19:04:05.0597 4968 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
19:04:05.0597 4968 CLFS - ok
19:04:12.0914 4968 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:04:12.0929 4968 clr_optimization_v2.0.50727_32 - ok
19:04:27.0702 4968 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:04:27.0702 4968 clr_optimization_v2.0.50727_64 - ok
19:04:51.0804 4968 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:04:51.0804 4968 clr_optimization_v4.0.30319_32 - ok
19:04:54.0316 4968 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:04:54.0316 4968 clr_optimization_v4.0.30319_64 - ok
19:04:59.0105 4968 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
19:04:59.0121 4968 CmBatt - ok
19:05:01.0539 4968 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
19:05:01.0554 4968 cmdide - ok
19:05:13.0754 4968 [ EBF28856F69CF094A902F884CF989706 ] CNG C:\windows\system32\Drivers\cng.sys
19:05:13.0769 4968 CNG - ok
19:05:18.0590 4968 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
19:05:18.0590 4968 Compbatt - ok
19:05:21.0023 4968 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
19:05:21.0039 4968 CompositeBus - ok
19:05:23.0379 4968 COMSysApp - ok
19:05:28.0246 4968 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
19:05:28.0246 4968 crcdisk - ok
19:05:35.0500 4968 [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc C:\windows\system32\cryptsvc.dll
19:05:35.0500 4968 CryptSvc - ok
19:06:06.0825 4968 [ DDAC7684F4BC3F655ED31D8AA494E9AB ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
19:06:09.0352 4968 cvhsvc - ok
19:06:21.0395 4968 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
19:06:23.0782 4968 DcomLaunch - ok
19:06:26.0247 4968 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
19:06:26.0263 4968 defragsvc - ok
19:06:36.0028 4968 [ 22236C0BEE8A83381F8540774031515C ] DETECT PS2: C:\Program Files (x86)\ASUS\LiveUpdate\DetectSys.sys
19:06:36.0028 4968 DETECT PS2: - ok
19:06:40.0786 4968 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
19:06:40.0802 4968 DfsC - ok
19:06:55.0279 4968 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
19:06:55.0279 4968 Dhcp - ok
19:06:59.0959 4968 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
19:06:59.0959 4968 discache - ok
19:07:04.0779 4968 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
19:07:04.0779 4968 Disk - ok
19:07:07.0228 4968 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
19:07:07.0228 4968 Dnscache - ok
19:07:09.0599 4968 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
19:07:09.0599 4968 dot3svc - ok
19:07:14.0514 4968 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
19:07:14.0529 4968 DPS - ok
19:07:19.0334 4968 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
19:07:19.0350 4968 drmkaud - ok
19:07:33.0717 4968 [ 88612F1CE3BF42256913BF6E61C70D52 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
19:07:36.0182 4968 DXGKrnl - ok
19:07:38.0553 4968 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
19:07:38.0569 4968 EapHost - ok
19:08:12.0062 4968 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
19:08:16.0960 4968 ebdrv - ok
19:08:19.0347 4968 [ 4D71227301DD8D09097B9E4CC6527E5A ] EFS C:\windows\System32\lsass.exe
19:08:19.0363 4968 EFS - ok
19:08:31.0297 4968 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
19:08:33.0730 4968 ehRecvr - ok
19:08:36.0102 4968 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
19:08:36.0102 4968 ehSched - ok
19:08:40.0953 4968 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
19:08:40.0984 4968 elxstor - ok
19:08:41.0016 4968 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
19:08:41.0016 4968 ErrDev - ok
19:08:41.0094 4968 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
19:08:41.0094 4968 EventSystem - ok
19:08:41.0187 4968 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
19:08:41.0187 4968 exfat - ok
19:08:41.0218 4968 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
19:08:41.0234 4968 fastfat - ok
19:08:41.0312 4968 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
19:08:41.0328 4968 Fax - ok
19:08:41.0390 4968 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
19:08:41.0390 4968 fdc - ok
19:08:41.0437 4968 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
19:08:41.0437 4968 fdPHost - ok
19:08:41.0468 4968 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
19:08:41.0468 4968 FDResPub - ok
19:08:41.0499 4968 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
19:08:41.0499 4968 FileInfo - ok
19:08:41.0530 4968 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
19:08:41.0530 4968 Filetrace - ok
19:08:41.0577 4968 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
19:08:41.0593 4968 flpydisk - ok
19:08:41.0608 4968 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
19:08:41.0624 4968 FltMgr - ok
19:08:41.0718 4968 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\windows\system32\FntCache.dll
19:08:41.0749 4968 FontCache - ok
19:08:41.0827 4968 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:08:41.0827 4968 FontCache3.0.0.0 - ok
19:08:41.0858 4968 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
19:08:41.0874 4968 FsDepends - ok
19:08:41.0905 4968 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys
19:08:41.0920 4968 fssfltr - ok
19:08:42.0030 4968 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
19:08:42.0108 4968 fsssvc - ok
19:08:42.0139 4968 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
19:08:42.0139 4968 Fs_Rec - ok
19:08:42.0201 4968 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
19:08:42.0201 4968 fvevol - ok
19:08:42.0248 4968 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
19:08:42.0248 4968 gagp30kx - ok
19:08:42.0326 4968 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
19:08:42.0357 4968 gpsvc - ok
19:08:42.0435 4968 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:08:42.0435 4968 gupdate - ok
19:08:42.0451 4968 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:08:42.0451 4968 gupdatem - ok
19:08:42.0498 4968 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
19:08:42.0498 4968 hcw85cir - ok
19:08:42.0560 4968 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
19:08:42.0576 4968 HdAudAddService - ok
19:08:42.0607 4968 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
19:08:42.0607 4968 HDAudBus - ok
19:08:42.0638 4968 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
19:08:42.0638 4968 HidBatt - ok
19:08:42.0654 4968 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
19:08:42.0669 4968 HidBth - ok
19:08:42.0700 4968 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
19:08:42.0700 4968 HidIr - ok
19:08:42.0763 4968 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
19:08:42.0778 4968 hidserv - ok
19:08:42.0841 4968 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\drivers\hidusb.sys
19:08:42.0856 4968 HidUsb - ok
19:08:42.0981 4968 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
19:08:42.0981 4968 hkmsvc - ok
19:08:43.0075 4968 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
19:08:43.0090 4968 HomeGroupListener - ok
19:08:43.0137 4968 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
19:08:43.0153 4968 HomeGroupProvider - ok
19:08:43.0200 4968 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
19:08:43.0200 4968 HpSAMD - ok
19:08:43.0246 4968 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
19:08:43.0278 4968 HTTP - ok
19:08:43.0293 4968 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
19:08:43.0309 4968 hwpolicy - ok
19:08:43.0324 4968 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
19:08:43.0340 4968 i8042prt - ok
19:08:43.0387 4968 [ 2064090C9FAAD92C090D77E50E735B2E ] iaStor C:\windows\system32\drivers\iaStor.sys
19:08:43.0402 4968 iaStor - ok
19:08:43.0465 4968 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
19:08:43.0465 4968 iaStorV - ok
19:08:43.0543 4968 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:08:43.0574 4968 idsvc - ok
19:08:43.0777 4968 [ 9BDE173869DDAC34A738A038CCC6CF8A ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
19:08:43.0964 4968 igfx - ok
19:08:43.0995 4968 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
19:08:43.0995 4968 iirsp - ok
19:08:44.0058 4968 [ 344789398EC3EE5A4E00C52B31847946 ] IKEEXT C:\windows\System32\ikeext.dll
19:08:44.0089 4968 IKEEXT - ok
19:08:44.0214 4968 [ F89622824266DA1582ABE563B3D0A00B ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
19:08:44.0292 4968 IntcAzAudAddService - ok
19:08:44.0323 4968 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
19:08:44.0338 4968 intelide - ok
19:08:44.0385 4968 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
19:08:44.0385 4968 intelppm - ok
19:08:44.0416 4968 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
19:08:44.0432 4968 IPBusEnum - ok
19:08:44.0479 4968 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
19:08:44.0479 4968 IpFilterDriver - ok
19:08:44.0526 4968 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
19:08:44.0557 4968 iphlpsvc - ok
19:08:44.0588 4968 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
19:08:44.0588 4968 IPMIDRV - ok
19:08:44.0619 4968 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
19:08:44.0619 4968 IPNAT - ok
19:08:44.0650 4968 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
19:08:44.0666 4968 IRENUM - ok
19:08:44.0682 4968 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
19:08:44.0697 4968 isapnp - ok
19:08:44.0728 4968 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
19:08:44.0728 4968 iScsiPrt - ok
19:08:44.0775 4968 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
19:08:44.0775 4968 kbdclass - ok
19:08:44.0806 4968 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
19:08:44.0806 4968 kbdhid - ok
19:08:44.0853 4968 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\windows\system32\DRIVERS\kbfiltr.sys
19:08:44.0853 4968 kbfiltr - ok
19:08:44.0884 4968 [ 4D71227301DD8D09097B9E4CC6527E5A ] KeyIso C:\windows\system32\lsass.exe
19:08:44.0884 4968 KeyIso - ok
19:08:44.0916 4968 [ 8F489706472F7E9A06BAAA198703FA64 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
19:08:44.0931 4968 KSecDD - ok
19:08:44.0947 4968 [ 868A2CAAB12EFC7A021682BCA0EEC54C ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
19:08:44.0962 4968 KSecPkg - ok
19:08:45.0009 4968 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
19:08:45.0009 4968 ksthunk - ok
19:08:45.0056 4968 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
19:08:45.0087 4968 KtmRm - ok
19:08:45.0118 4968 [ 02DAB9CCF525F4950BA654B2589E1922 ] L1C C:\windows\system32\DRIVERS\L1C62x64.sys
19:08:45.0118 4968 L1C - ok
19:08:45.0165 4968 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
19:08:45.0212 4968 LanmanServer - ok
19:08:45.0243 4968 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
19:08:45.0274 4968 LanmanWorkstation - ok
19:08:45.0306 4968 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
19:08:45.0321 4968 lltdio - ok
19:08:45.0352 4968 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
19:08:45.0368 4968 lltdsvc - ok
19:08:45.0399 4968 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
19:08:45.0399 4968 lmhosts - ok
19:08:45.0462 4968 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
19:08:45.0462 4968 LSI_FC - ok
19:08:45.0493 4968 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
19:08:45.0493 4968 LSI_SAS - ok
19:08:45.0555 4968 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
19:08:45.0555 4968 LSI_SAS2 - ok
19:08:45.0586 4968 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
19:08:45.0586 4968 LSI_SCSI - ok
19:08:45.0633 4968 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
19:08:45.0633 4968 luafv - ok
19:08:45.0696 4968 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
19:08:45.0711 4968 Mcx2Svc - ok
19:08:45.0727 4968 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
19:08:45.0727 4968 megasas - ok
19:08:45.0758 4968 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
19:08:45.0774 4968 MegaSR - ok
19:08:45.0836 4968 Microsoft SharePoint Workspace Audit Service - ok
19:08:45.0883 4968 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
19:08:45.0898 4968 MMCSS - ok
19:08:45.0914 4968 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
19:08:45.0930 4968 Modem - ok
19:08:45.0961 4968 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
19:08:45.0976 4968 monitor - ok
19:08:46.0008 4968 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
19:08:46.0008 4968 mouclass - ok
19:08:46.0039 4968 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
19:08:46.0039 4968 mouhid - ok
19:08:46.0070 4968 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
19:08:46.0070 4968 mountmgr - ok
19:08:46.0101 4968 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
19:08:46.0117 4968 mpio - ok
19:08:46.0132 4968 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
19:08:46.0132 4968 mpsdrv - ok
19:08:46.0195 4968 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
19:08:46.0242 4968 MpsSvc - ok
19:08:46.0304 4968 [ 1A4F75E63C9FB84B85DFFC6B63FD5404 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
19:08:46.0304 4968 MRxDAV - ok
19:08:46.0351 4968 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
19:08:46.0366 4968 mrxsmb - ok
19:08:46.0398 4968 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
19:08:46.0398 4968 mrxsmb10 - ok
19:08:46.0429 4968 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
19:08:46.0429 4968 mrxsmb20 - ok
19:08:46.0460 4968 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
19:08:46.0476 4968 msahci - ok
19:08:46.0507 4968 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
19:08:46.0522 4968 msdsm - ok
19:08:46.0538 4968 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
19:08:46.0554 4968 MSDTC - ok
19:08:46.0600 4968 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
19:08:46.0616 4968 Msfs - ok
19:08:46.0632 4968 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
19:08:46.0632 4968 mshidkmdf - ok
19:08:46.0663 4968 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
19:08:46.0663 4968 msisadrv - ok
19:08:46.0710 4968 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
19:08:46.0710 4968 MSiSCSI - ok
19:08:46.0741 4968 msiserver - ok
19:08:46.0788 4968 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
19:08:46.0788 4968 MSKSSRV - ok
19:08:46.0834 4968 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
19:08:46.0834 4968 MSPCLOCK - ok
19:08:46.0866 4968 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
19:08:46.0881 4968 MSPQM - ok
19:08:46.0912 4968 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
19:08:46.0912 4968 MsRPC - ok
19:08:46.0959 4968 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
19:08:46.0959 4968 mssmbios - ok
19:08:46.0990 4968 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
19:08:46.0990 4968 MSTEE - ok
19:08:47.0006 4968 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
19:08:47.0022 4968 MTConfig - ok
19:08:47.0053 4968 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
19:08:47.0068 4968 Mup - ok
19:08:47.0115 4968 [ E590F14F36617533091BC1DDCF80E8AE ] mvusbews C:\windows\system32\Drivers\mvusbews.sys
19:08:47.0115 4968 mvusbews - ok
19:08:47.0162 4968 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
19:08:47.0209 4968 napagent - ok
19:08:47.0271 4968 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
19:08:47.0271 4968 NativeWifiP - ok
19:08:47.0365 4968 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
19:08:47.0365 4968 NDIS - ok
19:08:47.0427 4968 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
19:08:47.0427 4968 NdisCap - ok
19:08:47.0474 4968 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
19:08:47.0474 4968 NdisTapi - ok
19:08:47.0505 4968 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
19:08:47.0505 4968 Ndisuio - ok
19:08:47.0536 4968 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
19:08:47.0552 4968 NdisWan - ok
19:08:47.0583 4968 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
19:08:47.0583 4968 NDProxy - ok
19:08:47.0614 4968 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
19:08:47.0614 4968 NetBIOS - ok
19:08:47.0646 4968 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
19:08:47.0661 4968 NetBT - ok
19:08:47.0677 4968 [ 4D71227301DD8D09097B9E4CC6527E5A ] Netlogon C:\windows\system32\lsass.exe
19:08:47.0692 4968 Netlogon - ok
19:08:47.0739 4968 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
19:08:47.0755 4968 Netman - ok
19:08:47.0817 4968 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:08:47.0817 4968 NetMsmqActivator - ok
19:08:47.0833 4968 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:08:47.0833 4968 NetPipeActivator - ok
19:08:47.0880 4968 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
19:08:47.0895 4968 netprofm - ok
19:08:47.0958 4968 [ B72BB9496A126FCFC7FC5945DED9B411 ] netr28x C:\windows\system32\DRIVERS\netr28x.sys
19:08:47.0973 4968 netr28x - ok

Puzzler · Příspěvekod **Puzzler** » 16 lis 2013 19:42

19:08:48.0004 4968 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:08:48.0004 4968 NetTcpActivator - ok
19:08:48.0020 4968 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:08:48.0020 4968 NetTcpPortSharing - ok
19:08:48.0067 4968 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
19:08:48.0082 4968 nfrd960 - ok
19:08:48.0114 4968 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll
19:08:48.0129 4968 NlaSvc - ok
19:08:48.0160 4968 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
19:08:48.0160 4968 Npfs - ok
19:08:48.0207 4968 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
19:08:48.0223 4968 nsi - ok
19:08:48.0254 4968 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
19:08:48.0254 4968 nsiproxy - ok
19:09:09.0782 4968 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
19:09:12.0185 4968 Ntfs - ok
19:09:17.0114 4968 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
19:09:17.0130 4968 Null - ok
19:09:24.0337 4968 [ C25CC69829E976C67B34152334EEDDD1 ] nusb3hub C:\windows\system32\DRIVERS\nusb3hub.sys
19:09:24.0353 4968 nusb3hub - ok
19:09:31.0591 4968 [ 20BC4B57A6DBA0447ADB3B623C200F8E ] nusb3xhc C:\windows\system32\DRIVERS\nusb3xhc.sys
19:09:31.0622 4968 nusb3xhc - ok
19:10:15.0115 4968 [ 7328528DAF9B8A486E16595A35043DB0 ] nvlddmkm C:\windows\system32\DRIVERS\nvlddmkm.sys
19:10:17.0892 4968 nvlddmkm - ok
19:10:22.0572 4968 [ 8AE5A124F3B65C3EC531D251A3E9C87F ] nvpciflt C:\windows\system32\DRIVERS\nvpciflt.sys
19:10:22.0572 4968 nvpciflt - ok
19:10:24.0943 4968 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
19:10:24.0943 4968 nvraid - ok
19:10:29.0810 4968 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
19:10:29.0826 4968 nvstor - ok
19:10:39.0389 4968 [ CEA3416907C17BB6623D9CB1E015B3C4 ] NVSvc C:\windows\system32\nvvsvc.exe
19:10:39.0420 4968 NVSvc - ok
19:11:00.0979 4968 [ 741688E5A65CC43567BCC329AE130075 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
19:11:01.0026 4968 nvUpdatusService - ok
19:11:01.0073 4968 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
19:11:01.0073 4968 nv_agp - ok
19:11:01.0088 4968 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
19:11:01.0104 4968 ohci1394 - ok
19:11:01.0135 4968 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:11:01.0151 4968 ose - ok
19:11:47.0545 4968 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:11:50.0244 4968 osppsvc - ok
19:12:00.0150 4968 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
19:12:00.0166 4968 p2pimsvc - ok
19:12:05.0064 4968 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
19:12:05.0111 4968 p2psvc - ok
19:12:05.0142 4968 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
19:12:05.0158 4968 Parport - ok
19:12:05.0189 4968 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
19:12:05.0204 4968 partmgr - ok
19:12:05.0236 4968 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
19:12:05.0251 4968 PcaSvc - ok
19:12:10.0118 4968 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
19:12:10.0134 4968 pci - ok
19:12:12.0677 4968 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
19:12:12.0692 4968 pciide - ok
19:12:17.0591 4968 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
19:12:17.0606 4968 pcmcia - ok
19:12:20.0009 4968 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
19:12:20.0024 4968 pcw - ok
19:12:31.0896 4968 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
19:12:31.0896 4968 PEAUTH - ok
19:13:46.0105 4968 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
19:13:46.0105 4968 PerfHost - ok
19:13:55.0855 4968 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
19:13:58.0305 4968 pla - ok
19:14:05.0527 4968 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
19:14:07.0914 4968 PlugPlay - ok
19:14:12.0735 4968 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
19:14:12.0750 4968 PNRPAutoReg - ok
19:14:20.0051 4968 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
19:14:20.0051 4968 PNRPsvc - ok
19:14:24.0856 4968 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
19:14:27.0133 4968 PolicyAgent - ok
19:14:31.0938 4968 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
19:14:31.0954 4968 Power - ok
19:14:36.0837 4968 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
19:14:36.0852 4968 PptpMiniport - ok
19:14:36.0883 4968 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
19:14:36.0899 4968 Processor - ok
19:14:41.0563 4968 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
19:14:41.0579 4968 ProfSvc - ok
19:14:43.0997 4968 [ 4D71227301DD8D09097B9E4CC6527E5A ] ProtectedStorage C:\windows\system32\lsass.exe
19:14:44.0013 4968 ProtectedStorage - ok
19:14:48.0802 4968 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
19:14:48.0817 4968 Psched - ok
19:15:12.0857 4968 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
19:15:15.0228 4968 ql2300 - ok
19:15:17.0662 4968 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
19:15:17.0662 4968 ql40xx - ok
19:15:24.0947 4968 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
19:15:24.0947 4968 QWAVE - ok
19:15:27.0272 4968 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
19:15:27.0287 4968 QWAVEdrv - ok
19:15:29.0705 4968 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
19:15:29.0705 4968 RasAcd - ok
19:15:36.0975 4968 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
19:15:36.0990 4968 RasAgileVpn - ok
19:15:41.0811 4968 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
19:15:41.0951 4968 RasAuto - ok
19:15:41.0982 4968 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
19:15:41.0998 4968 Rasl2tp - ok
19:15:44.0447 4968 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
19:15:46.0772 4968 RasMan - ok
19:15:49.0236 4968 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
19:15:49.0236 4968 RasPppoe - ok
19:15:54.0072 4968 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
19:15:54.0072 4968 RasSstp - ok
19:16:01.0264 4968 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
19:16:03.0791 4968 rdbss - ok
19:16:06.0396 4968 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
19:16:06.0396 4968 rdpbus - ok
19:16:08.0752 4968 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
19:16:08.0752 4968 RDPCDD - ok
19:16:13.0635 4968 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
19:16:13.0635 4968 RDPENCDD - ok
19:16:16.0131 4968 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
19:16:16.0131 4968 RDPREFMP - ok
19:16:20.0982 4968 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
19:16:20.0998 4968 RDPWD - ok
19:16:23.0416 4968 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
19:16:23.0432 4968 rdyboost - ok
19:16:25.0912 4968 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
19:16:25.0912 4968 RemoteAccess - ok
19:16:28.0236 4968 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
19:16:30.0623 4968 RemoteRegistry - ok
19:16:33.0104 4968 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
19:16:33.0119 4968 RFCOMM - ok
19:16:37.0799 4968 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
19:16:40.0233 4968 RpcEptMapper - ok
19:16:42.0666 4968 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
19:16:42.0666 4968 RpcLocator - ok
19:16:52.0307 4968 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
19:16:52.0323 4968 RpcSs - ok
19:16:54.0788 4968 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
19:16:54.0803 4968 rspndr - ok
19:16:57.0206 4968 [ 4D71227301DD8D09097B9E4CC6527E5A ] SamSs C:\windows\system32\lsass.exe
19:16:57.0206 4968 SamSs - ok
19:17:04.0569 4968 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
19:17:04.0569 4968 sbp2port - ok
19:17:09.0452 4968 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
19:17:09.0467 4968 SCardSvr - ok
19:17:09.0545 4968 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
19:17:09.0545 4968 scfilter - ok
19:17:09.0592 4968 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
19:17:09.0639 4968 Schedule - ok
19:17:09.0686 4968 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
19:17:09.0686 4968 SCPolicySvc - ok
19:17:09.0717 4968 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
19:17:09.0733 4968 SDRSVC - ok
19:17:09.0764 4968 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
19:17:09.0764 4968 secdrv - ok
19:17:09.0779 4968 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
19:17:09.0795 4968 seclogon - ok
19:17:09.0826 4968 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
19:17:09.0842 4968 SENS - ok
19:17:09.0857 4968 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
19:17:09.0873 4968 SensrSvc - ok
19:17:09.0920 4968 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
19:17:09.0920 4968 Serenum - ok
19:17:09.0951 4968 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
19:17:09.0951 4968 Serial - ok
19:17:09.0967 4968 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
19:17:09.0967 4968 sermouse - ok
19:17:10.0045 4968 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
19:17:10.0045 4968 SessionEnv - ok
19:17:10.0076 4968 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
19:17:10.0076 4968 sffdisk - ok
19:17:10.0091 4968 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
19:17:10.0091 4968 sffp_mmc - ok
19:17:10.0107 4968 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
19:17:10.0107 4968 sffp_sd - ok
19:17:10.0138 4968 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
19:17:10.0138 4968 sfloppy - ok
19:17:10.0201 4968 [ B2F21560016B3C200FC34F2BD13DE469 ] Sftfs C:\windows\system32\DRIVERS\Sftfswin7.sys
19:17:10.0232 4968 Sftfs - ok
19:17:10.0310 4968 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
19:17:10.0341 4968 sftlist - ok
19:17:10.0372 4968 [ AD9449F3BF407DBD1742A465F2163847 ] Sftplay C:\windows\system32\DRIVERS\Sftplaywin7.sys
19:17:10.0372 4968 Sftplay - ok
19:17:10.0388 4968 [ 78A1496BA75C7D5700CECB77DDD291BB ] Sftredir C:\windows\system32\DRIVERS\Sftredirwin7.sys
19:17:10.0403 4968 Sftredir - ok
19:17:10.0419 4968 [ DA674FD0164D64BD4980A619410D57E3 ] Sftvol C:\windows\system32\DRIVERS\Sftvolwin7.sys
19:17:10.0435 4968 Sftvol - ok
19:17:10.0466 4968 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
19:17:10.0466 4968 sftvsa - ok
19:17:10.0528 4968 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
19:17:10.0544 4968 SharedAccess - ok
19:17:10.0575 4968 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
19:17:10.0606 4968 ShellHWDetection - ok
19:17:10.0637 4968 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
19:17:10.0653 4968 SiSRaid2 - ok
19:17:10.0684 4968 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
19:17:10.0700 4968 SiSRaid4 - ok
19:17:10.0762 4968 [ 9CD1BB2DB803B6AC642BD643DDB773BC ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:17:10.0778 4968 SkypeUpdate - ok
19:17:10.0809 4968 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
19:17:10.0809 4968 Smb - ok
19:17:10.0871 4968 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
19:17:10.0871 4968 SNMPTRAP - ok
19:17:10.0903 4968 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
19:17:10.0918 4968 spldr - ok
19:17:10.0965 4968 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
19:17:10.0965 4968 Spooler - ok
19:17:11.0074 4968 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
19:17:11.0199 4968 sppsvc - ok
19:17:11.0230 4968 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
19:17:11.0246 4968 sppuinotify - ok
19:17:11.0293 4968 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
19:17:11.0324 4968 srv - ok
19:17:11.0339 4968 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
19:17:11.0355 4968 srv2 - ok
19:17:11.0449 4968 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
19:17:11.0449 4968 srvnet - ok
19:17:11.0495 4968 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
19:17:11.0527 4968 SSDPSRV - ok
19:17:11.0542 4968 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
19:17:11.0558 4968 SstpSvc - ok
19:17:11.0620 4968 [ 918E709D9540C5AF8BE305E99BBD8A47 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:17:11.0620 4968 Stereo Service - ok
19:17:11.0651 4968 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
19:17:11.0651 4968 stexstor - ok
19:17:11.0698 4968 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
19:17:11.0745 4968 stisvc - ok
19:17:11.0761 4968 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
19:17:11.0761 4968 swenum - ok
19:17:11.0870 4968 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
19:17:11.0885 4968 SwitchBoard - ok
19:17:11.0948 4968 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
19:17:11.0979 4968 swprv - ok
19:17:12.0010 4968 [ 3C08FB2829A5304825F974B1631DEDFA ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
19:17:12.0010 4968 SynTP - ok
19:17:12.0073 4968 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
19:17:12.0135 4968 SysMain - ok
19:17:12.0166 4968 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
19:17:12.0182 4968 TabletInputService - ok
19:17:12.0213 4968 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
19:17:12.0244 4968 TapiSrv - ok
19:17:12.0260 4968 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
19:17:12.0275 4968 TBS - ok
19:17:12.0369 4968 [ 40AF23633D197905F03AB5628C558C51 ] Tcpip C:\windows\system32\drivers\tcpip.sys
19:17:12.0416 4968 Tcpip - ok
19:17:12.0494 4968 [ 40AF23633D197905F03AB5628C558C51 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
19:17:12.0509 4968 TCPIP6 - ok
19:17:12.0556 4968 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
19:17:12.0556 4968 tcpipreg - ok
19:17:12.0603 4968 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
19:17:12.0603 4968 TDPIPE - ok
19:17:12.0634 4968 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
19:17:12.0634 4968 TDTCP - ok
19:17:12.0650 4968 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
19:17:12.0665 4968 tdx - ok
19:17:12.0665 4968 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
19:17:12.0681 4968 TermDD - ok
19:17:12.0728 4968 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
19:17:12.0759 4968 TermService - ok
19:17:12.0775 4968 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
19:17:12.0790 4968 Themes - ok
19:17:12.0806 4968 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
19:17:12.0806 4968 THREADORDER - ok
19:17:12.0837 4968 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
19:17:12.0853 4968 TrkWks - ok
19:17:12.0899 4968 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
19:17:12.0915 4968 TrustedInstaller - ok
19:17:12.0962 4968 [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
19:17:12.0962 4968 tssecsrv - ok
19:17:12.0993 4968 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
19:17:12.0993 4968 TsUsbFlt - ok
19:17:13.0024 4968 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
19:17:13.0040 4968 TsUsbGD - ok
19:17:13.0071 4968 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
19:17:13.0087 4968 tunnel - ok
19:17:13.0102 4968 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
19:17:13.0102 4968 uagp35 - ok
19:17:13.0149 4968 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
19:17:13.0165 4968 udfs - ok
19:17:13.0211 4968 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
19:17:13.0211 4968 UI0Detect - ok
19:17:13.0258 4968 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
19:17:13.0258 4968 uliagpkx - ok
19:17:13.0289 4968 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
19:17:13.0305 4968 umbus - ok
19:17:13.0321 4968 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
19:17:13.0336 4968 UmPass - ok
19:17:13.0367 4968 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
19:17:13.0383 4968 upnphost - ok
19:17:13.0414 4968 [ ACCEA6BC68D0C9A78EB97EE159028B4E ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
19:17:13.0414 4968 usbccgp - ok
19:17:13.0461 4968 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31 ] usbcir C:\windows\system32\drivers\usbcir.sys
19:17:13.0477 4968 usbcir - ok
19:17:13.0523 4968 [ 311C1DD1088E55BEAE15954D17F50646 ] usbehci C:\windows\system32\drivers\usbehci.sys
19:17:13.0523 4968 usbehci - ok
19:17:13.0555 4968 [ 280E90CBF4B2DDD169F0728CB44D726F ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
19:17:13.0570 4968 usbhub - ok
19:17:13.0601 4968 [ 9406D801042FAF859CF81B2C886413DC ] usbohci C:\windows\system32\drivers\usbohci.sys
19:17:13.0601 4968 usbohci - ok
19:17:13.0648 4968 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
19:17:13.0648 4968 usbprint - ok
19:17:13.0679 4968 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
19:17:13.0679 4968 USBSTOR - ok
19:17:13.0711 4968 [ A83D0EC9AE4C31704442099D40BA2471 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
19:17:13.0711 4968 usbuhci - ok
19:17:13.0757 4968 [ 1F775DA4CF1A3A1834207E975A72E9D7 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
19:17:13.0757 4968 usbvideo - ok
19:17:13.0789 4968 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
19:17:13.0804 4968 UxSms - ok
19:17:13.0820 4968 [ 4D71227301DD8D09097B9E4CC6527E5A ] VaultSvc C:\windows\system32\lsass.exe
19:17:13.0820 4968 VaultSvc - ok
19:17:13.0867 4968 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
19:17:13.0867 4968 vdrvroot - ok
19:17:13.0898 4968 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
19:17:13.0929 4968 vds - ok
19:17:13.0960 4968 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
19:17:13.0960 4968 vga - ok
19:17:13.0976 4968 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
19:17:13.0991 4968 VgaSave - ok
19:17:14.0007 4968 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
19:17:14.0007 4968 vhdmp - ok
19:17:14.0038 4968 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
19:17:14.0038 4968 viaide - ok
19:17:14.0069 4968 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
19:17:14.0069 4968 volmgr - ok
19:17:14.0101 4968 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
19:17:14.0116 4968 volmgrx - ok
19:17:14.0132 4968 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
19:17:14.0147 4968 volsnap - ok
19:17:14.0179 4968 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
19:17:14.0194 4968 vsmraid - ok
19:17:14.0257 4968 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
19:17:14.0335 4968 VSS - ok
19:17:14.0366 4968 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
19:17:14.0366 4968 vwifibus - ok
19:17:14.0397 4968 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
19:17:14.0397 4968 vwififlt - ok
19:17:14.0444 4968 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
19:17:14.0444 4968 vwifimp - ok
19:17:14.0475 4968 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
19:17:14.0506 4968 W32Time - ok
19:17:14.0537 4968 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
19:17:14.0537 4968 WacomPen - ok
19:17:14.0584 4968 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
19:17:14.0600 4968 WANARP - ok
19:17:14.0615 4968 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
19:17:14.0615 4968 Wanarpv6 - ok
19:17:14.0693 4968 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
19:17:14.0740 4968 WatAdminSvc - ok
19:17:14.0818 4968 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
19:17:14.0896 4968 wbengine - ok
19:17:14.0927 4968 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
19:17:14.0943 4968 WbioSrvc - ok
19:17:14.0990 4968 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
19:17:15.0021 4968 wcncsvc - ok
19:17:15.0037 4968 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
19:17:15.0052 4968 WcsPlugInService - ok
19:17:15.0083 4968 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
19:17:15.0083 4968 Wd - ok
19:17:15.0146 4968 [ E2C933EDBC389386EBE6D2BA953F43D8 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
19:17:15.0146 4968 Wdf01000 - ok
19:17:15.0177 4968 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
19:17:15.0193 4968 WdiServiceHost - ok
19:17:15.0193 4968 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
19:17:15.0208 4968 WdiSystemHost - ok
19:17:15.0255 4968 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D ] WebClient C:\windows\System32\webclnt.dll
19:17:15.0271 4968 WebClient - ok
19:17:15.0302 4968 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
19:17:15.0333 4968 Wecsvc - ok
19:17:15.0349 4968 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
19:17:15.0364 4968 wercplsupport - ok
19:17:15.0380 4968 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
19:17:15.0395 4968 WerSvc - ok
19:17:15.0427 4968 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
19:17:15.0442 4968 WfpLwf - ok
19:17:15.0458 4968 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
19:17:15.0458 4968 WIMMount - ok
19:17:15.0489 4968 WinDefend - ok
19:17:15.0536 4968 WinHttpAutoProxySvc - ok
19:17:15.0598 4968 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
19:17:15.0598 4968 Winmgmt - ok
19:17:15.0692 4968 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
19:17:15.0754 4968 WinRM - ok
19:17:15.0832 4968 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
19:17:15.0832 4968 WinUsb - ok
19:17:15.0895 4968 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
19:17:15.0941 4968 Wlansvc - ok
19:17:16.0004 4968 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:17:16.0019 4968 wlcrasvc - ok
19:17:16.0129 4968 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:17:16.0191 4968 wlidsvc - ok
19:17:16.0238 4968 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
19:17:16.0238 4968 WmiAcpi - ok
19:17:16.0269 4968 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
19:17:16.0269 4968 wmiApSrv - ok
19:17:16.0300 4968 WMPNetworkSvc - ok
19:17:16.0331 4968 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
19:17:16.0347 4968 WPCSvc - ok
19:17:16.0363 4968 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
19:17:16.0378 4968 WPDBusEnum - ok
19:17:16.0425 4968 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
19:17:16.0425 4968 ws2ifsl - ok
19:17:16.0441 4968 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll
19:17:16.0456 4968 wscsvc - ok
19:17:16.0472 4968 WSearch - ok
19:17:16.0565 4968 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
19:17:16.0643 4968 wuauserv - ok
19:17:16.0690 4968 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
19:17:16.0690 4968 WudfPf - ok
19:17:16.0737 4968 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
19:17:16.0737 4968 WUDFRd - ok
19:17:16.0784 4968 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
19:17:16.0799 4968 wudfsvc - ok
19:17:16.0846 4968 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\windows\System32\wwansvc.dll
19:17:16.0862 4968 WwanSvc - ok
19:17:16.0924 4968 ================ Scan global ===============================
19:17:16.0955 4968 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
19:17:16.0987 4968 [ 88EDD0B34EED542745931E581AD21A32 ] C:\windows\system32\winsrv.dll
19:17:17.0018 4968 [ 88EDD0B34EED542745931E581AD21A32 ] C:\windows\system32\winsrv.dll
19:17:17.0065 4968 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
19:17:17.0096 4968 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
19:17:17.0127 4968 [Global] - ok
19:17:17.0127 4968 ================ Scan MBR ==================================
19:17:17.0143 4968 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:17:17.0392 4968 \Device\Harddisk0\DR0 - ok
19:17:17.0392 4968 ================ Scan VBR ==================================
19:17:17.0408 4968 [ 85F6DD65BE9FE98C62C788B31CFAC20D ] \Device\Harddisk0\DR0\Partition1
19:17:17.0408 4968 \Device\Harddisk0\DR0\Partition1 - ok
19:17:17.0439 4968 [ BC47326CE6EA3D7D468BA7FB70D105C3 ] \Device\Harddisk0\DR0\Partition2
19:17:17.0439 4968 \Device\Harddisk0\DR0\Partition2 - ok
19:17:17.0439 4968 ============================================================
19:17:17.0439 4968 Scan finished
19:17:17.0439 4968 ============================================================
19:17:17.0470 4960 Detected object count: 1
19:17:17.0470 4960 Actual detected object count: 1
19:20:33.0219 4960 BITS ( ForgedFile.Multi.Generic ) - skipped by user
19:20:33.0219 4960 BITS ( ForgedFile.Multi.Generic ) - User select action: Skip

Příspěvekod **jaro3** » 17 lis 2013 10:10

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.

Puzzler · Příspěvekod **Puzzler** » 17 lis 2013 10:45

Zdravim, toto jsem ale udělal již včera a reporty jsou zde zkopírovány. Mám to samé provést znovu ? Díky za odpověď.

Příspěvekod **memphisto** » 17 lis 2013 20:24

Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání- Finished "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.

Puzzler · Příspěvekod **Puzzler** » 21 lis 2013 10:03

Roguekiller jsem aktualizovaný dal proběhnout podle návodu, NIC to nenašlo, takže nebylo co smazat a ani log nešlo vygenerovat.
Zde je log z Combofix :

ComboFix 13-11-19.01 - asus 21.11.2013 8:34.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4086.2676 [GMT 1:00]
Spuštěný z: c:\users\Martin\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SysWow64\FlashPlayerApp.exe
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-21 do 2013-11-21 )))))))))))))))))))))))))))))))
.
.
2013-11-21 07:49 . 2013-11-21 07:49 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-11-21 07:49 . 2013-11-21 07:49 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-21 07:49 . 2013-11-21 07:49 -------- d-----w- c:\users\asus\AppData\Local\temp
2013-11-19 19:54 . 2013-11-08 03:12 10285968 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{579803A9-3593-47E4-A766-48A38811914A}\mpengine.dll
2013-11-15 22:01 . 2013-10-12 08:43 2648576 ----a-w- c:\windows\system32\iertutil.dll
2013-11-15 20:24 . 2013-11-16 07:46 -------- d-----w- c:\users\Martin\AppData\Local\Mozilla Firefox
2013-11-14 20:36 . 2013-10-03 02:23 404480 ----a-w- c:\windows\system32\gdi32.dll
2013-11-14 20:36 . 2013-10-03 02:00 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2013-11-14 20:32 . 2013-09-28 01:09 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2013-11-14 20:32 . 2013-10-05 20:25 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-11-14 20:32 . 2013-10-05 19:57 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-11-14 20:32 . 2013-10-04 02:24 1930752 ----a-w- c:\windows\system32\authui.dll
2013-11-14 20:32 . 2013-10-04 01:56 1796096 ----a-w- c:\windows\SysWow64\authui.dll
2013-11-14 20:32 . 2013-10-04 02:28 190464 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2013-11-14 20:32 . 2013-10-04 02:25 197120 ----a-w- c:\windows\system32\credui.dll
2013-11-14 20:32 . 2013-10-04 01:58 152576 ----a-w- c:\windows\SysWow64\SmartcardCredentialProvider.dll
2013-11-14 20:32 . 2013-10-04 01:56 168960 ----a-w- c:\windows\SysWow64\credui.dll
2013-11-14 20:15 . 2013-10-12 02:29 859648 ----a-w- c:\windows\system32\IKEEXT.DLL
2013-11-14 20:15 . 2013-10-12 02:29 324096 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2013-11-14 20:15 . 2013-10-12 02:30 830464 ----a-w- c:\windows\system32\nshwfp.dll
2013-11-14 20:15 . 2013-10-12 02:03 656896 ----a-w- c:\windows\SysWow64\nshwfp.dll
2013-11-14 20:15 . 2013-10-12 02:01 216576 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2013-11-04 16:15 . 2013-11-15 20:49 -------- d-----w- c:\users\Martin\AppData\Local\CrashDumps
2013-11-03 16:05 . 2013-11-21 06:29 -------- d-----w- c:\users\UpdatusUser\AppData\Local\CrashDumps
2013-11-03 12:19 . 2013-11-03 12:19 -------- d-----w- c:\windows\ERUNT
2013-11-03 10:00 . 2013-11-03 10:00 -------- d-----w- c:\programdata\Oracle
2013-11-03 09:55 . 2013-11-03 09:52 312744 ----a-w- c:\windows\system32\javaws.exe
2013-11-03 09:53 . 2013-11-03 09:52 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-11-03 09:53 . 2013-11-03 09:52 189352 ----a-w- c:\windows\system32\javaw.exe
2013-11-03 09:53 . 2013-11-03 09:52 189352 ----a-w- c:\windows\system32\java.exe
2013-11-02 21:12 . 2013-11-03 10:34 -------- d-----w- C:\AdwCleaner
2013-11-02 19:52 . 2013-11-02 19:52 -------- d-----w- c:\users\Martin\AppData\Roaming\Malwarebytes
2013-11-02 19:50 . 2013-11-02 19:50 -------- d-----w- c:\users\asus\AppData\Roaming\Malwarebytes
2013-11-02 19:48 . 2013-11-02 19:48 -------- d-----w- c:\programdata\Malwarebytes
2013-11-02 19:47 . 2013-04-04 13:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-11-02 19:47 . 2013-11-02 19:48 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-11-02 19:25 . 2013-11-02 19:25 -------- d-----w- c:\users\Martin\AppData\Local\Adobe
2013-10-28 11:25 . 2013-10-28 11:27 -------- d-----w- c:\program files\CCleaner
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-15 20:07 . 2012-03-30 21:13 82896128 ----a-w- c:\windows\system32\MRT.exe
2013-11-08 16:04 . 2011-12-06 11:26 409832 ----a-w- c:\windows\system32\drivers\aswsp.sys
2013-10-19 15:06 . 2013-10-06 12:38 92544 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-10-19 15:06 . 2013-10-06 12:38 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-10-19 15:06 . 2013-10-06 12:38 205320 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-10-19 15:06 . 2011-12-06 11:26 38984 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-10-19 15:06 . 2011-12-06 11:26 65264 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-10-19 15:06 . 2011-12-06 11:26 84328 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-10-19 15:06 . 2011-12-06 11:26 334648 ----a-w- c:\windows\system32\aswBoot.exe
2013-10-19 15:06 . 2011-12-06 11:26 1032416 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-10-19 15:05 . 2011-12-06 11:26 43152 ----a-w- c:\windows\avastSS.scr
2013-10-09 16:57 . 2011-12-06 11:12 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-25 02:22 . 2013-11-14 20:30 340992 ----a-w- c:\windows\system32\schannel.dll
2013-09-25 01:57 . 2013-11-14 20:30 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-09-08 02:30 . 2013-10-09 12:41 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-09-08 02:27 . 2013-10-09 12:41 327168 ----a-w- c:\windows\system32\mswsock.dll
2013-09-08 02:03 . 2013-10-09 12:41 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2013-09-04 12:12 . 2013-10-09 12:40 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-09-04 12:11 . 2013-10-09 12:40 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-09-04 12:11 . 2013-10-09 12:40 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-09-04 12:11 . 2013-10-09 12:40 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-09-04 12:11 . 2013-10-09 12:40 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-09-04 12:11 . 2013-10-09 12:40 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-09-04 12:11 . 2013-10-09 12:40 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-09-03 12:35 . 2011-12-06 19:33 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-08-29 02:17 . 2013-10-09 12:40 5549504 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-29 02:16 . 2013-10-09 12:40 1732032 ----a-w- c:\windows\system32\ntdll.dll
2013-08-29 02:16 . 2013-10-09 12:40 243712 ----a-w- c:\windows\system32\wow64.dll
2013-08-29 02:16 . 2013-10-09 12:40 859648 ----a-w- c:\windows\system32\tdh.dll
2013-08-29 02:13 . 2013-10-09 12:40 878080 ----a-w- c:\windows\system32\advapi32.dll
2013-08-29 01:51 . 2013-10-09 12:40 3969472 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51 . 2013-10-09 12:40 3914176 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50 . 2013-10-09 12:40 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-08-29 01:50 . 2013-10-09 12:40 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll
2013-08-29 01:50 . 2013-10-09 12:40 619520 ----a-w- c:\windows\SysWow64\tdh.dll
2013-08-29 01:48 . 2013-10-09 12:40 640512 ----a-w- c:\windows\SysWow64\advapi32.dll
2013-08-29 01:48 . 2013-10-09 12:40 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-08-29 00:49 . 2013-10-09 12:40 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-08-29 00:49 . 2013-10-09 12:40 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-08-29 00:49 . 2013-10-09 12:40 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-08-29 00:49 . 2013-10-09 12:40 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-08-28 01:21 . 2013-10-09 12:41 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-08-28 01:12 . 2013-10-09 12:40 461312 ----a-w- c:\windows\system32\scavengeui.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2012-01-20 719672]
"Boxoft Tools"="c:\programdata\Boxtools\Boxofttoolbox.exe" [2010-11-19 2590208]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-07-25 20684656]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2011-04-29 3058304]
"UCam_Menu"="c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056]
"HotkeyMon"="AsusSender.exe" [2011-03-11 34728]
"HotkeyService"="AsusSender.exe" [2011-03-11 34728]
"SuperHybridEngine"="AsusSender.exe" [2011-03-11 34728]
"CapsHook"="AsusSender.exe" [2011-03-11 34728]
"Eee Docking"="c:\program files (x86)\ASUS\Eee Docking\Eee Docking.exe" [2011-01-06 414384]
"iSeriesCharge"="c:\program files (x86)\ASUS\USBChargeSetting\iSeriesCharge.exe" [2010-12-07 96176]
"OOBESetup"="c:\program files (x86)\asus\OOBERegBackup\OOBERegBackup.exe" [2011-01-04 345088]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-04-29 2018032]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-06-25 1073352]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe" [2011-07-29 737104]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-10-19 3567800]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"ICQ6setup"="rmdir" [X]
"Delete"="AsusSender.exe" [2011-03-11 34728]
"aswAhAScr.dll"="c:\program files\AVAST Software\Avast\aswRegSvr.exe" [2013-08-30 51880]
"aswasOutExt.dll"="c:\program files\AVAST Software\Avast\aswRegSvr.exe" [2013-08-30 51880]
"aswasOutExt64.dll"="c:\program files\AVAST Software\Avast\aswRegSvr64.exe" [2013-08-30 50904]
"Malwarebytes Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2013-04-04 532040]
.
c:\users\asus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE /tsr [2011-9-2 227712]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe /start [2012-12-21 549040]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-5-21 1127712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
R2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 mvusbews;USB EWS Device;c:\windows\system32\Drivers\mvusbews.sys;c:\windows\SYSNATIVE\Drivers\mvusbews.sys [x]
R3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
R3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfswin7.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfswin7.sys [x]
R3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirwin7.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirwin7.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 602XML Updater;602Updater;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 AiDriver;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiDriver.sys;c:\windows\SYSNATIVE\DRIVERS\AiDriver.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 AsusService;Asus Launcher Service;c:\windows\SysWOW64\AsusService.exe;c:\windows\SysWOW64\AsusService.exe [x]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys;c:\windows\SYSNATIVE\drivers\aswFsBlk.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaywin7.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaywin7.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvolwin7.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvolwin7.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-11-16 07:16 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-11-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-21 16:57]
.
2013-10-28 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS\AutoKMS.exe [2012-11-29 01:37]
.
2013-11-21 c:\windows\Tasks\GlaryInitialize.job
- c:\program files (x86)\Glary Utilities\initialize.exe [2011-12-06 12:08]
.
2013-11-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-19 15:11]
.
2013-11-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-10-19 15:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-10-19 15:06 326944 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\Asus\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\Asus\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LiveUpdate"="AsusSender.exe" [2010-12-07 34728]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-11-01 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-11-01 385560]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-11-01 364056]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-08-24 11447912]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"MSPCLOCK"="streamci" [X]
"MSPQM"="streamci" [X]
"MSKSSRV"="streamci" [X]
"MSTEE.CxTransform"="streamci" [X]
"MSTEE.Splitter"="streamci" [X]
"*Restore"="c:\windows\System32\rstrui.exe" [2010-11-20 296960]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
Trusted Zone: mojebanka.cz\etrading
Trusted Zone: mojebanka.cz\www
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SynAsusAcpi - c:\program files (x86)\Synaptics\SynTP\SynAsusAcpi.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-11-21 08:56:37
ComboFix-quarantined-files.txt 2013-11-21 07:56
.
Před spuštěním: Volných bajtů: 45 445 025 792
Po spuštění: Volných bajtů: 45 011 951 616
.
- - End Of File - - E5CE6D0E556CE876A480E65572BE7E8B

Příspěvekod **jaro3** » 21 lis 2013 18:58

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
File::
c:\windows\Tasks\AutoKMS.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\program files (x86)\Skype\Updater
c:\windows\AutoKMS
c:\program files (x86)\Google\Update

Driver::
SkypeUpdate

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Kdo je online