Zdravím, prosím o kontrolu logu, již po druhé se mi samovolně změnil rok. Datum i čas zůstává, ale rok se změnil na něco málo přes šest tisíc.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:42:38, on 27.1.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal
Running processes:
C:\Users\Holi\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\Holi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Users\Holi\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Users\Holi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\Holi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Holi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Holi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Holi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Holi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Holi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Holi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Holi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Holi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Users\Holi\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Program Files (x86)\Webteh\BSplayer\bsplayer.exe
C:\Users\Holi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Holi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Holi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5v4772268p
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.worldusa.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5v4772268p
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKCU\..\Run: [ISUSPM Startup] c:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Holi\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Lucidita] C:\Users\Holi\Desktop\Programy\lucidita\Lucidita.exe
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: McAfee Application Installer Cleanup (0112931318277625) (0112931318277625mcinstcleanup) - - (no file)
O23 - Service: McAfee Application Installer Cleanup (0225481318271037) (0225481318271037mcinstcleanup) - - (no file)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apache2.2 - Apache Software Foundation - c:\xampp\apache\bin\httpd.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - C:\Program Files (x86)\xampp\FileZillaFTP\FileZillaServer.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: mysql - Unknown owner - c:\xampp\mysql\bin\mysqld.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Unknown owner - C:\Windows\system32\sfrem01.exe (file missing)
O23 - Service: ShowAnalyzerMaster - Dragon Global - C:\Program Files (x86)\Dragon Global\ShowAnalyzerSuite\ShowAnalyzerMaster.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XAMPP Service (XAMPP) - Unknown owner - C:\xampp\service.exe
--
End of file - 14190 bytes
Děkuji
Kontrola logu, samovolná změna data Vyřešeno
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: Kontrola logu, samovolná změna data
Odinstaluj SweetIM
v logu fixni:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5v4772268p
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.worldusa.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5v4772268p
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Holi\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
dej start - spustit - services.msc - najdi a ukonči/zakaž tyto služby:
O23 - Service: McAfee Application Installer Cleanup (0112931318277625) (0112931318277625mcinstcleanup) - - (no file)
O23 - Service: McAfee Application Installer Cleanup (0225481318271037) (0225481318271037mcinstcleanup) - - (no file)
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
v logu fixni:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5v4772268p
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.worldusa.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5v4772268p
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Holi\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
dej start - spustit - services.msc - najdi a ukonči/zakaž tyto služby:
O23 - Service: McAfee Application Installer Cleanup (0112931318277625) (0112931318277625mcinstcleanup) - - (no file)
O23 - Service: McAfee Application Installer Cleanup (0225481318271037) (0225481318271037mcinstcleanup) - - (no file)
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
-
Holi-cz
- Level 2
- Příspěvky: 157
- Registrován: říjen 10
- Bydliště: Teplice
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Kontrola logu, samovolná změna data
Log malwarebytes
Malwarebytes Anti-Malware 1.70.0.1100
http://www.malwarebytes.org
Verze: v2013.01.27.07
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Holi :: HOLI-PC [administrátor]
27.1.2013 21:19:24
MBAM-log-2013-01-27 (21-30-02).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 232134
Uplynulý čas: 8 minut, 32 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoSMHelp (PUM.Hijack.Help) -> Špatný: (1) Dobrý: (0) -> Nebyla provedena žádná instrukce.
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)
(konec)
Log adwCleaner
# AdwCleaner v2.109 - Logfile created 01/27/2013 at 22:15:06
# Updated 26/01/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Holi - HOLI-PC
# Boot Mode : Normal
# Running from : C:\Users\Holi\Downloads\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
Folder Found : C:\ProgramData\boost_interprocess
***** [Registry] *****
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Key Found : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Key Found : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Key Found : HKLM\Software\SimplyGen
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Found : HKU\S-1-5-21-1937654973-51059477-1887806541-1001\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16457
[OK] Registry is clean.
-\\ Mozilla Firefox v9.0.1 (cs)
File : C:\Users\Holi\AppData\Roaming\Mozilla\Firefox\Profiles\sji3hda5.default\prefs.js
Found : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "1358094559252");
-\\ Google Chrome v24.0.1312.56
File : C:\Users\Holi\AppData\Local\Google\Chrome\User Data\Default\Preferences
Found [l.8] : homepage = "hxxp://search.babylon.com/?affID=111304&tt=3412_2&babsrc=HP_ss&mntrId=3e01a190000000000000c446199fef5c",
Found [l.12] : urls_to_restore_on_startup = [ "hxxps://www.facebook.com/", "hxxps://mail.google.com/mail/u/0/#inbox", "hxxp://www.youtube.com/trendsdashboard#loc0=cze" ]
Found [l.2243] : homepage = "hxxp://search.babylon.com/?affID=111304&tt=3412_2&babsrc=HP_ss&mntrId=3e01a190000000000000c446199fef5c",
Found [l.2978] : urls_to_restore_on_startup = [ "hxxps://www.facebook.com/", "hxxps://mail.google.com/mail/u/0/#inbox", "hxxp://www.youtube.com/trendsdashboard#loc0=cze" ]
-\\ Opera v12.10.1652.0
File : C:\Users\Holi\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [20807 octets] - [12/12/2012 20:18:08]
AdwCleaner[R2].txt - [20868 octets] - [12/12/2012 20:27:17]
AdwCleaner[R3].txt - [2763 octets] - [27/01/2013 22:15:06]
AdwCleaner[S1].txt - [20776 octets] - [12/12/2012 20:27:29]
########## EOF - C:\AdwCleaner[R3].txt - [2884 octets] ##########
Malwarebytes Anti-Malware 1.70.0.1100
http://www.malwarebytes.org
Verze: v2013.01.27.07
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Holi :: HOLI-PC [administrátor]
27.1.2013 21:19:24
MBAM-log-2013-01-27 (21-30-02).txt
Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 232134
Uplynulý čas: 8 minut, 32 sekund
Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené datové položky v registru: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer|NoSMHelp (PUM.Hijack.Help) -> Špatný: (1) Dobrý: (0) -> Nebyla provedena žádná instrukce.
Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)
Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)
(konec)
Log adwCleaner
# AdwCleaner v2.109 - Logfile created 01/27/2013 at 22:15:06
# Updated 26/01/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Holi - HOLI-PC
# Boot Mode : Normal
# Running from : C:\Users\Holi\Downloads\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
Folder Found : C:\ProgramData\boost_interprocess
***** [Registry] *****
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Key Found : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Key Found : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Key Found : HKLM\Software\SimplyGen
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Found : HKU\S-1-5-21-1937654973-51059477-1887806541-1001\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16457
[OK] Registry is clean.
-\\ Mozilla Firefox v9.0.1 (cs)
File : C:\Users\Holi\AppData\Roaming\Mozilla\Firefox\Profiles\sji3hda5.default\prefs.js
Found : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "1358094559252");
-\\ Google Chrome v24.0.1312.56
File : C:\Users\Holi\AppData\Local\Google\Chrome\User Data\Default\Preferences
Found [l.8] : homepage = "hxxp://search.babylon.com/?affID=111304&tt=3412_2&babsrc=HP_ss&mntrId=3e01a190000000000000c446199fef5c",
Found [l.12] : urls_to_restore_on_startup = [ "hxxps://www.facebook.com/", "hxxps://mail.google.com/mail/u/0/#inbox", "hxxp://www.youtube.com/trendsdashboard#loc0=cze" ]
Found [l.2243] : homepage = "hxxp://search.babylon.com/?affID=111304&tt=3412_2&babsrc=HP_ss&mntrId=3e01a190000000000000c446199fef5c",
Found [l.2978] : urls_to_restore_on_startup = [ "hxxps://www.facebook.com/", "hxxps://mail.google.com/mail/u/0/#inbox", "hxxp://www.youtube.com/trendsdashboard#loc0=cze" ]
-\\ Opera v12.10.1652.0
File : C:\Users\Holi\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [20807 octets] - [12/12/2012 20:18:08]
AdwCleaner[R2].txt - [20868 octets] - [12/12/2012 20:27:17]
AdwCleaner[R3].txt - [2763 octets] - [27/01/2013 22:15:06]
AdwCleaner[S1].txt - [20776 octets] - [12/12/2012 20:27:29]
########## EOF - C:\AdwCleaner[R3].txt - [2884 octets] ##########
-
guest
- Pohlaví:
Re: Kontrola logu, samovolná změna data
OT:/ Toto je vtipný
Vyměň článek na desce!
Ty neumíš čísla, třeba 6034?ale rok se změnil na něco málo přes šest tisíc
Vyměň článek na desce!
-
Holi-cz
- Level 2
- Příspěvky: 157
- Registrován: říjen 10
- Bydliště: Teplice
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Kontrola logu, samovolná změna data
Přišlo mi nepodstatné, jestli napíšu 6000, nebo šest tisíc, navíc tam pokaždé byl jiný (teda i když se to stalo dvakrát no). Pokud myslíte, že je to opravdu chyba na zákl. desce, pošlu tedy notebook na reklamaci. Ale nestávalo by se to častěji než 2x s rozestupem cca 3-4 týdny?
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: Kontrola logu, samovolná změna data
Ano, jednou z příčin může být vybitá baterka na základní desce. První se ale podíváme po havěti.
V Mbam a AdwCleaner nech vše smazat
Stáhni si TDSSKiller
Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.
Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.
V Mbam a AdwCleaner nech vše smazat
Stáhni si TDSSKiller
Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.
Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
-
Holi-cz
- Level 2
- Příspěvky: 157
- Registrován: říjen 10
- Bydliště: Teplice
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Kontrola logu, samovolná změna data
TDSSKiller
16:41:07.0191 4488 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
16:41:08.0736 4488 ============================================================
16:41:08.0736 4488 Current date / time: 2013/01/28 16:41:08.0736
16:41:08.0736 4488 SystemInfo:
16:41:08.0736 4488
16:41:08.0736 4488 OS Version: 6.1.7601 ServicePack: 1.0
16:41:08.0736 4488 Product type: Workstation
16:41:08.0736 4488 ComputerName: HOLI-PC
16:41:08.0736 4488 UserName: Holi
16:41:08.0736 4488 Windows directory: C:\Windows
16:41:08.0736 4488 System windows directory: C:\Windows
16:41:08.0736 4488 Running under WOW64
16:41:08.0736 4488 Processor architecture: Intel x64
16:41:08.0736 4488 Number of processors: 4
16:41:08.0736 4488 Page size: 0x1000
16:41:08.0736 4488 Boot type: Normal boot
16:41:08.0736 4488 ============================================================
16:41:32.0760 4488 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:41:33.0103 4488 ============================================================
16:41:33.0103 4488 \Device\Harddisk0\DR0:
16:41:33.0275 4488 MBR partitions:
16:41:33.0275 4488 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A3857F1
16:41:33.0275 4488 ============================================================
16:41:33.0540 4488 C: <-> \Device\Harddisk0\DR0\Partition1
16:41:33.0540 4488 ============================================================
16:41:33.0540 4488 Initialize success
16:41:33.0540 4488 ============================================================
16:42:42.0507 4472 Deinitialize success
ComboFix
ComboFix 13-01-28.02 - Holi 28.01.2013 16:48:00.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3959.2151 [GMT 1:00]
Spuštěný z: c:\users\Holi\Downloads\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\programdata\FullRemove.exe
c:\programdata\MS
c:\programdata\MS\msdll01.xgl
c:\windows\iun6002.exe
c:\windows\msxml4-KB2758694-enu.LOG
c:\windows\My.ini
c:\windows\SysWow64\d2d1debug1.dll
c:\windows\SysWow64\DEBUG.log
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
c:\windows\wininit.ini
c:\windows\XSxS
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-28 do 2013-01-28 )))))))))))))))))))))))))))))))
.
.
2013-01-28 16:02 . 2013-01-28 16:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-27 20:17 . 2013-01-27 20:17 -------- d-----w- c:\users\Holi\AppData\Roaming\Malwarebytes
2013-01-27 20:17 . 2013-01-27 20:17 -------- d-----w- c:\programdata\Malwarebytes
2013-01-27 20:17 . 2013-01-27 20:17 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-01-27 20:17 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-27 20:16 . 2013-01-27 20:16 -------- d-----w- c:\users\Holi\AppData\Local\Programs
2013-01-27 18:42 . 2013-01-27 18:42 388096 ----a-r- c:\users\Holi\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-01-27 18:41 . 2013-01-27 18:41 -------- d-----w- c:\program files (x86)\Trend Micro
2013-01-26 13:38 . 2013-01-26 13:39 -------- d-----w- c:\program files (x86)\New Star Soccer 5
2013-01-25 19:48 . 2013-01-25 19:48 -------- d-----w- c:\users\Holi\AppData\Roaming\Nokia
2013-01-25 19:06 . 2013-01-25 19:10 -------- d-----w- c:\users\Holi\WebToolsWorkspace
2013-01-25 19:02 . 2013-01-25 20:11 -------- d-----w- c:\program files (x86)\Nokia Web Tools 1.2.0
2013-01-17 18:01 . 2013-01-17 18:01 -------- d-----w- c:\users\Holi\AppData\Roaming\LolClient
2013-01-16 21:54 . 2013-01-28 16:08 -------- d-----w- c:\users\Holi\AppData\Local\PMB Files
2013-01-16 21:54 . 2013-01-17 20:14 -------- d-----w- c:\programdata\PMB Files
2013-01-16 21:54 . 2013-01-16 21:54 -------- d-----w- c:\program files (x86)\Pando Networks
2013-01-16 21:54 . 2013-01-16 21:54 -------- d-----w- c:\users\Holi\.swt
2013-01-16 20:46 . 2013-01-16 21:30 -------- d-----w- c:\users\Holi\AppData\Roaming\Trillian
2013-01-16 20:46 . 2013-01-18 20:23 -------- d-----w- c:\program files (x86)\Trillian
2013-01-15 19:32 . 2013-01-15 19:34 -------- d-----w- C:\Fraps
2013-01-12 23:37 . 2013-01-12 23:37 -------- d-----w- c:\program files\Intel
2013-01-12 23:35 . 2013-01-12 23:35 -------- d-----w- c:\users\Holi\AppData\Roaming\InstallShield
2013-01-12 23:34 . 2010-01-25 14:09 349776 ----a-w- c:\windows\UNINSTLMv4.EXE
2013-01-12 20:16 . 2012-11-09 04:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2013-01-12 20:16 . 2012-11-09 05:45 750592 ----a-w- c:\windows\system32\win32spl.dll
2013-01-12 20:15 . 2012-11-01 04:47 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll
2013-01-12 20:15 . 2012-11-01 04:47 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2013-01-12 20:15 . 2012-11-01 05:43 2002432 ----a-w- c:\windows\system32\msxml6.dll
2013-01-12 20:15 . 2012-11-01 05:43 1882624 ----a-w- c:\windows\system32\msxml3.dll
2013-01-12 20:15 . 2012-11-20 04:51 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2013-01-12 20:13 . 2012-12-07 13:20 441856 ----a-w- c:\windows\system32\Wpc.dll
2013-01-12 20:10 . 2012-11-30 04:45 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-12 20:08 . 2012-11-30 05:45 362496 ----a-w- c:\windows\system32\wow64win.dll
2013-01-12 20:08 . 2012-11-30 05:45 243200 ----a-w- c:\windows\system32\wow64.dll
2013-01-12 20:08 . 2012-11-30 05:45 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2013-01-12 20:08 . 2012-11-30 05:43 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2013-01-12 20:06 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe
2013-01-12 20:05 . 2012-10-30 22:51 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-01-12 20:05 . 2012-10-30 22:51 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-01-12 20:05 . 2012-10-15 16:59 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-01-12 20:05 . 2012-11-23 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys
2013-01-12 20:05 . 2012-10-30 22:51 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-01-12 20:05 . 2012-10-30 22:51 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-01-12 20:05 . 2012-10-30 22:51 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-01-12 20:05 . 2012-10-30 22:50 285328 ----a-w- c:\windows\system32\aswBoot.exe
2013-01-12 20:04 . 2012-10-30 22:50 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2013-01-08 16:59 . 2013-01-12 23:34 -------- d-----w- c:\program files (x86)\Launch Manager
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-12 20:36 . 2012-04-21 22:24 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-12 20:36 . 2011-12-28 02:26 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-12 19:39 . 2012-03-04 22:50 67599240 ----a-w- c:\windows\system32\MRT.exe
2012-12-27 11:28 . 2012-12-27 11:28 53248 ----a-r- c:\users\Holi\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2012-12-27 11:27 . 2012-12-27 11:27 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2012-12-26 23:00 . 2012-12-26 23:00 270240 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-12-26 23:00 . 2012-02-15 21:12 270240 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-12-26 22:53 . 2012-02-15 21:12 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-12-26 22:53 . 2012-02-15 21:12 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-12-16 17:11 . 2012-12-23 20:46 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-23 20:46 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-23 20:46 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-23 20:46 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-14 17:13 . 2012-10-03 15:46 1060832 ----a-w- c:\programdata\Microsoft\WDExpress\11.0\1033\ResourceCache.dll
2012-12-14 17:12 . 2012-10-03 16:03 1085024 ----a-w- c:\programdata\Microsoft\WDExpress\11.0\1029\ResourceCache.dll
2012-11-30 04:45 . 2013-01-12 20:10 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-21 14:10 . 2011-11-07 19:53 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-11-21 14:10 . 2011-11-25 22:32 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-11-14 07:06 . 2012-12-14 17:03 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-14 17:03 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-14 17:03 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-14 17:03 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-14 17:03 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-14 17:03 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-14 17:03 237056 ----a-w- c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-14 17:03 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-14 17:03 816640 ----a-w- c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-14 17:03 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-14 17:03 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-14 17:03 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-14 17:03 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-14 17:03 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-14 17:03 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-14 17:03 248320 ----a-w- c:\windows\system32\ieui.dll
2012-11-14 02:09 . 2012-12-14 17:03 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-14 17:03 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-14 17:03 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-14 17:03 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-14 17:03 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-14 17:03 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-09 05:45 . 2012-12-13 02:09 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-13 02:09 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-08 10:29 . 2012-11-08 10:29 1402312 ----a-w- c:\windows\SysWow64\msxml4.dll
2012-11-02 05:59 . 2012-12-13 02:08 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 05:11 . 2012-12-13 02:08 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-10-30 22:51 . 2012-06-19 17:53 41224 ----a-w- c:\windows\avastSS.scr
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-02-17 221184]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2012-12-17 16328976]
"Lucidita"="c:\users\Holi\Desktop\Programy\lucidita\Lucidita.exe" [2009-09-01 419840]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2013-01-16 3093624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-27 98304]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-17 81920]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-06-22 968272]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
"HideFastUserSwitching"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"GreyMSIAds"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [2006-07-05 77688]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R2 XAMPP;XAMPP Service;c:\xampp\service.exe [2007-12-21 60928]
R3 massfilter;Mass Storage Filter Driver; [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [2012-01-09 171008]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [2010-06-17 246376]
R3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys [2009-12-01 38992]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352]
R3 uxkx164;ASUS MyCinema DiBcom based digital tuner device;c:\windows\system32\DRIVERS\uxkx164.sys [2008-10-28 694272]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-12-19 146736]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-10-11 1255736]
R3 X6va011;X6va011;c:\windows\SysWOW64\Drivers\X6va011 [x]
R4 0112931318277625mcinstcleanup;McAfee Application Installer Cleanup (0112931318277625); [x]
R4 0225481318271037mcinstcleanup;McAfee Application Installer Cleanup (0225481318271037); [x]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys [2012-05-13 133728]
S0 vidsflt61;Acronis Disk Storage Filter (61);c:\windows\system32\DRIVERS\vsflt61.sys [2012-05-13 142944]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-01-06 279616]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-27 203264]
S2 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [2011-09-10 18432]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-06-22 321104]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-06-11 868896]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-28 255744]
S2 ShowAnalyzerMaster;ShowAnalyzerMaster;c:\program files (x86)\Dragon Global\ShowAnalyzerSuite\ShowAnalyzerMaster.exe [2010-06-05 2136576]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2009-11-02 13784]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-04-13 135560]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2010-05-15 384040]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys [2012-09-18 78648]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys [2012-09-18 15160]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-21 20:36]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-06-11 861216]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2012-11-04 2419512]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\SYSTEM32\blank.htm
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: WikiKomentáře Google... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Holi\AppData\Roaming\Mozilla\Firefox\Profiles\sji3hda5.default\
FF - prefs.js: network.proxy.gopher -
FF - prefs.js: network.proxy.gopher_port - 0
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2012-12-17 23:43; {9c51bd27-6ed8-4000-a2bf-36cb95c0c947}; c:\users\Holi\AppData\Roaming\Mozilla\Firefox\Profiles\sji3hda5.default\extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi
FF - ExtSQL: 2012-12-27 12:26; {F003DA68-8256-4b37-A6C4-350FA04494DF}; c:\program files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF - ExtSQL: 2013-01-03 23:05; client@anonymox.net; c:\users\Holi\AppData\Roaming\Mozilla\Firefox\Profiles\sji3hda5.default\extensions\client@anonymox.net.xpi
FF - ExtSQL: 2013-01-11 16:44; {8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}; c:\users\Holi\AppData\Roaming\Mozilla\Firefox\Profiles\sji3hda5.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-Sweetpacks Bundle Uninstaller - c:\program files (x86)\sweetpacks bundle uninstaller\uninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va011]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va011"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1937654973-51059477-1887806541-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\xampp\FileZillaFTP\FileZillaServer.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\xampp\mysql\bin\mysqld.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
.
**************************************************************************
.
Celkový čas: 2013-01-28 17:25:46 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-01-28 16:25
.
Před spuštěním: Volných bajtů: 159 800 877 056
Po spuštění: Volných bajtů: 159 777 013 760
.
- - End Of File - - 792338C42A3149CC91ECFF22DD5070BB
Teď když koukám do toho druhého logu, je tam, že štíty Avastu byly zapnuté, což je divné, protože jsem je vypnul permanentně a ještě teď jsou vypnuté.
16:41:07.0191 4488 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
16:41:08.0736 4488 ============================================================
16:41:08.0736 4488 Current date / time: 2013/01/28 16:41:08.0736
16:41:08.0736 4488 SystemInfo:
16:41:08.0736 4488
16:41:08.0736 4488 OS Version: 6.1.7601 ServicePack: 1.0
16:41:08.0736 4488 Product type: Workstation
16:41:08.0736 4488 ComputerName: HOLI-PC
16:41:08.0736 4488 UserName: Holi
16:41:08.0736 4488 Windows directory: C:\Windows
16:41:08.0736 4488 System windows directory: C:\Windows
16:41:08.0736 4488 Running under WOW64
16:41:08.0736 4488 Processor architecture: Intel x64
16:41:08.0736 4488 Number of processors: 4
16:41:08.0736 4488 Page size: 0x1000
16:41:08.0736 4488 Boot type: Normal boot
16:41:08.0736 4488 ============================================================
16:41:32.0760 4488 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:41:33.0103 4488 ============================================================
16:41:33.0103 4488 \Device\Harddisk0\DR0:
16:41:33.0275 4488 MBR partitions:
16:41:33.0275 4488 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A3857F1
16:41:33.0275 4488 ============================================================
16:41:33.0540 4488 C: <-> \Device\Harddisk0\DR0\Partition1
16:41:33.0540 4488 ============================================================
16:41:33.0540 4488 Initialize success
16:41:33.0540 4488 ============================================================
16:42:42.0507 4472 Deinitialize success
ComboFix
ComboFix 13-01-28.02 - Holi 28.01.2013 16:48:00.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3959.2151 [GMT 1:00]
Spuštěný z: c:\users\Holi\Downloads\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\programdata\FullRemove.exe
c:\programdata\MS
c:\programdata\MS\msdll01.xgl
c:\windows\iun6002.exe
c:\windows\msxml4-KB2758694-enu.LOG
c:\windows\My.ini
c:\windows\SysWow64\d2d1debug1.dll
c:\windows\SysWow64\DEBUG.log
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
c:\windows\wininit.ini
c:\windows\XSxS
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-28 do 2013-01-28 )))))))))))))))))))))))))))))))
.
.
2013-01-28 16:02 . 2013-01-28 16:02 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-27 20:17 . 2013-01-27 20:17 -------- d-----w- c:\users\Holi\AppData\Roaming\Malwarebytes
2013-01-27 20:17 . 2013-01-27 20:17 -------- d-----w- c:\programdata\Malwarebytes
2013-01-27 20:17 . 2013-01-27 20:17 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-01-27 20:17 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-27 20:16 . 2013-01-27 20:16 -------- d-----w- c:\users\Holi\AppData\Local\Programs
2013-01-27 18:42 . 2013-01-27 18:42 388096 ----a-r- c:\users\Holi\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-01-27 18:41 . 2013-01-27 18:41 -------- d-----w- c:\program files (x86)\Trend Micro
2013-01-26 13:38 . 2013-01-26 13:39 -------- d-----w- c:\program files (x86)\New Star Soccer 5
2013-01-25 19:48 . 2013-01-25 19:48 -------- d-----w- c:\users\Holi\AppData\Roaming\Nokia
2013-01-25 19:06 . 2013-01-25 19:10 -------- d-----w- c:\users\Holi\WebToolsWorkspace
2013-01-25 19:02 . 2013-01-25 20:11 -------- d-----w- c:\program files (x86)\Nokia Web Tools 1.2.0
2013-01-17 18:01 . 2013-01-17 18:01 -------- d-----w- c:\users\Holi\AppData\Roaming\LolClient
2013-01-16 21:54 . 2013-01-28 16:08 -------- d-----w- c:\users\Holi\AppData\Local\PMB Files
2013-01-16 21:54 . 2013-01-17 20:14 -------- d-----w- c:\programdata\PMB Files
2013-01-16 21:54 . 2013-01-16 21:54 -------- d-----w- c:\program files (x86)\Pando Networks
2013-01-16 21:54 . 2013-01-16 21:54 -------- d-----w- c:\users\Holi\.swt
2013-01-16 20:46 . 2013-01-16 21:30 -------- d-----w- c:\users\Holi\AppData\Roaming\Trillian
2013-01-16 20:46 . 2013-01-18 20:23 -------- d-----w- c:\program files (x86)\Trillian
2013-01-15 19:32 . 2013-01-15 19:34 -------- d-----w- C:\Fraps
2013-01-12 23:37 . 2013-01-12 23:37 -------- d-----w- c:\program files\Intel
2013-01-12 23:35 . 2013-01-12 23:35 -------- d-----w- c:\users\Holi\AppData\Roaming\InstallShield
2013-01-12 23:34 . 2010-01-25 14:09 349776 ----a-w- c:\windows\UNINSTLMv4.EXE
2013-01-12 20:16 . 2012-11-09 04:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2013-01-12 20:16 . 2012-11-09 05:45 750592 ----a-w- c:\windows\system32\win32spl.dll
2013-01-12 20:15 . 2012-11-01 04:47 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll
2013-01-12 20:15 . 2012-11-01 04:47 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2013-01-12 20:15 . 2012-11-01 05:43 2002432 ----a-w- c:\windows\system32\msxml6.dll
2013-01-12 20:15 . 2012-11-01 05:43 1882624 ----a-w- c:\windows\system32\msxml3.dll
2013-01-12 20:15 . 2012-11-20 04:51 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2013-01-12 20:13 . 2012-12-07 13:20 441856 ----a-w- c:\windows\system32\Wpc.dll
2013-01-12 20:10 . 2012-11-30 04:45 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-12 20:08 . 2012-11-30 05:45 362496 ----a-w- c:\windows\system32\wow64win.dll
2013-01-12 20:08 . 2012-11-30 05:45 243200 ----a-w- c:\windows\system32\wow64.dll
2013-01-12 20:08 . 2012-11-30 05:45 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2013-01-12 20:08 . 2012-11-30 05:43 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2013-01-12 20:06 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe
2013-01-12 20:05 . 2012-10-30 22:51 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-01-12 20:05 . 2012-10-30 22:51 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-01-12 20:05 . 2012-10-15 16:59 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-01-12 20:05 . 2012-11-23 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys
2013-01-12 20:05 . 2012-10-30 22:51 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-01-12 20:05 . 2012-10-30 22:51 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-01-12 20:05 . 2012-10-30 22:51 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-01-12 20:05 . 2012-10-30 22:50 285328 ----a-w- c:\windows\system32\aswBoot.exe
2013-01-12 20:04 . 2012-10-30 22:50 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2013-01-08 16:59 . 2013-01-12 23:34 -------- d-----w- c:\program files (x86)\Launch Manager
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-12 20:36 . 2012-04-21 22:24 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-12 20:36 . 2011-12-28 02:26 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-12 19:39 . 2012-03-04 22:50 67599240 ----a-w- c:\windows\system32\MRT.exe
2012-12-27 11:28 . 2012-12-27 11:28 53248 ----a-r- c:\users\Holi\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2012-12-27 11:27 . 2012-12-27 11:27 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2012-12-26 23:00 . 2012-12-26 23:00 270240 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-12-26 23:00 . 2012-02-15 21:12 270240 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-12-26 22:53 . 2012-02-15 21:12 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-12-26 22:53 . 2012-02-15 21:12 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-12-16 17:11 . 2012-12-23 20:46 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-23 20:46 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-23 20:46 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-23 20:46 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-14 17:13 . 2012-10-03 15:46 1060832 ----a-w- c:\programdata\Microsoft\WDExpress\11.0\1033\ResourceCache.dll
2012-12-14 17:12 . 2012-10-03 16:03 1085024 ----a-w- c:\programdata\Microsoft\WDExpress\11.0\1029\ResourceCache.dll
2012-11-30 04:45 . 2013-01-12 20:10 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-21 14:10 . 2011-11-07 19:53 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-11-21 14:10 . 2011-11-25 22:32 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-11-14 07:06 . 2012-12-14 17:03 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-14 17:03 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-14 17:03 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-14 17:03 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-14 17:03 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-14 17:03 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-14 17:03 237056 ----a-w- c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-14 17:03 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-14 17:03 816640 ----a-w- c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-14 17:03 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-14 17:03 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-14 17:03 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-14 17:03 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-14 17:03 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-14 17:03 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-14 17:03 248320 ----a-w- c:\windows\system32\ieui.dll
2012-11-14 02:09 . 2012-12-14 17:03 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-14 17:03 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-14 17:03 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-14 17:03 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-14 17:03 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-14 17:03 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-09 05:45 . 2012-12-13 02:09 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-13 02:09 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-08 10:29 . 2012-11-08 10:29 1402312 ----a-w- c:\windows\SysWow64\msxml4.dll
2012-11-02 05:59 . 2012-12-13 02:08 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 05:11 . 2012-12-13 02:08 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-10-30 22:51 . 2012-06-19 17:53 41224 ----a-w- c:\windows\avastSS.scr
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-02-17 221184]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2012-12-17 16328976]
"Lucidita"="c:\users\Holi\Desktop\Programy\lucidita\Lucidita.exe" [2009-09-01 419840]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2013-01-16 3093624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-27 98304]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-17 81920]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-06-22 968272]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
"HideFastUserSwitching"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"GreyMSIAds"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [2006-07-05 77688]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R2 XAMPP;XAMPP Service;c:\xampp\service.exe [2007-12-21 60928]
R3 massfilter;Mass Storage Filter Driver; [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [2012-01-09 171008]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [2010-06-17 246376]
R3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys [2009-12-01 38992]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352]
R3 uxkx164;ASUS MyCinema DiBcom based digital tuner device;c:\windows\system32\DRIVERS\uxkx164.sys [2008-10-28 694272]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-12-19 146736]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-10-11 1255736]
R3 X6va011;X6va011;c:\windows\SysWOW64\Drivers\X6va011 [x]
R4 0112931318277625mcinstcleanup;McAfee Application Installer Cleanup (0112931318277625); [x]
R4 0225481318271037mcinstcleanup;McAfee Application Installer Cleanup (0225481318271037); [x]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys [2012-05-13 133728]
S0 vidsflt61;Acronis Disk Storage Filter (61);c:\windows\system32\DRIVERS\vsflt61.sys [2012-05-13 142944]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-01-06 279616]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-27 203264]
S2 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [2011-09-10 18432]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-06-22 321104]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-06-11 868896]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-28 255744]
S2 ShowAnalyzerMaster;ShowAnalyzerMaster;c:\program files (x86)\Dragon Global\ShowAnalyzerSuite\ShowAnalyzerMaster.exe [2010-06-05 2136576]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2009-11-02 13784]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-04-13 135560]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2010-05-15 384040]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys [2012-09-18 78648]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys [2012-09-18 15160]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-21 20:36]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-06-11 861216]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2012-11-04 2419512]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\SYSTEM32\blank.htm
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: WikiKomentáře Google... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Holi\AppData\Roaming\Mozilla\Firefox\Profiles\sji3hda5.default\
FF - prefs.js: network.proxy.gopher -
FF - prefs.js: network.proxy.gopher_port - 0
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2012-12-17 23:43; {9c51bd27-6ed8-4000-a2bf-36cb95c0c947}; c:\users\Holi\AppData\Roaming\Mozilla\Firefox\Profiles\sji3hda5.default\extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi
FF - ExtSQL: 2012-12-27 12:26; {F003DA68-8256-4b37-A6C4-350FA04494DF}; c:\program files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF - ExtSQL: 2013-01-03 23:05; client@anonymox.net; c:\users\Holi\AppData\Roaming\Mozilla\Firefox\Profiles\sji3hda5.default\extensions\client@anonymox.net.xpi
FF - ExtSQL: 2013-01-11 16:44; {8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}; c:\users\Holi\AppData\Roaming\Mozilla\Firefox\Profiles\sji3hda5.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-Sweetpacks Bundle Uninstaller - c:\program files (x86)\sweetpacks bundle uninstaller\uninstaller.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va011]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va011"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1937654973-51059477-1887806541-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\xampp\FileZillaFTP\FileZillaServer.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\xampp\mysql\bin\mysqld.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
.
**************************************************************************
.
Celkový čas: 2013-01-28 17:25:46 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-01-28 16:25
.
Před spuštěním: Volných bajtů: 159 800 877 056
Po spuštění: Volných bajtů: 159 777 013 760
.
- - End Of File - - 792338C42A3149CC91ECFF22DD5070BB
Teď když koukám do toho druhého logu, je tam, že štíty Avastu byly zapnuté, což je divné, protože jsem je vypnul permanentně a ještě teď jsou vypnuté.
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Kontrola logu, samovolná změna data
Tdsskiller není celý, vlož jej celý.
Odinstaluj:
McAfee Application Installer Cleanup
V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému
Toto otestuj na Virustotal
c:\windows\UNINSTLMv4.EXE
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
Nebo na:
http://www.virscan.org/
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Odinstaluj:
McAfee Application Installer Cleanup
V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému
Toto otestuj na Virustotal
c:\windows\UNINSTLMv4.EXE
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
Nebo na:
http://www.virscan.org/
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
Holi-cz
- Level 2
- Příspěvky: 157
- Registrován: říjen 10
- Bydliště: Teplice
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Kontrola logu, samovolná změna data
McAfee Application Installer Cleanup odinstalován.
Tdsskiller
16:36:22.0708 6428 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
16:36:22.0926 6428 ============================================================
16:36:22.0926 6428 Current date / time: 2013/01/28 16:36:22.0926
16:36:22.0926 6428 SystemInfo:
16:36:22.0926 6428
16:36:22.0926 6428 OS Version: 6.1.7601 ServicePack: 1.0
16:36:22.0926 6428 Product type: Workstation
16:36:22.0926 6428 ComputerName: HOLI-PC
16:36:22.0926 6428 UserName: Holi
16:36:22.0926 6428 Windows directory: C:\Windows
16:36:22.0926 6428 System windows directory: C:\Windows
16:36:22.0926 6428 Running under WOW64
16:36:22.0926 6428 Processor architecture: Intel x64
16:36:22.0926 6428 Number of processors: 4
16:36:22.0926 6428 Page size: 0x1000
16:36:22.0926 6428 Boot type: Normal boot
16:36:22.0926 6428 ============================================================
16:36:26.0592 6428 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:36:26.0592 6428 ============================================================
16:36:26.0592 6428 \Device\Harddisk0\DR0:
16:36:26.0592 6428 MBR partitions:
16:36:26.0592 6428 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A3857F1
16:36:26.0592 6428 ============================================================
16:36:26.0748 6428 C: <-> \Device\Harddisk0\DR0\Partition1
16:36:26.0748 6428 ============================================================
16:36:26.0748 6428 Initialize success
16:36:26.0748 6428 ============================================================
16:36:36.0794 6520 ============================================================
16:36:36.0794 6520 Scan started
16:36:36.0794 6520 Mode: Manual;
16:36:36.0794 6520 ============================================================
16:36:38.0198 6520 ================ Scan system memory ========================
16:36:38.0198 6520 Scan interrupted by user!
16:36:38.0198 6520 ================ Scan services =============================
16:36:38.0261 6520 Scan interrupted by user!
16:36:38.0261 6520 ================ Scan global ===============================
16:36:38.0261 6520 Scan interrupted by user!
16:36:38.0261 6520 ================ Scan MBR ==================================
16:36:38.0261 6520 Scan interrupted by user!
16:36:38.0261 6520 ================ Scan VBR ==================================
16:36:38.0261 6520 Scan interrupted by user!
16:36:38.0261 6520 ============================================================
16:36:38.0261 6520 Scan finished
16:36:38.0261 6520 ============================================================
16:36:38.0261 6548 Detected object count: 0
16:36:38.0261 6548 Actual detected object count: 0
16:36:40.0320 6592 ============================================================
16:36:40.0320 6592 Scan started
16:36:40.0320 6592 Mode: Manual;
16:36:40.0320 6592 ============================================================
16:36:40.0632 6592 ================ Scan system memory ========================
16:36:40.0632 6592 System memory - ok
16:36:40.0632 6592 ================ Scan services =============================
16:36:41.0599 6592 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:36:41.0615 6592 1394ohci - ok
16:36:41.0646 6592 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:36:41.0662 6592 ACPI - ok
16:36:41.0708 6592 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:36:41.0740 6592 AcpiPmi - ok
16:36:42.0722 6592 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:36:42.0754 6592 AdobeFlashPlayerUpdateSvc - ok
16:36:42.0832 6592 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
16:36:42.0847 6592 adp94xx - ok
16:36:42.0847 6592 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
16:36:42.0847 6592 adpahci - ok
16:36:42.0863 6592 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
16:36:42.0863 6592 adpu320 - ok
16:36:42.0894 6592 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:36:42.0910 6592 AeLookupSvc - ok
16:36:42.0941 6592 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
16:36:42.0956 6592 AFD - ok
16:36:43.0003 6592 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:36:43.0003 6592 agp440 - ok
16:36:43.0034 6592 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
16:36:43.0034 6592 ALG - ok
16:36:43.0081 6592 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
16:36:43.0097 6592 aliide - ok
16:36:43.0112 6592 [ F687D4976EFF550FB0BE45A5CB19F18F ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:36:43.0128 6592 AMD External Events Utility - ok
16:36:43.0144 6592 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
16:36:43.0144 6592 amdide - ok
16:36:43.0237 6592 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
16:36:43.0253 6592 AmdK8 - ok
16:36:44.0594 6592 [ 74687C33C4AD25A975BBB1EA1E8B3884 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:36:44.0953 6592 amdkmdag - ok
16:36:45.0187 6592 [ C7F56ED86327A78E7F8A5CC503A98BD6 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
16:36:45.0187 6592 amdkmdap - ok
16:36:45.0281 6592 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:36:45.0328 6592 AmdPPM - ok
16:36:45.0374 6592 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:36:45.0390 6592 amdsata - ok
16:36:45.0452 6592 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
16:36:45.0468 6592 amdsbs - ok
16:36:45.0484 6592 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:36:45.0484 6592 amdxata - ok
16:36:45.0562 6592 [ F41E453A90EF19217CEE1675F5256EE7 ] Apache2.2 c:\xampp\apache\bin\httpd.exe
16:36:45.0562 6592 Apache2.2 - ok
16:36:45.0608 6592 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
16:36:45.0624 6592 AppID - ok
16:36:45.0655 6592 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:36:45.0655 6592 AppIDSvc - ok
16:36:45.0686 6592 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
16:36:45.0718 6592 Appinfo - ok
16:36:45.0780 6592 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
16:36:45.0780 6592 arc - ok
16:36:45.0780 6592 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
16:36:45.0780 6592 arcsas - ok
16:36:47.0075 6592 [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:36:47.0200 6592 aspnet_state - ok
16:36:47.0278 6592 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
16:36:47.0278 6592 aswFsBlk - ok
16:36:47.0371 6592 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
16:36:47.0371 6592 aswMonFlt - ok
16:36:47.0434 6592 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
16:36:47.0434 6592 aswRdr - ok
16:36:47.0605 6592 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
16:36:47.0621 6592 aswSnx - ok
16:36:47.0730 6592 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
16:36:47.0746 6592 aswSP - ok
16:36:47.0870 6592 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
16:36:47.0870 6592 aswTdi - ok
16:36:47.0902 6592 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:36:47.0933 6592 AsyncMac - ok
16:36:47.0964 6592 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
16:36:47.0964 6592 atapi - ok
16:36:48.0229 6592 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:36:48.0245 6592 AudioEndpointBuilder - ok
16:36:48.0292 6592 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:36:48.0292 6592 AudioSrv - ok
16:36:49.0025 6592 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
16:36:49.0025 6592 avast! Antivirus - ok
16:36:49.0103 6592 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:36:49.0134 6592 AxInstSV - ok
16:36:49.0165 6592 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
16:36:49.0165 6592 b06bdrv - ok
16:36:49.0181 6592 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:36:49.0181 6592 b57nd60a - ok
16:36:49.0820 6592 [ 2D659B569A76CDB83B815675A80D7096 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
16:36:49.0852 6592 BCM43XX - ok
16:36:49.0914 6592 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
16:36:49.0976 6592 BDESVC - ok
16:36:49.0992 6592 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
16:36:49.0992 6592 Beep - ok
16:36:50.0039 6592 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
16:36:50.0039 6592 BFE - ok
16:36:50.0086 6592 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
16:36:50.0101 6592 BITS - ok
16:36:50.0132 6592 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:36:50.0148 6592 blbdrive - ok
16:36:50.0195 6592 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:36:50.0195 6592 bowser - ok
16:36:50.0257 6592 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:36:50.0273 6592 BrFiltLo - ok
16:36:50.0273 6592 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:36:50.0273 6592 BrFiltUp - ok
16:36:50.0366 6592 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
16:36:50.0382 6592 BridgeMP - ok
16:36:50.0413 6592 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
16:36:50.0413 6592 Browser - ok
16:36:50.0476 6592 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:36:50.0491 6592 Brserid - ok
16:36:50.0491 6592 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:36:50.0491 6592 BrSerWdm - ok
16:36:50.0491 6592 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:36:50.0491 6592 BrUsbMdm - ok
16:36:50.0507 6592 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:36:50.0507 6592 BrUsbSer - ok
16:36:50.0522 6592 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
16:36:50.0538 6592 BTHMODEM - ok
16:36:50.0554 6592 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
16:36:50.0554 6592 bthserv - ok
16:36:50.0585 6592 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:36:50.0585 6592 cdfs - ok
16:36:50.0632 6592 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
16:36:50.0632 6592 cdrom - ok
16:36:50.0678 6592 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
16:36:50.0694 6592 CertPropSvc - ok
16:36:50.0710 6592 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:36:50.0725 6592 circlass - ok
16:36:50.0741 6592 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
16:36:50.0741 6592 CLFS - ok
16:36:50.0819 6592 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:36:50.0834 6592 clr_optimization_v2.0.50727_32 - ok
16:36:50.0912 6592 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:36:50.0944 6592 clr_optimization_v2.0.50727_64 - ok
16:36:51.0162 6592 [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:36:51.0334 6592 clr_optimization_v4.0.30319_32 - ok
16:36:51.0365 6592 [ 86329C35FF23CFEF0FB6C0023BA06BCE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:36:51.0474 6592 clr_optimization_v4.0.30319_64 - ok
16:36:51.0536 6592 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:36:51.0552 6592 CmBatt - ok
16:36:51.0583 6592 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:36:51.0599 6592 cmdide - ok
16:36:51.0677 6592 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
16:36:51.0692 6592 CNG - ok
16:36:51.0770 6592 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:36:51.0770 6592 Compbatt - ok
16:36:51.0802 6592 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:36:51.0817 6592 CompositeBus - ok
16:36:51.0833 6592 COMSysApp - ok
16:36:51.0864 6592 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
16:36:51.0864 6592 crcdisk - ok
16:36:51.0926 6592 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:36:51.0942 6592 CryptSvc - ok
16:36:52.0051 6592 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:36:52.0067 6592 DcomLaunch - ok
16:36:52.0114 6592 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
16:36:52.0114 6592 defragsvc - ok
16:36:52.0145 6592 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:36:52.0160 6592 DfsC - ok
16:36:52.0207 6592 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
16:36:52.0207 6592 Dhcp - ok
16:36:52.0223 6592 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
16:36:52.0238 6592 discache - ok
16:36:52.0316 6592 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
16:36:52.0332 6592 Disk - ok
16:36:52.0363 6592 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:36:52.0363 6592 Dnscache - ok
16:36:52.0457 6592 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
16:36:52.0472 6592 dot3svc - ok
16:36:52.0519 6592 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
16:36:52.0519 6592 DPS - ok
16:36:52.0582 6592 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:36:52.0597 6592 drmkaud - ok
16:36:53.0034 6592 [ 1FCA854CEDFC2CCD0C22E46EA4EA18F1 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
16:36:53.0096 6592 DsiWMIService - ok
16:36:53.0174 6592 [ 400582B09E0BB557D0EC28A945150EEB ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
16:36:53.0174 6592 dtsoftbus01 - ok
16:36:53.0611 6592 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:36:53.0627 6592 DXGKrnl - ok
16:36:53.0705 6592 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
16:36:53.0767 6592 EapHost - ok
16:36:54.0563 6592 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
16:36:54.0688 6592 ebdrv - ok
16:36:54.0719 6592 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
16:36:54.0734 6592 EFS - ok
16:36:54.0890 6592 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:36:54.0906 6592 ehRecvr - ok
16:36:54.0968 6592 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
16:36:54.0968 6592 ehSched - ok
16:36:55.0062 6592 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
16:36:55.0109 6592 elxstor - ok
16:36:55.0187 6592 [ 3EA2C4F68A782839D97B3C83595575B6 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
16:36:55.0202 6592 ePowerSvc - ok
16:36:55.0249 6592 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:36:55.0265 6592 ErrDev - ok
16:36:55.0296 6592 [ 0975BF32399A24117E317B5BF1D5D0AA ] ETD C:\Windows\system32\DRIVERS\ETD.sys
16:36:55.0296 6592 ETD - ok
16:36:55.0421 6592 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
16:36:55.0468 6592 EventSystem - ok
16:36:55.0499 6592 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
16:36:55.0499 6592 exfat - ok
16:36:55.0546 6592 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:36:55.0546 6592 fastfat - ok
16:36:55.0858 6592 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
16:36:55.0889 6592 Fax - ok
16:36:55.0936 6592 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:36:55.0951 6592 fdc - ok
16:36:55.0967 6592 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
16:36:55.0967 6592 fdPHost - ok
16:36:56.0014 6592 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
16:36:56.0029 6592 FDResPub - ok
16:36:56.0045 6592 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:36:56.0045 6592 FileInfo - ok
16:36:56.0060 6592 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:36:56.0060 6592 Filetrace - ok
16:36:56.0294 6592 [ 7F4536B6D4712EE0A710ADE142EE5001 ] FileZilla Server C:\Program Files (x86)\xampp\FileZillaFTP\FileZillaServer.exe
16:36:56.0341 6592 FileZilla Server - ok
16:36:56.0544 6592 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:36:56.0606 6592 FLEXnet Licensing Service - ok
16:36:56.0638 6592 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:36:56.0638 6592 flpydisk - ok
16:36:56.0716 6592 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:36:56.0778 6592 FltMgr - ok
16:36:56.0840 6592 [ E94E042BC24BB301767A8125D529B705 ] fltsrv C:\Windows\system32\DRIVERS\fltsrv.sys
16:36:56.0840 6592 fltsrv - ok
16:36:57.0106 6592 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
16:36:57.0152 6592 FontCache - ok
16:36:57.0277 6592 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:36:57.0308 6592 FontCache3.0.0.0 - ok
16:36:57.0340 6592 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:36:57.0340 6592 FsDepends - ok
16:36:57.0371 6592 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:36:57.0371 6592 Fs_Rec - ok
16:36:57.0480 6592 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:36:57.0511 6592 fvevol - ok
16:36:57.0558 6592 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
16:36:57.0558 6592 gagp30kx - ok
16:36:57.0636 6592 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
16:36:57.0652 6592 gpsvc - ok
16:36:57.0776 6592 [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
16:36:57.0808 6592 GREGService - ok
16:36:57.0870 6592 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:36:57.0886 6592 gupdate - ok
16:36:57.0886 6592 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:36:57.0886 6592 gupdatem - ok
16:36:57.0948 6592 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
16:36:57.0964 6592 hamachi - ok
16:36:57.0995 6592 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:36:57.0995 6592 hcw85cir - ok
16:36:58.0042 6592 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:36:58.0088 6592 HdAudAddService - ok
16:36:58.0135 6592 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
16:36:58.0135 6592 HDAudBus - ok
16:36:58.0151 6592 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
16:36:58.0166 6592 HECIx64 - ok
16:36:58.0182 6592 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
16:36:58.0198 6592 HidBatt - ok
16:36:58.0198 6592 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
16:36:58.0198 6592 HidBth - ok
16:36:58.0244 6592 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:36:58.0260 6592 HidIr - ok
16:36:58.0276 6592 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
16:36:58.0276 6592 hidserv - ok
16:36:58.0307 6592 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:36:58.0338 6592 HidUsb - ok
16:36:58.0369 6592 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:36:58.0369 6592 hkmsvc - ok
16:36:58.0494 6592 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:36:58.0494 6592 HomeGroupListener - ok
16:36:58.0588 6592 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:36:58.0634 6592 HomeGroupProvider - ok
16:36:58.0681 6592 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:36:58.0697 6592 HpSAMD - ok
16:36:58.0744 6592 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:36:58.0759 6592 HTTP - ok
16:36:58.0806 6592 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:36:58.0806 6592 hwpolicy - ok
16:36:58.0868 6592 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:36:58.0884 6592 i8042prt - ok
16:36:58.0978 6592 [ 1384872112E8E7FD5786ECEB8BDDF4C9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
16:36:58.0978 6592 iaStor - ok
16:36:59.0212 6592 [ 6B24D1C3096DE796D15571079EA5E98C ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
16:36:59.0212 6592 IAStorDataMgrSvc - ok
16:36:59.0368 6592 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:36:59.0430 6592 iaStorV - ok
16:36:59.0664 6592 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:36:59.0680 6592 idsvc - ok
16:36:59.0711 6592 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
16:36:59.0726 6592 iirsp - ok
16:36:59.0867 6592 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
16:36:59.0898 6592 IKEEXT - ok
16:36:59.0976 6592 [ 235362D403D9D677514649D88DB31914 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:36:59.0992 6592 IntcAzAudAddService - ok
16:37:00.0038 6592 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
16:37:00.0038 6592 intelide - ok
16:37:00.0070 6592 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:37:00.0070 6592 intelppm - ok
16:37:00.0101 6592 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:37:00.0101 6592 IPBusEnum - ok
16:37:00.0148 6592 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:37:00.0163 6592 IpFilterDriver - ok
16:37:00.0304 6592 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:37:00.0350 6592 iphlpsvc - ok
16:37:00.0428 6592 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:37:00.0444 6592 IPMIDRV - ok
16:37:00.0475 6592 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:37:00.0475 6592 IPNAT - ok
16:37:00.0491 6592 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:37:00.0506 6592 IRENUM - ok
16:37:00.0522 6592 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:37:00.0522 6592 isapnp - ok
16:37:00.0553 6592 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:37:00.0569 6592 iScsiPrt - ok
16:37:00.0616 6592 [ 37E053A2CF8F0082B689ED74106E0CEC ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
16:37:00.0616 6592 k57nd60a - ok
16:37:00.0709 6592 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:37:00.0709 6592 kbdclass - ok
16:37:00.0756 6592 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:37:00.0772 6592 kbdhid - ok
16:37:00.0787 6592 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
16:37:00.0787 6592 KeyIso - ok
16:37:00.0818 6592 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:37:00.0818 6592 KSecDD - ok
16:37:00.0896 6592 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:37:00.0928 6592 KSecPkg - ok
16:37:00.0959 6592 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:37:00.0959 6592 ksthunk - ok
16:37:01.0037 6592 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
16:37:01.0052 6592 KtmRm - ok
16:37:01.0162 6592 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
16:37:01.0177 6592 LanmanServer - ok
16:37:01.0271 6592 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:37:01.0318 6592 LanmanWorkstation - ok
16:37:01.0567 6592 [ 95EC0CB52692894E050CFC3573ABC3B2 ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
16:37:01.0583 6592 LBTServ - ok
16:37:01.0645 6592 [ 4838EA42D5BBE1CA6BEE9BBA35E8D2E5 ] LEqdUsb C:\Windows\system32\DRIVERS\LEqdUsb.Sys
16:37:01.0661 6592 LEqdUsb - ok
16:37:01.0739 6592 [ 6F63F8A7FF6D4671973619BCF821B2F5 ] LHidEqd C:\Windows\system32\DRIVERS\LHidEqd.Sys
16:37:01.0739 6592 LHidEqd - ok
16:37:01.0817 6592 [ E536A1D8502D0CA79B928CAB9EAEB807 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
16:37:01.0817 6592 LHidFilt - ok
16:37:01.0848 6592 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:37:01.0864 6592 lltdio - ok
16:37:01.0988 6592 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:37:02.0004 6592 lltdsvc - ok
16:37:02.0051 6592 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:37:02.0051 6592 lmhosts - ok
16:37:02.0113 6592 [ DBC1136A62BD4DECC3632DF650284C2E ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:37:02.0129 6592 LMS - ok
16:37:02.0160 6592 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
16:37:02.0160 6592 LSI_FC - ok
16:37:02.0222 6592 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
16:37:02.0238 6592 LSI_SAS - ok
16:37:02.0238 6592 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:37:02.0238 6592 LSI_SAS2 - ok
16:37:02.0254 6592 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:37:02.0254 6592 LSI_SCSI - ok
16:37:02.0269 6592 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
16:37:02.0269 6592 luafv - ok
16:37:02.0269 6592 massfilter - ok
16:37:02.0316 6592 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:37:02.0332 6592 Mcx2Svc - ok
16:37:02.0332 6592 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
16:37:02.0332 6592 megasas - ok
16:37:02.0363 6592 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
16:37:02.0363 6592 MegaSR - ok
16:37:02.0410 6592 Microsoft SharePoint Workspace Audit Service - ok
16:37:02.0488 6592 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
16:37:02.0519 6592 MMCSS - ok
16:37:02.0550 6592 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
16:37:02.0550 6592 Modem - ok
16:37:02.0581 6592 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:37:02.0581 6592 monitor - ok
16:37:02.0597 6592 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:37:02.0597 6592 mouclass - ok
16:37:02.0644 6592 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:37:02.0659 6592 mouhid - ok
16:37:02.0690 6592 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:37:02.0690 6592 mountmgr - ok
16:37:02.0706 6592 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
16:37:02.0706 6592 mpio - ok
16:37:02.0722 6592 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:37:02.0722 6592 mpsdrv - ok
16:37:02.0815 6592 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:37:02.0831 6592 MpsSvc - ok
16:37:02.0878 6592 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:37:02.0878 6592 MRxDAV - ok
16:37:02.0909 6592 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:37:02.0909 6592 mrxsmb - ok
16:37:02.0924 6592 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:37:02.0924 6592 mrxsmb10 - ok
16:37:02.0940 6592 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:37:02.0940 6592 mrxsmb20 - ok
16:37:02.0987 6592 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
16:37:03.0002 6592 msahci - ok
16:37:03.0049 6592 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:37:03.0049 6592 msdsm - ok
16:37:03.0143 6592 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
16:37:03.0174 6592 MSDTC - ok
16:37:03.0236 6592 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:37:03.0268 6592 Msfs - ok
16:37:03.0299 6592 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:37:03.0314 6592 mshidkmdf - ok
16:37:03.0377 6592 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:37:03.0377 6592 msisadrv - ok
16:37:03.0470 6592 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:37:03.0486 6592 MSiSCSI - ok
16:37:03.0486 6592 msiserver - ok
16:37:03.0548 6592 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:37:03.0564 6592 MSKSSRV - ok
16:37:03.0595 6592 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:37:03.0611 6592 MSPCLOCK - ok
16:37:03.0642 6592 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:37:03.0658 6592 MSPQM - ok
16:37:03.0767 6592 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:37:03.0798 6592 MsRPC - ok
16:37:03.0860 6592 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:37:03.0860 6592 mssmbios - ok
16:37:03.0954 6592 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:37:03.0985 6592 MSTEE - ok
16:37:03.0985 6592 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
16:37:04.0001 6592 MTConfig - ok
16:37:04.0032 6592 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
16:37:04.0032 6592 Mup - ok
16:37:04.0282 6592 mysql - ok
16:37:04.0422 6592 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
16:37:04.0422 6592 napagent - ok
16:37:04.0547 6592 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:37:04.0547 6592 NativeWifiP - ok
16:37:04.0718 6592 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:37:04.0765 6592 NDIS - ok
16:37:04.0828 6592 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:37:04.0843 6592 NdisCap - ok
16:37:04.0890 6592 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:37:04.0906 6592 NdisTapi - ok
16:37:04.0968 6592 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:37:04.0984 6592 Ndisuio - ok
16:37:05.0062 6592 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:37:05.0062 6592 NdisWan - ok
16:37:05.0108 6592 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:37:05.0140 6592 NDProxy - ok
16:37:05.0202 6592 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:37:05.0218 6592 NetBIOS - ok
16:37:05.0280 6592 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:37:05.0296 6592 NetBT - ok
16:37:05.0327 6592 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
16:37:05.0327 6592 Netlogon - ok
16:37:05.0374 6592 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
16:37:05.0389 6592 Netman - ok
16:37:05.0483 6592 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:37:05.0498 6592 NetMsmqActivator - ok
16:37:05.0530 6592 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:37:05.0530 6592 NetPipeActivator - ok
16:37:05.0576 6592 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
16:37:05.0592 6592 netprofm - ok
16:37:05.0592 6592 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:37:05.0592 6592 NetTcpActivator - ok
16:37:05.0592 6592 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:37:05.0592 6592 NetTcpPortSharing - ok
16:37:05.0951 6592 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
16:37:05.0966 6592 nfrd960 - ok
16:37:06.0029 6592 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:37:06.0060 6592 NlaSvc - ok
16:37:06.0107 6592 [ 5FE6F8C05F0769BBB74AFAC11453B182 ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys
16:37:06.0138 6592 nmwcd - ok
16:37:06.0169 6592 [ 73C929945C0850B8D1FE2FEA05FDF05D ] nmwcdc C:\Windows\system32\drivers\ccdcmbox64.sys
16:37:06.0185 6592 nmwcdc - ok
16:37:06.0232 6592 [ 292DDF13F91F2CB2482B57AACD6AEB9B ] nmwcdnsux64 C:\Windows\system32\drivers\nmwcdnsux64.sys
16:37:06.0247 6592 nmwcdnsux64 - ok
16:37:06.0278 6592 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:37:06.0278 6592 Npfs - ok
16:37:06.0325 6592 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
16:37:06.0356 6592 nsi - ok
16:37:06.0419 6592 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:37:06.0419 6592 nsiproxy - ok
16:37:06.0637 6592 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:37:06.0653 6592 Ntfs - ok
16:37:06.0778 6592 [ 9A308FCDCCA98A15B6F62D36A272160E ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
16:37:06.0793 6592 NTI IScheduleSvc - ok
16:37:06.0809 6592 [ EE3BA1024594D5D09E314F206B94069E ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
16:37:06.0809 6592 NTIDrvr - ok
16:37:06.0840 6592 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
16:37:06.0856 6592 Null - ok
16:37:06.0902 6592 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:37:06.0902 6592 nvraid - ok
16:37:06.0918 6592 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:37:06.0934 6592 nvstor - ok
16:37:06.0949 6592 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:37:06.0949 6592 nv_agp - ok
16:37:07.0012 6592 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:37:07.0043 6592 ohci1394 - ok
16:37:07.0105 6592 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:37:07.0121 6592 ose64 - ok
16:37:08.0213 6592 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:37:08.0338 6592 osppsvc - ok
16:37:08.0478 6592 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:37:08.0509 6592 p2pimsvc - ok
16:37:08.0696 6592 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
16:37:08.0712 6592 p2psvc - ok
16:37:08.0759 6592 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
16:37:08.0774 6592 Parport - ok
16:37:08.0837 6592 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:37:08.0837 6592 partmgr - ok
16:37:08.0899 6592 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:37:08.0915 6592 PcaSvc - ok
16:37:08.0993 6592 [ BC0018C2D29F655188A0ED3FA94FDB24 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
16:37:09.0024 6592 pccsmcfd - ok
16:37:09.0071 6592 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
16:37:09.0071 6592 pci - ok
16:37:09.0118 6592 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
16:37:09.0118 6592 pciide - ok
16:37:09.0242 6592 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
16:37:09.0289 6592 pcmcia - ok
16:37:09.0320 6592 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
16:37:09.0320 6592 pcw - ok
16:37:09.0352 6592 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:37:09.0367 6592 PEAUTH - ok
16:37:09.0601 6592 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:37:09.0601 6592 PerfHost - ok
16:37:09.0726 6592 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
16:37:09.0742 6592 pla - ok
16:37:09.0757 6592 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:37:09.0773 6592 PlugPlay - ok
16:37:09.0773 6592 PnkBstrA - ok
16:37:09.0804 6592 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:37:09.0804 6592 PNRPAutoReg - ok
16:37:09.0866 6592 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
Tdsskiller
16:36:22.0708 6428 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
16:36:22.0926 6428 ============================================================
16:36:22.0926 6428 Current date / time: 2013/01/28 16:36:22.0926
16:36:22.0926 6428 SystemInfo:
16:36:22.0926 6428
16:36:22.0926 6428 OS Version: 6.1.7601 ServicePack: 1.0
16:36:22.0926 6428 Product type: Workstation
16:36:22.0926 6428 ComputerName: HOLI-PC
16:36:22.0926 6428 UserName: Holi
16:36:22.0926 6428 Windows directory: C:\Windows
16:36:22.0926 6428 System windows directory: C:\Windows
16:36:22.0926 6428 Running under WOW64
16:36:22.0926 6428 Processor architecture: Intel x64
16:36:22.0926 6428 Number of processors: 4
16:36:22.0926 6428 Page size: 0x1000
16:36:22.0926 6428 Boot type: Normal boot
16:36:22.0926 6428 ============================================================
16:36:26.0592 6428 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:36:26.0592 6428 ============================================================
16:36:26.0592 6428 \Device\Harddisk0\DR0:
16:36:26.0592 6428 MBR partitions:
16:36:26.0592 6428 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A3857F1
16:36:26.0592 6428 ============================================================
16:36:26.0748 6428 C: <-> \Device\Harddisk0\DR0\Partition1
16:36:26.0748 6428 ============================================================
16:36:26.0748 6428 Initialize success
16:36:26.0748 6428 ============================================================
16:36:36.0794 6520 ============================================================
16:36:36.0794 6520 Scan started
16:36:36.0794 6520 Mode: Manual;
16:36:36.0794 6520 ============================================================
16:36:38.0198 6520 ================ Scan system memory ========================
16:36:38.0198 6520 Scan interrupted by user!
16:36:38.0198 6520 ================ Scan services =============================
16:36:38.0261 6520 Scan interrupted by user!
16:36:38.0261 6520 ================ Scan global ===============================
16:36:38.0261 6520 Scan interrupted by user!
16:36:38.0261 6520 ================ Scan MBR ==================================
16:36:38.0261 6520 Scan interrupted by user!
16:36:38.0261 6520 ================ Scan VBR ==================================
16:36:38.0261 6520 Scan interrupted by user!
16:36:38.0261 6520 ============================================================
16:36:38.0261 6520 Scan finished
16:36:38.0261 6520 ============================================================
16:36:38.0261 6548 Detected object count: 0
16:36:38.0261 6548 Actual detected object count: 0
16:36:40.0320 6592 ============================================================
16:36:40.0320 6592 Scan started
16:36:40.0320 6592 Mode: Manual;
16:36:40.0320 6592 ============================================================
16:36:40.0632 6592 ================ Scan system memory ========================
16:36:40.0632 6592 System memory - ok
16:36:40.0632 6592 ================ Scan services =============================
16:36:41.0599 6592 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:36:41.0615 6592 1394ohci - ok
16:36:41.0646 6592 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:36:41.0662 6592 ACPI - ok
16:36:41.0708 6592 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:36:41.0740 6592 AcpiPmi - ok
16:36:42.0722 6592 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:36:42.0754 6592 AdobeFlashPlayerUpdateSvc - ok
16:36:42.0832 6592 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
16:36:42.0847 6592 adp94xx - ok
16:36:42.0847 6592 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
16:36:42.0847 6592 adpahci - ok
16:36:42.0863 6592 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
16:36:42.0863 6592 adpu320 - ok
16:36:42.0894 6592 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:36:42.0910 6592 AeLookupSvc - ok
16:36:42.0941 6592 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
16:36:42.0956 6592 AFD - ok
16:36:43.0003 6592 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:36:43.0003 6592 agp440 - ok
16:36:43.0034 6592 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
16:36:43.0034 6592 ALG - ok
16:36:43.0081 6592 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
16:36:43.0097 6592 aliide - ok
16:36:43.0112 6592 [ F687D4976EFF550FB0BE45A5CB19F18F ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:36:43.0128 6592 AMD External Events Utility - ok
16:36:43.0144 6592 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
16:36:43.0144 6592 amdide - ok
16:36:43.0237 6592 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
16:36:43.0253 6592 AmdK8 - ok
16:36:44.0594 6592 [ 74687C33C4AD25A975BBB1EA1E8B3884 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:36:44.0953 6592 amdkmdag - ok
16:36:45.0187 6592 [ C7F56ED86327A78E7F8A5CC503A98BD6 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
16:36:45.0187 6592 amdkmdap - ok
16:36:45.0281 6592 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:36:45.0328 6592 AmdPPM - ok
16:36:45.0374 6592 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:36:45.0390 6592 amdsata - ok
16:36:45.0452 6592 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
16:36:45.0468 6592 amdsbs - ok
16:36:45.0484 6592 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:36:45.0484 6592 amdxata - ok
16:36:45.0562 6592 [ F41E453A90EF19217CEE1675F5256EE7 ] Apache2.2 c:\xampp\apache\bin\httpd.exe
16:36:45.0562 6592 Apache2.2 - ok
16:36:45.0608 6592 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
16:36:45.0624 6592 AppID - ok
16:36:45.0655 6592 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:36:45.0655 6592 AppIDSvc - ok
16:36:45.0686 6592 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
16:36:45.0718 6592 Appinfo - ok
16:36:45.0780 6592 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
16:36:45.0780 6592 arc - ok
16:36:45.0780 6592 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
16:36:45.0780 6592 arcsas - ok
16:36:47.0075 6592 [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:36:47.0200 6592 aspnet_state - ok
16:36:47.0278 6592 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
16:36:47.0278 6592 aswFsBlk - ok
16:36:47.0371 6592 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
16:36:47.0371 6592 aswMonFlt - ok
16:36:47.0434 6592 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
16:36:47.0434 6592 aswRdr - ok
16:36:47.0605 6592 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
16:36:47.0621 6592 aswSnx - ok
16:36:47.0730 6592 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
16:36:47.0746 6592 aswSP - ok
16:36:47.0870 6592 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
16:36:47.0870 6592 aswTdi - ok
16:36:47.0902 6592 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:36:47.0933 6592 AsyncMac - ok
16:36:47.0964 6592 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
16:36:47.0964 6592 atapi - ok
16:36:48.0229 6592 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:36:48.0245 6592 AudioEndpointBuilder - ok
16:36:48.0292 6592 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:36:48.0292 6592 AudioSrv - ok
16:36:49.0025 6592 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
16:36:49.0025 6592 avast! Antivirus - ok
16:36:49.0103 6592 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:36:49.0134 6592 AxInstSV - ok
16:36:49.0165 6592 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
16:36:49.0165 6592 b06bdrv - ok
16:36:49.0181 6592 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:36:49.0181 6592 b57nd60a - ok
16:36:49.0820 6592 [ 2D659B569A76CDB83B815675A80D7096 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
16:36:49.0852 6592 BCM43XX - ok
16:36:49.0914 6592 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
16:36:49.0976 6592 BDESVC - ok
16:36:49.0992 6592 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
16:36:49.0992 6592 Beep - ok
16:36:50.0039 6592 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
16:36:50.0039 6592 BFE - ok
16:36:50.0086 6592 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
16:36:50.0101 6592 BITS - ok
16:36:50.0132 6592 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:36:50.0148 6592 blbdrive - ok
16:36:50.0195 6592 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:36:50.0195 6592 bowser - ok
16:36:50.0257 6592 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:36:50.0273 6592 BrFiltLo - ok
16:36:50.0273 6592 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:36:50.0273 6592 BrFiltUp - ok
16:36:50.0366 6592 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
16:36:50.0382 6592 BridgeMP - ok
16:36:50.0413 6592 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
16:36:50.0413 6592 Browser - ok
16:36:50.0476 6592 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:36:50.0491 6592 Brserid - ok
16:36:50.0491 6592 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:36:50.0491 6592 BrSerWdm - ok
16:36:50.0491 6592 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:36:50.0491 6592 BrUsbMdm - ok
16:36:50.0507 6592 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:36:50.0507 6592 BrUsbSer - ok
16:36:50.0522 6592 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
16:36:50.0538 6592 BTHMODEM - ok
16:36:50.0554 6592 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
16:36:50.0554 6592 bthserv - ok
16:36:50.0585 6592 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:36:50.0585 6592 cdfs - ok
16:36:50.0632 6592 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
16:36:50.0632 6592 cdrom - ok
16:36:50.0678 6592 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
16:36:50.0694 6592 CertPropSvc - ok
16:36:50.0710 6592 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:36:50.0725 6592 circlass - ok
16:36:50.0741 6592 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
16:36:50.0741 6592 CLFS - ok
16:36:50.0819 6592 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:36:50.0834 6592 clr_optimization_v2.0.50727_32 - ok
16:36:50.0912 6592 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:36:50.0944 6592 clr_optimization_v2.0.50727_64 - ok
16:36:51.0162 6592 [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:36:51.0334 6592 clr_optimization_v4.0.30319_32 - ok
16:36:51.0365 6592 [ 86329C35FF23CFEF0FB6C0023BA06BCE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:36:51.0474 6592 clr_optimization_v4.0.30319_64 - ok
16:36:51.0536 6592 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:36:51.0552 6592 CmBatt - ok
16:36:51.0583 6592 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:36:51.0599 6592 cmdide - ok
16:36:51.0677 6592 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
16:36:51.0692 6592 CNG - ok
16:36:51.0770 6592 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:36:51.0770 6592 Compbatt - ok
16:36:51.0802 6592 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:36:51.0817 6592 CompositeBus - ok
16:36:51.0833 6592 COMSysApp - ok
16:36:51.0864 6592 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
16:36:51.0864 6592 crcdisk - ok
16:36:51.0926 6592 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:36:51.0942 6592 CryptSvc - ok
16:36:52.0051 6592 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:36:52.0067 6592 DcomLaunch - ok
16:36:52.0114 6592 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
16:36:52.0114 6592 defragsvc - ok
16:36:52.0145 6592 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:36:52.0160 6592 DfsC - ok
16:36:52.0207 6592 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
16:36:52.0207 6592 Dhcp - ok
16:36:52.0223 6592 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
16:36:52.0238 6592 discache - ok
16:36:52.0316 6592 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
16:36:52.0332 6592 Disk - ok
16:36:52.0363 6592 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:36:52.0363 6592 Dnscache - ok
16:36:52.0457 6592 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
16:36:52.0472 6592 dot3svc - ok
16:36:52.0519 6592 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
16:36:52.0519 6592 DPS - ok
16:36:52.0582 6592 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:36:52.0597 6592 drmkaud - ok
16:36:53.0034 6592 [ 1FCA854CEDFC2CCD0C22E46EA4EA18F1 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
16:36:53.0096 6592 DsiWMIService - ok
16:36:53.0174 6592 [ 400582B09E0BB557D0EC28A945150EEB ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
16:36:53.0174 6592 dtsoftbus01 - ok
16:36:53.0611 6592 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:36:53.0627 6592 DXGKrnl - ok
16:36:53.0705 6592 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
16:36:53.0767 6592 EapHost - ok
16:36:54.0563 6592 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
16:36:54.0688 6592 ebdrv - ok
16:36:54.0719 6592 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
16:36:54.0734 6592 EFS - ok
16:36:54.0890 6592 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:36:54.0906 6592 ehRecvr - ok
16:36:54.0968 6592 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
16:36:54.0968 6592 ehSched - ok
16:36:55.0062 6592 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
16:36:55.0109 6592 elxstor - ok
16:36:55.0187 6592 [ 3EA2C4F68A782839D97B3C83595575B6 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
16:36:55.0202 6592 ePowerSvc - ok
16:36:55.0249 6592 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:36:55.0265 6592 ErrDev - ok
16:36:55.0296 6592 [ 0975BF32399A24117E317B5BF1D5D0AA ] ETD C:\Windows\system32\DRIVERS\ETD.sys
16:36:55.0296 6592 ETD - ok
16:36:55.0421 6592 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
16:36:55.0468 6592 EventSystem - ok
16:36:55.0499 6592 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
16:36:55.0499 6592 exfat - ok
16:36:55.0546 6592 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:36:55.0546 6592 fastfat - ok
16:36:55.0858 6592 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
16:36:55.0889 6592 Fax - ok
16:36:55.0936 6592 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:36:55.0951 6592 fdc - ok
16:36:55.0967 6592 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
16:36:55.0967 6592 fdPHost - ok
16:36:56.0014 6592 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
16:36:56.0029 6592 FDResPub - ok
16:36:56.0045 6592 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:36:56.0045 6592 FileInfo - ok
16:36:56.0060 6592 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:36:56.0060 6592 Filetrace - ok
16:36:56.0294 6592 [ 7F4536B6D4712EE0A710ADE142EE5001 ] FileZilla Server C:\Program Files (x86)\xampp\FileZillaFTP\FileZillaServer.exe
16:36:56.0341 6592 FileZilla Server - ok
16:36:56.0544 6592 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:36:56.0606 6592 FLEXnet Licensing Service - ok
16:36:56.0638 6592 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:36:56.0638 6592 flpydisk - ok
16:36:56.0716 6592 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:36:56.0778 6592 FltMgr - ok
16:36:56.0840 6592 [ E94E042BC24BB301767A8125D529B705 ] fltsrv C:\Windows\system32\DRIVERS\fltsrv.sys
16:36:56.0840 6592 fltsrv - ok
16:36:57.0106 6592 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
16:36:57.0152 6592 FontCache - ok
16:36:57.0277 6592 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:36:57.0308 6592 FontCache3.0.0.0 - ok
16:36:57.0340 6592 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:36:57.0340 6592 FsDepends - ok
16:36:57.0371 6592 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:36:57.0371 6592 Fs_Rec - ok
16:36:57.0480 6592 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:36:57.0511 6592 fvevol - ok
16:36:57.0558 6592 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
16:36:57.0558 6592 gagp30kx - ok
16:36:57.0636 6592 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
16:36:57.0652 6592 gpsvc - ok
16:36:57.0776 6592 [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
16:36:57.0808 6592 GREGService - ok
16:36:57.0870 6592 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:36:57.0886 6592 gupdate - ok
16:36:57.0886 6592 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:36:57.0886 6592 gupdatem - ok
16:36:57.0948 6592 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
16:36:57.0964 6592 hamachi - ok
16:36:57.0995 6592 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:36:57.0995 6592 hcw85cir - ok
16:36:58.0042 6592 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:36:58.0088 6592 HdAudAddService - ok
16:36:58.0135 6592 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
16:36:58.0135 6592 HDAudBus - ok
16:36:58.0151 6592 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
16:36:58.0166 6592 HECIx64 - ok
16:36:58.0182 6592 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
16:36:58.0198 6592 HidBatt - ok
16:36:58.0198 6592 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
16:36:58.0198 6592 HidBth - ok
16:36:58.0244 6592 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:36:58.0260 6592 HidIr - ok
16:36:58.0276 6592 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
16:36:58.0276 6592 hidserv - ok
16:36:58.0307 6592 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:36:58.0338 6592 HidUsb - ok
16:36:58.0369 6592 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:36:58.0369 6592 hkmsvc - ok
16:36:58.0494 6592 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:36:58.0494 6592 HomeGroupListener - ok
16:36:58.0588 6592 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:36:58.0634 6592 HomeGroupProvider - ok
16:36:58.0681 6592 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:36:58.0697 6592 HpSAMD - ok
16:36:58.0744 6592 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:36:58.0759 6592 HTTP - ok
16:36:58.0806 6592 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:36:58.0806 6592 hwpolicy - ok
16:36:58.0868 6592 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:36:58.0884 6592 i8042prt - ok
16:36:58.0978 6592 [ 1384872112E8E7FD5786ECEB8BDDF4C9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
16:36:58.0978 6592 iaStor - ok
16:36:59.0212 6592 [ 6B24D1C3096DE796D15571079EA5E98C ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
16:36:59.0212 6592 IAStorDataMgrSvc - ok
16:36:59.0368 6592 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:36:59.0430 6592 iaStorV - ok
16:36:59.0664 6592 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:36:59.0680 6592 idsvc - ok
16:36:59.0711 6592 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
16:36:59.0726 6592 iirsp - ok
16:36:59.0867 6592 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
16:36:59.0898 6592 IKEEXT - ok
16:36:59.0976 6592 [ 235362D403D9D677514649D88DB31914 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:36:59.0992 6592 IntcAzAudAddService - ok
16:37:00.0038 6592 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
16:37:00.0038 6592 intelide - ok
16:37:00.0070 6592 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:37:00.0070 6592 intelppm - ok
16:37:00.0101 6592 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:37:00.0101 6592 IPBusEnum - ok
16:37:00.0148 6592 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:37:00.0163 6592 IpFilterDriver - ok
16:37:00.0304 6592 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:37:00.0350 6592 iphlpsvc - ok
16:37:00.0428 6592 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:37:00.0444 6592 IPMIDRV - ok
16:37:00.0475 6592 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:37:00.0475 6592 IPNAT - ok
16:37:00.0491 6592 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:37:00.0506 6592 IRENUM - ok
16:37:00.0522 6592 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:37:00.0522 6592 isapnp - ok
16:37:00.0553 6592 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:37:00.0569 6592 iScsiPrt - ok
16:37:00.0616 6592 [ 37E053A2CF8F0082B689ED74106E0CEC ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
16:37:00.0616 6592 k57nd60a - ok
16:37:00.0709 6592 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:37:00.0709 6592 kbdclass - ok
16:37:00.0756 6592 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:37:00.0772 6592 kbdhid - ok
16:37:00.0787 6592 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
16:37:00.0787 6592 KeyIso - ok
16:37:00.0818 6592 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:37:00.0818 6592 KSecDD - ok
16:37:00.0896 6592 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:37:00.0928 6592 KSecPkg - ok
16:37:00.0959 6592 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:37:00.0959 6592 ksthunk - ok
16:37:01.0037 6592 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
16:37:01.0052 6592 KtmRm - ok
16:37:01.0162 6592 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
16:37:01.0177 6592 LanmanServer - ok
16:37:01.0271 6592 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:37:01.0318 6592 LanmanWorkstation - ok
16:37:01.0567 6592 [ 95EC0CB52692894E050CFC3573ABC3B2 ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
16:37:01.0583 6592 LBTServ - ok
16:37:01.0645 6592 [ 4838EA42D5BBE1CA6BEE9BBA35E8D2E5 ] LEqdUsb C:\Windows\system32\DRIVERS\LEqdUsb.Sys
16:37:01.0661 6592 LEqdUsb - ok
16:37:01.0739 6592 [ 6F63F8A7FF6D4671973619BCF821B2F5 ] LHidEqd C:\Windows\system32\DRIVERS\LHidEqd.Sys
16:37:01.0739 6592 LHidEqd - ok
16:37:01.0817 6592 [ E536A1D8502D0CA79B928CAB9EAEB807 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
16:37:01.0817 6592 LHidFilt - ok
16:37:01.0848 6592 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:37:01.0864 6592 lltdio - ok
16:37:01.0988 6592 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:37:02.0004 6592 lltdsvc - ok
16:37:02.0051 6592 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:37:02.0051 6592 lmhosts - ok
16:37:02.0113 6592 [ DBC1136A62BD4DECC3632DF650284C2E ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:37:02.0129 6592 LMS - ok
16:37:02.0160 6592 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
16:37:02.0160 6592 LSI_FC - ok
16:37:02.0222 6592 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
16:37:02.0238 6592 LSI_SAS - ok
16:37:02.0238 6592 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:37:02.0238 6592 LSI_SAS2 - ok
16:37:02.0254 6592 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:37:02.0254 6592 LSI_SCSI - ok
16:37:02.0269 6592 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
16:37:02.0269 6592 luafv - ok
16:37:02.0269 6592 massfilter - ok
16:37:02.0316 6592 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:37:02.0332 6592 Mcx2Svc - ok
16:37:02.0332 6592 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
16:37:02.0332 6592 megasas - ok
16:37:02.0363 6592 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
16:37:02.0363 6592 MegaSR - ok
16:37:02.0410 6592 Microsoft SharePoint Workspace Audit Service - ok
16:37:02.0488 6592 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
16:37:02.0519 6592 MMCSS - ok
16:37:02.0550 6592 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
16:37:02.0550 6592 Modem - ok
16:37:02.0581 6592 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:37:02.0581 6592 monitor - ok
16:37:02.0597 6592 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:37:02.0597 6592 mouclass - ok
16:37:02.0644 6592 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:37:02.0659 6592 mouhid - ok
16:37:02.0690 6592 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:37:02.0690 6592 mountmgr - ok
16:37:02.0706 6592 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
16:37:02.0706 6592 mpio - ok
16:37:02.0722 6592 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:37:02.0722 6592 mpsdrv - ok
16:37:02.0815 6592 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:37:02.0831 6592 MpsSvc - ok
16:37:02.0878 6592 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:37:02.0878 6592 MRxDAV - ok
16:37:02.0909 6592 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:37:02.0909 6592 mrxsmb - ok
16:37:02.0924 6592 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:37:02.0924 6592 mrxsmb10 - ok
16:37:02.0940 6592 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:37:02.0940 6592 mrxsmb20 - ok
16:37:02.0987 6592 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
16:37:03.0002 6592 msahci - ok
16:37:03.0049 6592 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:37:03.0049 6592 msdsm - ok
16:37:03.0143 6592 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
16:37:03.0174 6592 MSDTC - ok
16:37:03.0236 6592 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:37:03.0268 6592 Msfs - ok
16:37:03.0299 6592 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:37:03.0314 6592 mshidkmdf - ok
16:37:03.0377 6592 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:37:03.0377 6592 msisadrv - ok
16:37:03.0470 6592 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:37:03.0486 6592 MSiSCSI - ok
16:37:03.0486 6592 msiserver - ok
16:37:03.0548 6592 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:37:03.0564 6592 MSKSSRV - ok
16:37:03.0595 6592 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:37:03.0611 6592 MSPCLOCK - ok
16:37:03.0642 6592 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:37:03.0658 6592 MSPQM - ok
16:37:03.0767 6592 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:37:03.0798 6592 MsRPC - ok
16:37:03.0860 6592 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:37:03.0860 6592 mssmbios - ok
16:37:03.0954 6592 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:37:03.0985 6592 MSTEE - ok
16:37:03.0985 6592 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
16:37:04.0001 6592 MTConfig - ok
16:37:04.0032 6592 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
16:37:04.0032 6592 Mup - ok
16:37:04.0282 6592 mysql - ok
16:37:04.0422 6592 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
16:37:04.0422 6592 napagent - ok
16:37:04.0547 6592 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:37:04.0547 6592 NativeWifiP - ok
16:37:04.0718 6592 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:37:04.0765 6592 NDIS - ok
16:37:04.0828 6592 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:37:04.0843 6592 NdisCap - ok
16:37:04.0890 6592 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:37:04.0906 6592 NdisTapi - ok
16:37:04.0968 6592 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:37:04.0984 6592 Ndisuio - ok
16:37:05.0062 6592 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:37:05.0062 6592 NdisWan - ok
16:37:05.0108 6592 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:37:05.0140 6592 NDProxy - ok
16:37:05.0202 6592 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:37:05.0218 6592 NetBIOS - ok
16:37:05.0280 6592 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:37:05.0296 6592 NetBT - ok
16:37:05.0327 6592 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
16:37:05.0327 6592 Netlogon - ok
16:37:05.0374 6592 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
16:37:05.0389 6592 Netman - ok
16:37:05.0483 6592 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:37:05.0498 6592 NetMsmqActivator - ok
16:37:05.0530 6592 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:37:05.0530 6592 NetPipeActivator - ok
16:37:05.0576 6592 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
16:37:05.0592 6592 netprofm - ok
16:37:05.0592 6592 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:37:05.0592 6592 NetTcpActivator - ok
16:37:05.0592 6592 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:37:05.0592 6592 NetTcpPortSharing - ok
16:37:05.0951 6592 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
16:37:05.0966 6592 nfrd960 - ok
16:37:06.0029 6592 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:37:06.0060 6592 NlaSvc - ok
16:37:06.0107 6592 [ 5FE6F8C05F0769BBB74AFAC11453B182 ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys
16:37:06.0138 6592 nmwcd - ok
16:37:06.0169 6592 [ 73C929945C0850B8D1FE2FEA05FDF05D ] nmwcdc C:\Windows\system32\drivers\ccdcmbox64.sys
16:37:06.0185 6592 nmwcdc - ok
16:37:06.0232 6592 [ 292DDF13F91F2CB2482B57AACD6AEB9B ] nmwcdnsux64 C:\Windows\system32\drivers\nmwcdnsux64.sys
16:37:06.0247 6592 nmwcdnsux64 - ok
16:37:06.0278 6592 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:37:06.0278 6592 Npfs - ok
16:37:06.0325 6592 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
16:37:06.0356 6592 nsi - ok
16:37:06.0419 6592 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:37:06.0419 6592 nsiproxy - ok
16:37:06.0637 6592 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:37:06.0653 6592 Ntfs - ok
16:37:06.0778 6592 [ 9A308FCDCCA98A15B6F62D36A272160E ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
16:37:06.0793 6592 NTI IScheduleSvc - ok
16:37:06.0809 6592 [ EE3BA1024594D5D09E314F206B94069E ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
16:37:06.0809 6592 NTIDrvr - ok
16:37:06.0840 6592 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
16:37:06.0856 6592 Null - ok
16:37:06.0902 6592 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:37:06.0902 6592 nvraid - ok
16:37:06.0918 6592 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:37:06.0934 6592 nvstor - ok
16:37:06.0949 6592 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:37:06.0949 6592 nv_agp - ok
16:37:07.0012 6592 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:37:07.0043 6592 ohci1394 - ok
16:37:07.0105 6592 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:37:07.0121 6592 ose64 - ok
16:37:08.0213 6592 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:37:08.0338 6592 osppsvc - ok
16:37:08.0478 6592 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:37:08.0509 6592 p2pimsvc - ok
16:37:08.0696 6592 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
16:37:08.0712 6592 p2psvc - ok
16:37:08.0759 6592 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
16:37:08.0774 6592 Parport - ok
16:37:08.0837 6592 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:37:08.0837 6592 partmgr - ok
16:37:08.0899 6592 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:37:08.0915 6592 PcaSvc - ok
16:37:08.0993 6592 [ BC0018C2D29F655188A0ED3FA94FDB24 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
16:37:09.0024 6592 pccsmcfd - ok
16:37:09.0071 6592 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
16:37:09.0071 6592 pci - ok
16:37:09.0118 6592 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
16:37:09.0118 6592 pciide - ok
16:37:09.0242 6592 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
16:37:09.0289 6592 pcmcia - ok
16:37:09.0320 6592 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
16:37:09.0320 6592 pcw - ok
16:37:09.0352 6592 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:37:09.0367 6592 PEAUTH - ok
16:37:09.0601 6592 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:37:09.0601 6592 PerfHost - ok
16:37:09.0726 6592 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
16:37:09.0742 6592 pla - ok
16:37:09.0757 6592 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:37:09.0773 6592 PlugPlay - ok
16:37:09.0773 6592 PnkBstrA - ok
16:37:09.0804 6592 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:37:09.0804 6592 PNRPAutoReg - ok
16:37:09.0866 6592 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
-
Holi-cz
- Level 2
- Příspěvky: 157
- Registrován: říjen 10
- Bydliště: Teplice
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Kontrola logu, samovolná změna data
Pokračování (mnoho znaků)
16:37:09.0866 6592 PNRPsvc - ok
16:37:09.0991 6592 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:37:10.0007 6592 PolicyAgent - ok
16:37:10.0054 6592 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
16:37:10.0054 6592 Power - ok
16:37:10.0100 6592 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:37:10.0116 6592 PptpMiniport - ok
16:37:10.0132 6592 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
16:37:10.0147 6592 Processor - ok
16:37:10.0178 6592 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
16:37:10.0194 6592 ProfSvc - ok
16:37:10.0210 6592 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:37:10.0210 6592 ProtectedStorage - ok
16:37:10.0256 6592 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:37:10.0256 6592 Psched - ok
16:37:10.0397 6592 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
16:37:10.0444 6592 ql2300 - ok
16:37:10.0459 6592 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
16:37:10.0459 6592 ql40xx - ok
16:37:10.0537 6592 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
16:37:10.0568 6592 QWAVE - ok
16:37:10.0600 6592 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:37:10.0600 6592 QWAVEdrv - ok
16:37:10.0600 6592 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:37:10.0600 6592 RasAcd - ok
16:37:10.0615 6592 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:37:10.0631 6592 RasAgileVpn - ok
16:37:10.0646 6592 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
16:37:10.0646 6592 RasAuto - ok
16:37:10.0693 6592 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:37:10.0709 6592 Rasl2tp - ok
16:37:10.0740 6592 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
16:37:10.0756 6592 RasMan - ok
16:37:10.0771 6592 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:37:10.0771 6592 RasPppoe - ok
16:37:10.0787 6592 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:37:10.0787 6592 RasSstp - ok
16:37:10.0802 6592 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:37:10.0802 6592 rdbss - ok
16:37:10.0834 6592 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:37:10.0834 6592 rdpbus - ok
16:37:10.0834 6592 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:37:10.0849 6592 RDPCDD - ok
16:37:10.0865 6592 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:37:10.0865 6592 RDPENCDD - ok
16:37:10.0865 6592 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:37:10.0865 6592 RDPREFMP - ok
16:37:10.0958 6592 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:37:10.0974 6592 RDPWD - ok
16:37:11.0036 6592 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:37:11.0052 6592 rdyboost - ok
16:37:11.0083 6592 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:37:11.0099 6592 RemoteAccess - ok
16:37:11.0114 6592 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:37:11.0114 6592 RemoteRegistry - ok
16:37:11.0161 6592 [ 9C3AC71A9934B884FAC567A8807E9C4D ] Revoflt C:\Windows\system32\DRIVERS\revoflt.sys
16:37:11.0192 6592 Revoflt - ok
16:37:11.0224 6592 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:37:11.0224 6592 RpcEptMapper - ok
16:37:11.0239 6592 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
16:37:11.0239 6592 RpcLocator - ok
16:37:11.0333 6592 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
16:37:11.0348 6592 RpcSs - ok
16:37:11.0380 6592 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:37:11.0411 6592 rspndr - ok
16:37:11.0473 6592 [ 763AE0C6D9DF4C24B7E2C26036A8188A ] RSUSBSTOR C:\Windows\System32\Drivers\RtsUStor.sys
16:37:11.0473 6592 RSUSBSTOR - ok
16:37:11.0551 6592 [ D6D381B76056C668679723938F06F16C ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
16:37:11.0551 6592 RTHDMIAzAudService - ok
16:37:11.0582 6592 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
16:37:11.0582 6592 SamSs - ok
16:37:11.0645 6592 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:37:11.0676 6592 sbp2port - ok
16:37:11.0738 6592 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:37:11.0754 6592 SCardSvr - ok
16:37:11.0801 6592 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:37:11.0816 6592 scfilter - ok
16:37:11.0894 6592 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
16:37:11.0926 6592 Schedule - ok
16:37:11.0972 6592 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:37:11.0972 6592 SCPolicySvc - ok
16:37:12.0019 6592 [ 490B0B68BB938D5C628EC4A67277BE75 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
16:37:12.0035 6592 ScreamBAudioSvc - ok
16:37:12.0097 6592 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:37:12.0097 6592 SDRSVC - ok
16:37:12.0175 6592 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:37:12.0191 6592 secdrv - ok
16:37:12.0238 6592 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
16:37:12.0253 6592 seclogon - ok
16:37:12.0300 6592 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
16:37:12.0316 6592 SENS - ok
16:37:12.0347 6592 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:37:12.0378 6592 SensrSvc - ok
16:37:12.0394 6592 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:37:12.0394 6592 Serenum - ok
16:37:12.0425 6592 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:37:12.0440 6592 Serial - ok
16:37:12.0487 6592 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
16:37:12.0518 6592 sermouse - ok
16:37:12.0706 6592 [ F31E9531AF225CA25350D5E87E999B31 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
16:37:12.0721 6592 ServiceLayer - ok
16:37:12.0784 6592 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
16:37:12.0784 6592 SessionEnv - ok
16:37:12.0877 6592 [ DDA1B38A59DE5096E2619D4CFDE01F4A ] sfdrv01a C:\Windows\system32\drivers\sfdrv01a.sys
16:37:12.0877 6592 sfdrv01a - ok
16:37:12.0924 6592 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:37:12.0924 6592 sffdisk - ok
16:37:12.0924 6592 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:37:12.0924 6592 sffp_mmc - ok
16:37:12.0940 6592 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:37:12.0940 6592 sffp_sd - ok
16:37:12.0987 6592 [ 17F6BD95BF04B924F4C05CE78BEF8AE6 ] sfhlp02 C:\Windows\system32\drivers\sfhlp02.sys
16:37:12.0987 6592 sfhlp02 - ok
16:37:13.0049 6592 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
16:37:13.0065 6592 sfloppy - ok
16:37:13.0267 6592 sfrem01 - ok
16:37:13.0486 6592 [ C2FC1E7B64D844251A1AF6BCADFE4C14 ] sfsync04 C:\Windows\system32\drivers\sfsync04.sys
16:37:13.0501 6592 sfsync04 - ok
16:37:13.0595 6592 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:37:13.0611 6592 SharedAccess - ok
16:37:13.0689 6592 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:37:13.0720 6592 ShellHWDetection - ok
16:37:13.0845 6592 [ 61FD876CA2E7AEA663D232AAD8DBDCD7 ] ShowAnalyzerMaster C:\Program Files (x86)\Dragon Global\ShowAnalyzerSuite\ShowAnalyzerMaster.exe
16:37:13.0876 6592 ShowAnalyzerMaster - ok
16:37:13.0923 6592 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:37:13.0923 6592 SiSRaid2 - ok
16:37:13.0923 6592 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
16:37:13.0938 6592 SiSRaid4 - ok
16:37:14.0016 6592 [ D0C0B700152B1F610F10B356483B3401 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:37:14.0016 6592 SkypeUpdate - ok
16:37:14.0094 6592 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:37:14.0125 6592 Smb - ok
16:37:14.0188 6592 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:37:14.0203 6592 SNMPTRAP - ok
16:37:14.0281 6592 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
16:37:14.0281 6592 spldr - ok
16:37:14.0344 6592 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
16:37:14.0359 6592 Spooler - ok
16:37:14.0625 6592 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
16:37:14.0718 6592 sppsvc - ok
16:37:14.0781 6592 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:37:14.0812 6592 sppuinotify - ok
16:37:14.0890 6592 [ EAD5300C93946B0250A309E2BF2BE4CF ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
16:37:14.0905 6592 SQLWriter - ok
16:37:14.0952 6592 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
16:37:14.0968 6592 srv - ok
16:37:14.0999 6592 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:37:15.0030 6592 srv2 - ok
16:37:15.0046 6592 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:37:15.0061 6592 srvnet - ok
16:37:15.0202 6592 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:37:15.0217 6592 SSDPSRV - ok
16:37:15.0249 6592 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:37:15.0280 6592 SstpSvc - ok
16:37:15.0311 6592 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
16:37:15.0342 6592 stexstor - ok
16:37:15.0420 6592 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
16:37:15.0436 6592 stisvc - ok
16:37:15.0483 6592 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
16:37:15.0483 6592 swenum - ok
16:37:15.0576 6592 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
16:37:15.0607 6592 SwitchBoard - ok
16:37:15.0670 6592 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
16:37:15.0685 6592 swprv - ok
16:37:15.0810 6592 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
16:37:15.0841 6592 SysMain - ok
16:37:15.0904 6592 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:37:15.0919 6592 TabletInputService - ok
16:37:16.0029 6592 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:37:16.0044 6592 TapiSrv - ok
16:37:16.0107 6592 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
16:37:16.0107 6592 TBS - ok
16:37:16.0200 6592 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:37:16.0231 6592 Tcpip - ok
16:37:16.0294 6592 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:37:16.0294 6592 TCPIP6 - ok
16:37:16.0341 6592 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:37:16.0356 6592 tcpipreg - ok
16:37:16.0403 6592 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:37:16.0403 6592 TDPIPE - ok
16:37:16.0497 6592 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:37:16.0528 6592 TDTCP - ok
16:37:16.0575 6592 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:37:16.0590 6592 tdx - ok
16:37:16.0637 6592 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
16:37:16.0653 6592 TermDD - ok
16:37:16.0715 6592 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
16:37:16.0715 6592 TermService - ok
16:37:16.0746 6592 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
16:37:16.0762 6592 Themes - ok
16:37:16.0777 6592 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
16:37:16.0777 6592 THREADORDER - ok
16:37:16.0824 6592 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
16:37:16.0855 6592 TrkWks - ok
16:37:16.0965 6592 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:37:16.0980 6592 TrustedInstaller - ok
16:37:17.0011 6592 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:37:17.0011 6592 tssecsrv - ok
16:37:17.0074 6592 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:37:17.0089 6592 TsUsbFlt - ok
16:37:17.0136 6592 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:37:17.0136 6592 tunnel - ok
16:37:17.0277 6592 [ 825E7A1F48FB8BCFBA27C178AAB4E275 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
16:37:17.0277 6592 TurboB - ok
16:37:17.0495 6592 [ B206BE1174D5964D49A56BB6C4E0524A ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
16:37:17.0511 6592 TurboBoost - ok
16:37:17.0557 6592 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
16:37:17.0557 6592 uagp35 - ok
16:37:17.0635 6592 [ A17D5E1A6DF4EAB0A480F2C490DE4C9D ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
16:37:17.0635 6592 UBHelper - ok
16:37:17.0698 6592 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:37:17.0713 6592 udfs - ok
16:37:17.0760 6592 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:37:17.0776 6592 UI0Detect - ok
16:37:17.0791 6592 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:37:17.0807 6592 uliagpkx - ok
16:37:17.0885 6592 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
16:37:17.0885 6592 umbus - ok
16:37:17.0947 6592 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
16:37:17.0979 6592 UmPass - ok
16:37:18.0244 6592 [ 7466809E6DA561D60C2F1CE8EDE3C73F ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:37:18.0306 6592 UNS - ok
16:37:18.0369 6592 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
16:37:18.0369 6592 Updater Service - ok
16:37:18.0415 6592 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
16:37:18.0447 6592 upnphost - ok
16:37:18.0493 6592 [ 34AFB83C7BBA370E404E52CC2290350C ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
16:37:18.0509 6592 upperdev - ok
16:37:18.0556 6592 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:37:18.0556 6592 usbccgp - ok
16:37:18.0618 6592 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:37:18.0618 6592 usbcir - ok
16:37:18.0665 6592 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
16:37:18.0665 6592 usbehci - ok
16:37:18.0712 6592 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:37:18.0712 6592 usbhub - ok
16:37:18.0743 6592 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:37:18.0743 6592 usbohci - ok
16:37:18.0790 6592 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:37:18.0821 6592 usbprint - ok
16:37:18.0852 6592 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:37:18.0852 6592 usbscan - ok
16:37:18.0915 6592 [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser C:\Windows\system32\drivers\usbser.sys
16:37:18.0946 6592 usbser - ok
16:37:18.0993 6592 [ AA75E1EFBEE7186B4CBAAACF1F15E6CA ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
16:37:19.0008 6592 UsbserFilt - ok
16:37:19.0055 6592 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:37:19.0102 6592 USBSTOR - ok
16:37:19.0133 6592 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:37:19.0133 6592 usbuhci - ok
16:37:19.0180 6592 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
16:37:19.0195 6592 usbvideo - ok
16:37:19.0273 6592 [ 82AAE7B639A6A5FF97666006FCE989C7 ] uxkx164 C:\Windows\system32\DRIVERS\uxkx164.sys
16:37:19.0305 6592 uxkx164 - ok
16:37:19.0398 6592 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
16:37:19.0414 6592 UxSms - ok
16:37:19.0476 6592 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
16:37:19.0476 6592 VaultSvc - ok
16:37:19.0554 6592 [ 8ACF22B86CE4E85C23E3E9513BF45C37 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
16:37:19.0585 6592 VBoxNetAdp - ok
16:37:19.0585 6592 VBoxNetFlt - ok
16:37:19.0617 6592 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:37:19.0617 6592 vdrvroot - ok
16:37:19.0741 6592 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
16:37:19.0757 6592 vds - ok
16:37:19.0788 6592 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:37:19.0804 6592 vga - ok
16:37:19.0835 6592 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
16:37:19.0835 6592 VgaSave - ok
16:37:19.0897 6592 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:37:19.0897 6592 vhdmp - ok
16:37:19.0960 6592 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
16:37:19.0991 6592 viaide - ok
16:37:20.0038 6592 [ 2DFD1EB9DE564460003DE1605A275E8D ] vidsflt61 C:\Windows\system32\DRIVERS\vsflt61.sys
16:37:20.0069 6592 vidsflt61 - ok
16:37:20.0116 6592 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:37:20.0131 6592 volmgr - ok
16:37:20.0194 6592 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:37:20.0209 6592 volmgrx - ok
16:37:20.0256 6592 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:37:20.0256 6592 volsnap - ok
16:37:20.0256 6592 vserial - ok
16:37:20.0381 6592 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
16:37:20.0381 6592 vsmraid - ok
16:37:20.0568 6592 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
16:37:20.0584 6592 VSS - ok
16:37:20.0615 6592 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:37:20.0646 6592 vwifibus - ok
16:37:20.0709 6592 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:37:20.0724 6592 vwififlt - ok
16:37:20.0818 6592 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
16:37:20.0833 6592 W32Time - ok
16:37:20.0865 6592 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
16:37:20.0880 6592 WacomPen - ok
16:37:20.0927 6592 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:37:20.0943 6592 WANARP - ok
16:37:20.0943 6592 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:37:20.0943 6592 Wanarpv6 - ok
16:37:21.0161 6592 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
16:37:21.0192 6592 WatAdminSvc - ok
16:37:21.0504 6592 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
16:37:21.0551 6592 wbengine - ok
16:37:21.0629 6592 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:37:21.0645 6592 WbioSrvc - ok
16:37:21.0754 6592 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:37:21.0785 6592 wcncsvc - ok
16:37:21.0925 6592 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:37:21.0957 6592 WcsPlugInService - ok
16:37:22.0035 6592 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
16:37:22.0066 6592 Wd - ok
16:37:22.0159 6592 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:37:22.0191 6592 Wdf01000 - ok
16:37:22.0237 6592 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:37:22.0253 6592 WdiServiceHost - ok
16:37:22.0253 6592 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:37:22.0253 6592 WdiSystemHost - ok
16:37:22.0300 6592 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
16:37:22.0300 6592 WebClient - ok
16:37:22.0378 6592 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:37:22.0393 6592 Wecsvc - ok
16:37:22.0425 6592 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:37:22.0440 6592 wercplsupport - ok
16:37:22.0487 6592 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
16:37:22.0503 6592 WerSvc - ok
16:37:22.0534 6592 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:37:22.0534 6592 WfpLwf - ok
16:37:22.0549 6592 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:37:22.0549 6592 WIMMount - ok
16:37:22.0612 6592 WinDefend - ok
16:37:22.0659 6592 WinHttpAutoProxySvc - ok
16:37:22.0737 6592 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:37:22.0768 6592 Winmgmt - ok
16:37:22.0877 6592 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
16:37:22.0908 6592 WinRM - ok
16:37:22.0971 6592 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:37:22.0971 6592 WinUsb - ok
16:37:23.0064 6592 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
16:37:23.0080 6592 Wlansvc - ok
16:37:23.0314 6592 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:37:23.0345 6592 wlidsvc - ok
16:37:23.0392 6592 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
16:37:23.0392 6592 WmiAcpi - ok
16:37:23.0485 6592 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:37:23.0485 6592 wmiApSrv - ok
16:37:23.0517 6592 WMPNetworkSvc - ok
16:37:23.0548 6592 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:37:23.0579 6592 WPCSvc - ok
16:37:23.0626 6592 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:37:23.0626 6592 WPDBusEnum - ok
16:37:23.0704 6592 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:37:23.0719 6592 ws2ifsl - ok
16:37:23.0751 6592 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
16:37:23.0751 6592 wscsvc - ok
16:37:23.0751 6592 WSearch - ok
16:37:23.0891 6592 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
16:37:23.0907 6592 wuauserv - ok
16:37:23.0953 6592 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:37:23.0969 6592 WudfPf - ok
16:37:24.0031 6592 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:37:24.0031 6592 WUDFRd - ok
16:37:24.0109 6592 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:37:24.0125 6592 wudfsvc - ok
16:37:24.0156 6592 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
16:37:24.0187 6592 WwanSvc - ok
16:37:24.0359 6592 X6va011 - ok
16:37:24.0546 6592 [ 16A004D355467E44D217DC4DF62EC1E4 ] XAMPP C:\xampp\service.exe
16:37:24.0546 6592 XAMPP - ok
16:37:24.0562 6592 ZTEusbmdm6k - ok
16:37:24.0562 6592 ZTEusbnmea - ok
16:37:24.0577 6592 ZTEusbser6k - ok
16:37:24.0577 6592 ================ Scan global ===============================
16:37:24.0687 6592 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:37:24.0749 6592 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
16:37:24.0780 6592 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
16:37:24.0811 6592 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:37:24.0874 6592 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:37:24.0889 6592 [Global] - ok
16:37:24.0905 6592 ================ Scan MBR ==================================
16:37:24.0921 6592 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:37:25.0981 6592 \Device\Harddisk0\DR0 - ok
16:37:25.0981 6592 ================ Scan VBR ==================================
16:37:25.0997 6592 [ F18730E09414FD566287B78CF740C925 ] \Device\Harddisk0\DR0\Partition1
16:37:25.0997 6592 \Device\Harddisk0\DR0\Partition1 - ok
16:37:25.0997 6592 ============================================================
16:37:25.0997 6592 Scan finished
16:37:25.0997 6592 ============================================================
16:37:26.0013 6584 Detected object count: 0
16:37:26.0013 6584 Actual detected object count: 0
16:37:41.0909 6408 Deinitialize success
Virustotal
aswMBR bohužel vždycky 'přestane pracovat' (někde kolem skenu C:\Windows\system32
16:37:09.0866 6592 PNRPsvc - ok
16:37:09.0991 6592 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:37:10.0007 6592 PolicyAgent - ok
16:37:10.0054 6592 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
16:37:10.0054 6592 Power - ok
16:37:10.0100 6592 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:37:10.0116 6592 PptpMiniport - ok
16:37:10.0132 6592 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
16:37:10.0147 6592 Processor - ok
16:37:10.0178 6592 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
16:37:10.0194 6592 ProfSvc - ok
16:37:10.0210 6592 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:37:10.0210 6592 ProtectedStorage - ok
16:37:10.0256 6592 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:37:10.0256 6592 Psched - ok
16:37:10.0397 6592 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
16:37:10.0444 6592 ql2300 - ok
16:37:10.0459 6592 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
16:37:10.0459 6592 ql40xx - ok
16:37:10.0537 6592 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
16:37:10.0568 6592 QWAVE - ok
16:37:10.0600 6592 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:37:10.0600 6592 QWAVEdrv - ok
16:37:10.0600 6592 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:37:10.0600 6592 RasAcd - ok
16:37:10.0615 6592 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:37:10.0631 6592 RasAgileVpn - ok
16:37:10.0646 6592 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
16:37:10.0646 6592 RasAuto - ok
16:37:10.0693 6592 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:37:10.0709 6592 Rasl2tp - ok
16:37:10.0740 6592 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
16:37:10.0756 6592 RasMan - ok
16:37:10.0771 6592 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:37:10.0771 6592 RasPppoe - ok
16:37:10.0787 6592 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:37:10.0787 6592 RasSstp - ok
16:37:10.0802 6592 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:37:10.0802 6592 rdbss - ok
16:37:10.0834 6592 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:37:10.0834 6592 rdpbus - ok
16:37:10.0834 6592 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:37:10.0849 6592 RDPCDD - ok
16:37:10.0865 6592 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:37:10.0865 6592 RDPENCDD - ok
16:37:10.0865 6592 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:37:10.0865 6592 RDPREFMP - ok
16:37:10.0958 6592 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:37:10.0974 6592 RDPWD - ok
16:37:11.0036 6592 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:37:11.0052 6592 rdyboost - ok
16:37:11.0083 6592 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:37:11.0099 6592 RemoteAccess - ok
16:37:11.0114 6592 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:37:11.0114 6592 RemoteRegistry - ok
16:37:11.0161 6592 [ 9C3AC71A9934B884FAC567A8807E9C4D ] Revoflt C:\Windows\system32\DRIVERS\revoflt.sys
16:37:11.0192 6592 Revoflt - ok
16:37:11.0224 6592 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:37:11.0224 6592 RpcEptMapper - ok
16:37:11.0239 6592 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
16:37:11.0239 6592 RpcLocator - ok
16:37:11.0333 6592 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
16:37:11.0348 6592 RpcSs - ok
16:37:11.0380 6592 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:37:11.0411 6592 rspndr - ok
16:37:11.0473 6592 [ 763AE0C6D9DF4C24B7E2C26036A8188A ] RSUSBSTOR C:\Windows\System32\Drivers\RtsUStor.sys
16:37:11.0473 6592 RSUSBSTOR - ok
16:37:11.0551 6592 [ D6D381B76056C668679723938F06F16C ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
16:37:11.0551 6592 RTHDMIAzAudService - ok
16:37:11.0582 6592 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
16:37:11.0582 6592 SamSs - ok
16:37:11.0645 6592 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:37:11.0676 6592 sbp2port - ok
16:37:11.0738 6592 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:37:11.0754 6592 SCardSvr - ok
16:37:11.0801 6592 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:37:11.0816 6592 scfilter - ok
16:37:11.0894 6592 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
16:37:11.0926 6592 Schedule - ok
16:37:11.0972 6592 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
16:37:11.0972 6592 SCPolicySvc - ok
16:37:12.0019 6592 [ 490B0B68BB938D5C628EC4A67277BE75 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
16:37:12.0035 6592 ScreamBAudioSvc - ok
16:37:12.0097 6592 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:37:12.0097 6592 SDRSVC - ok
16:37:12.0175 6592 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:37:12.0191 6592 secdrv - ok
16:37:12.0238 6592 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
16:37:12.0253 6592 seclogon - ok
16:37:12.0300 6592 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
16:37:12.0316 6592 SENS - ok
16:37:12.0347 6592 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:37:12.0378 6592 SensrSvc - ok
16:37:12.0394 6592 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:37:12.0394 6592 Serenum - ok
16:37:12.0425 6592 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:37:12.0440 6592 Serial - ok
16:37:12.0487 6592 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
16:37:12.0518 6592 sermouse - ok
16:37:12.0706 6592 [ F31E9531AF225CA25350D5E87E999B31 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
16:37:12.0721 6592 ServiceLayer - ok
16:37:12.0784 6592 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
16:37:12.0784 6592 SessionEnv - ok
16:37:12.0877 6592 [ DDA1B38A59DE5096E2619D4CFDE01F4A ] sfdrv01a C:\Windows\system32\drivers\sfdrv01a.sys
16:37:12.0877 6592 sfdrv01a - ok
16:37:12.0924 6592 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:37:12.0924 6592 sffdisk - ok
16:37:12.0924 6592 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:37:12.0924 6592 sffp_mmc - ok
16:37:12.0940 6592 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:37:12.0940 6592 sffp_sd - ok
16:37:12.0987 6592 [ 17F6BD95BF04B924F4C05CE78BEF8AE6 ] sfhlp02 C:\Windows\system32\drivers\sfhlp02.sys
16:37:12.0987 6592 sfhlp02 - ok
16:37:13.0049 6592 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
16:37:13.0065 6592 sfloppy - ok
16:37:13.0267 6592 sfrem01 - ok
16:37:13.0486 6592 [ C2FC1E7B64D844251A1AF6BCADFE4C14 ] sfsync04 C:\Windows\system32\drivers\sfsync04.sys
16:37:13.0501 6592 sfsync04 - ok
16:37:13.0595 6592 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:37:13.0611 6592 SharedAccess - ok
16:37:13.0689 6592 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:37:13.0720 6592 ShellHWDetection - ok
16:37:13.0845 6592 [ 61FD876CA2E7AEA663D232AAD8DBDCD7 ] ShowAnalyzerMaster C:\Program Files (x86)\Dragon Global\ShowAnalyzerSuite\ShowAnalyzerMaster.exe
16:37:13.0876 6592 ShowAnalyzerMaster - ok
16:37:13.0923 6592 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:37:13.0923 6592 SiSRaid2 - ok
16:37:13.0923 6592 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
16:37:13.0938 6592 SiSRaid4 - ok
16:37:14.0016 6592 [ D0C0B700152B1F610F10B356483B3401 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:37:14.0016 6592 SkypeUpdate - ok
16:37:14.0094 6592 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:37:14.0125 6592 Smb - ok
16:37:14.0188 6592 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:37:14.0203 6592 SNMPTRAP - ok
16:37:14.0281 6592 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
16:37:14.0281 6592 spldr - ok
16:37:14.0344 6592 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
16:37:14.0359 6592 Spooler - ok
16:37:14.0625 6592 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
16:37:14.0718 6592 sppsvc - ok
16:37:14.0781 6592 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:37:14.0812 6592 sppuinotify - ok
16:37:14.0890 6592 [ EAD5300C93946B0250A309E2BF2BE4CF ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
16:37:14.0905 6592 SQLWriter - ok
16:37:14.0952 6592 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
16:37:14.0968 6592 srv - ok
16:37:14.0999 6592 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:37:15.0030 6592 srv2 - ok
16:37:15.0046 6592 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:37:15.0061 6592 srvnet - ok
16:37:15.0202 6592 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:37:15.0217 6592 SSDPSRV - ok
16:37:15.0249 6592 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:37:15.0280 6592 SstpSvc - ok
16:37:15.0311 6592 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
16:37:15.0342 6592 stexstor - ok
16:37:15.0420 6592 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
16:37:15.0436 6592 stisvc - ok
16:37:15.0483 6592 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
16:37:15.0483 6592 swenum - ok
16:37:15.0576 6592 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
16:37:15.0607 6592 SwitchBoard - ok
16:37:15.0670 6592 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
16:37:15.0685 6592 swprv - ok
16:37:15.0810 6592 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
16:37:15.0841 6592 SysMain - ok
16:37:15.0904 6592 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:37:15.0919 6592 TabletInputService - ok
16:37:16.0029 6592 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:37:16.0044 6592 TapiSrv - ok
16:37:16.0107 6592 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
16:37:16.0107 6592 TBS - ok
16:37:16.0200 6592 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:37:16.0231 6592 Tcpip - ok
16:37:16.0294 6592 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:37:16.0294 6592 TCPIP6 - ok
16:37:16.0341 6592 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:37:16.0356 6592 tcpipreg - ok
16:37:16.0403 6592 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:37:16.0403 6592 TDPIPE - ok
16:37:16.0497 6592 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:37:16.0528 6592 TDTCP - ok
16:37:16.0575 6592 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:37:16.0590 6592 tdx - ok
16:37:16.0637 6592 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
16:37:16.0653 6592 TermDD - ok
16:37:16.0715 6592 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
16:37:16.0715 6592 TermService - ok
16:37:16.0746 6592 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
16:37:16.0762 6592 Themes - ok
16:37:16.0777 6592 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
16:37:16.0777 6592 THREADORDER - ok
16:37:16.0824 6592 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
16:37:16.0855 6592 TrkWks - ok
16:37:16.0965 6592 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:37:16.0980 6592 TrustedInstaller - ok
16:37:17.0011 6592 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:37:17.0011 6592 tssecsrv - ok
16:37:17.0074 6592 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:37:17.0089 6592 TsUsbFlt - ok
16:37:17.0136 6592 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:37:17.0136 6592 tunnel - ok
16:37:17.0277 6592 [ 825E7A1F48FB8BCFBA27C178AAB4E275 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
16:37:17.0277 6592 TurboB - ok
16:37:17.0495 6592 [ B206BE1174D5964D49A56BB6C4E0524A ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
16:37:17.0511 6592 TurboBoost - ok
16:37:17.0557 6592 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
16:37:17.0557 6592 uagp35 - ok
16:37:17.0635 6592 [ A17D5E1A6DF4EAB0A480F2C490DE4C9D ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
16:37:17.0635 6592 UBHelper - ok
16:37:17.0698 6592 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:37:17.0713 6592 udfs - ok
16:37:17.0760 6592 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:37:17.0776 6592 UI0Detect - ok
16:37:17.0791 6592 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:37:17.0807 6592 uliagpkx - ok
16:37:17.0885 6592 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
16:37:17.0885 6592 umbus - ok
16:37:17.0947 6592 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
16:37:17.0979 6592 UmPass - ok
16:37:18.0244 6592 [ 7466809E6DA561D60C2F1CE8EDE3C73F ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:37:18.0306 6592 UNS - ok
16:37:18.0369 6592 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
16:37:18.0369 6592 Updater Service - ok
16:37:18.0415 6592 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
16:37:18.0447 6592 upnphost - ok
16:37:18.0493 6592 [ 34AFB83C7BBA370E404E52CC2290350C ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
16:37:18.0509 6592 upperdev - ok
16:37:18.0556 6592 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:37:18.0556 6592 usbccgp - ok
16:37:18.0618 6592 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:37:18.0618 6592 usbcir - ok
16:37:18.0665 6592 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
16:37:18.0665 6592 usbehci - ok
16:37:18.0712 6592 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:37:18.0712 6592 usbhub - ok
16:37:18.0743 6592 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:37:18.0743 6592 usbohci - ok
16:37:18.0790 6592 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:37:18.0821 6592 usbprint - ok
16:37:18.0852 6592 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:37:18.0852 6592 usbscan - ok
16:37:18.0915 6592 [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser C:\Windows\system32\drivers\usbser.sys
16:37:18.0946 6592 usbser - ok
16:37:18.0993 6592 [ AA75E1EFBEE7186B4CBAAACF1F15E6CA ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
16:37:19.0008 6592 UsbserFilt - ok
16:37:19.0055 6592 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:37:19.0102 6592 USBSTOR - ok
16:37:19.0133 6592 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:37:19.0133 6592 usbuhci - ok
16:37:19.0180 6592 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
16:37:19.0195 6592 usbvideo - ok
16:37:19.0273 6592 [ 82AAE7B639A6A5FF97666006FCE989C7 ] uxkx164 C:\Windows\system32\DRIVERS\uxkx164.sys
16:37:19.0305 6592 uxkx164 - ok
16:37:19.0398 6592 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
16:37:19.0414 6592 UxSms - ok
16:37:19.0476 6592 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
16:37:19.0476 6592 VaultSvc - ok
16:37:19.0554 6592 [ 8ACF22B86CE4E85C23E3E9513BF45C37 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
16:37:19.0585 6592 VBoxNetAdp - ok
16:37:19.0585 6592 VBoxNetFlt - ok
16:37:19.0617 6592 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:37:19.0617 6592 vdrvroot - ok
16:37:19.0741 6592 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
16:37:19.0757 6592 vds - ok
16:37:19.0788 6592 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:37:19.0804 6592 vga - ok
16:37:19.0835 6592 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
16:37:19.0835 6592 VgaSave - ok
16:37:19.0897 6592 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:37:19.0897 6592 vhdmp - ok
16:37:19.0960 6592 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
16:37:19.0991 6592 viaide - ok
16:37:20.0038 6592 [ 2DFD1EB9DE564460003DE1605A275E8D ] vidsflt61 C:\Windows\system32\DRIVERS\vsflt61.sys
16:37:20.0069 6592 vidsflt61 - ok
16:37:20.0116 6592 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:37:20.0131 6592 volmgr - ok
16:37:20.0194 6592 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:37:20.0209 6592 volmgrx - ok
16:37:20.0256 6592 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:37:20.0256 6592 volsnap - ok
16:37:20.0256 6592 vserial - ok
16:37:20.0381 6592 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
16:37:20.0381 6592 vsmraid - ok
16:37:20.0568 6592 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
16:37:20.0584 6592 VSS - ok
16:37:20.0615 6592 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:37:20.0646 6592 vwifibus - ok
16:37:20.0709 6592 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:37:20.0724 6592 vwififlt - ok
16:37:20.0818 6592 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
16:37:20.0833 6592 W32Time - ok
16:37:20.0865 6592 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
16:37:20.0880 6592 WacomPen - ok
16:37:20.0927 6592 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:37:20.0943 6592 WANARP - ok
16:37:20.0943 6592 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:37:20.0943 6592 Wanarpv6 - ok
16:37:21.0161 6592 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
16:37:21.0192 6592 WatAdminSvc - ok
16:37:21.0504 6592 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
16:37:21.0551 6592 wbengine - ok
16:37:21.0629 6592 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:37:21.0645 6592 WbioSrvc - ok
16:37:21.0754 6592 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:37:21.0785 6592 wcncsvc - ok
16:37:21.0925 6592 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:37:21.0957 6592 WcsPlugInService - ok
16:37:22.0035 6592 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
16:37:22.0066 6592 Wd - ok
16:37:22.0159 6592 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:37:22.0191 6592 Wdf01000 - ok
16:37:22.0237 6592 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:37:22.0253 6592 WdiServiceHost - ok
16:37:22.0253 6592 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:37:22.0253 6592 WdiSystemHost - ok
16:37:22.0300 6592 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
16:37:22.0300 6592 WebClient - ok
16:37:22.0378 6592 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:37:22.0393 6592 Wecsvc - ok
16:37:22.0425 6592 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:37:22.0440 6592 wercplsupport - ok
16:37:22.0487 6592 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
16:37:22.0503 6592 WerSvc - ok
16:37:22.0534 6592 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:37:22.0534 6592 WfpLwf - ok
16:37:22.0549 6592 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:37:22.0549 6592 WIMMount - ok
16:37:22.0612 6592 WinDefend - ok
16:37:22.0659 6592 WinHttpAutoProxySvc - ok
16:37:22.0737 6592 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:37:22.0768 6592 Winmgmt - ok
16:37:22.0877 6592 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
16:37:22.0908 6592 WinRM - ok
16:37:22.0971 6592 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:37:22.0971 6592 WinUsb - ok
16:37:23.0064 6592 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
16:37:23.0080 6592 Wlansvc - ok
16:37:23.0314 6592 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:37:23.0345 6592 wlidsvc - ok
16:37:23.0392 6592 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
16:37:23.0392 6592 WmiAcpi - ok
16:37:23.0485 6592 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:37:23.0485 6592 wmiApSrv - ok
16:37:23.0517 6592 WMPNetworkSvc - ok
16:37:23.0548 6592 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:37:23.0579 6592 WPCSvc - ok
16:37:23.0626 6592 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:37:23.0626 6592 WPDBusEnum - ok
16:37:23.0704 6592 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:37:23.0719 6592 ws2ifsl - ok
16:37:23.0751 6592 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
16:37:23.0751 6592 wscsvc - ok
16:37:23.0751 6592 WSearch - ok
16:37:23.0891 6592 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
16:37:23.0907 6592 wuauserv - ok
16:37:23.0953 6592 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:37:23.0969 6592 WudfPf - ok
16:37:24.0031 6592 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:37:24.0031 6592 WUDFRd - ok
16:37:24.0109 6592 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:37:24.0125 6592 wudfsvc - ok
16:37:24.0156 6592 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
16:37:24.0187 6592 WwanSvc - ok
16:37:24.0359 6592 X6va011 - ok
16:37:24.0546 6592 [ 16A004D355467E44D217DC4DF62EC1E4 ] XAMPP C:\xampp\service.exe
16:37:24.0546 6592 XAMPP - ok
16:37:24.0562 6592 ZTEusbmdm6k - ok
16:37:24.0562 6592 ZTEusbnmea - ok
16:37:24.0577 6592 ZTEusbser6k - ok
16:37:24.0577 6592 ================ Scan global ===============================
16:37:24.0687 6592 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:37:24.0749 6592 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
16:37:24.0780 6592 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
16:37:24.0811 6592 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:37:24.0874 6592 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:37:24.0889 6592 [Global] - ok
16:37:24.0905 6592 ================ Scan MBR ==================================
16:37:24.0921 6592 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:37:25.0981 6592 \Device\Harddisk0\DR0 - ok
16:37:25.0981 6592 ================ Scan VBR ==================================
16:37:25.0997 6592 [ F18730E09414FD566287B78CF740C925 ] \Device\Harddisk0\DR0\Partition1
16:37:25.0997 6592 \Device\Harddisk0\DR0\Partition1 - ok
16:37:25.0997 6592 ============================================================
16:37:25.0997 6592 Scan finished
16:37:25.0997 6592 ============================================================
16:37:26.0013 6584 Detected object count: 0
16:37:26.0013 6584 Actual detected object count: 0
16:37:41.0909 6408 Deinitialize success
Virustotal
aswMBR bohužel vždycky 'přestane pracovat' (někde kolem skenu C:\Windows\system32
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: Kontrola logu, samovolná změna data
Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upus.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE
Kód: Vybrat vše
KillAll::
Driver::
SkypeUpdate
0112931318277625mcinstcleanup
0225481318271037mcinstcleanup
X6va011
Folder::
c:\program files (x86)\Skype\Updater
Registry::
[-HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va011]
Firefox::
FF - ProfilePath - c:\users\Holi\AppData\Roaming\Mozilla\Firefox\Profiles\sji3hda5.default\
FF - prefs.js: network.proxy.gopher -
FF - prefs.js: network.proxy.gopher_port - 0
FF - prefs.js: network.proxy.type - 0
RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
RegNull::
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upus.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
-
Holi-cz
- Level 2
- Příspěvky: 157
- Registrován: říjen 10
- Bydliště: Teplice
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Kontrola logu, samovolná změna data
ComboFix
ComboFix 13-01-28.02 - Holi 29.01.2013 22:19:33.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3959.2147 [GMT 1:00]
Spuštěný z: c:\users\Holi\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\Holi\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\users\Holi\AppData\Local\Temp\_MEI15362\_ctypes.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\_elementtree.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\_hashlib.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\_socket.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\_ssl.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\pyexpat.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\pysqlite2._sqlite.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\python26.dll
c:\users\Holi\AppData\Local\Temp\_MEI15362\pythoncom26.dll
c:\users\Holi\AppData\Local\Temp\_MEI15362\PyWinTypes26.dll
c:\users\Holi\AppData\Local\Temp\_MEI15362\select.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\unicodedata.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\win32api.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\win32com.shell.shell.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\win32crypt.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\win32event.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\win32file.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\win32inet.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\win32pdh.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\win32process.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\win32profile.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\win32security.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\win32ts.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\windows._cacheinvalidation.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\wx._controls_.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\wx._core_.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\wx._gdi_.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\wx._html2.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\wx._misc_.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\wx._windows_.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\wx._wizard.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\wxbase293u_net_vc.dll
c:\users\Holi\AppData\Local\Temp\_MEI15362\wxbase293u_vc.dll
c:\users\Holi\AppData\Local\Temp\_MEI15362\wxmsw293u_adv_vc.dll
c:\users\Holi\AppData\Local\Temp\_MEI15362\wxmsw293u_core_vc.dll
c:\users\Holi\AppData\Local\Temp\_MEI15362\wxmsw293u_html_vc.dll
c:\users\Holi\AppData\Local\Temp\_MEI15362\wxmsw293u_webview_vc.dll
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_X6VA011
-------\Service_0112931318277625mcinstcleanup
-------\Service_0225481318271037mcinstcleanup
-------\Service_SkypeUpdate
-------\Service_X6va011
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-28 do 2013-01-29 )))))))))))))))))))))))))))))))
.
.
2013-01-29 21:34 . 2013-01-29 21:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-29 21:34 . 2013-01-29 21:34 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2013-01-29 19:25 . 2013-01-29 19:55 -------- d-----w- c:\users\Holi\AppData\Roaming\Rainmeter
2013-01-27 20:17 . 2013-01-27 20:17 -------- d-----w- c:\users\Holi\AppData\Roaming\Malwarebytes
2013-01-27 20:17 . 2013-01-27 20:17 -------- d-----w- c:\programdata\Malwarebytes
2013-01-27 20:17 . 2013-01-27 20:17 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-01-27 20:17 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-27 20:16 . 2013-01-27 20:16 -------- d-----w- c:\users\Holi\AppData\Local\Programs
2013-01-27 18:42 . 2013-01-27 18:42 388096 ----a-r- c:\users\Holi\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-01-27 18:41 . 2013-01-27 18:41 -------- d-----w- c:\program files (x86)\Trend Micro
2013-01-25 19:48 . 2013-01-25 19:48 -------- d-----w- c:\users\Holi\AppData\Roaming\Nokia
2013-01-25 19:06 . 2013-01-25 19:10 -------- d-----w- c:\users\Holi\WebToolsWorkspace
2013-01-17 18:01 . 2013-01-17 18:01 -------- d-----w- c:\users\Holi\AppData\Roaming\LolClient
2013-01-16 21:54 . 2013-01-29 21:42 -------- d-----w- c:\users\Holi\AppData\Local\PMB Files
2013-01-16 21:54 . 2013-01-17 20:14 -------- d-----w- c:\programdata\PMB Files
2013-01-16 21:54 . 2013-01-16 21:54 -------- d-----w- c:\program files (x86)\Pando Networks
2013-01-16 21:54 . 2013-01-16 21:54 -------- d-----w- c:\users\Holi\.swt
2013-01-16 20:46 . 2013-01-16 21:30 -------- d-----w- c:\users\Holi\AppData\Roaming\Trillian
2013-01-16 20:46 . 2013-01-18 20:23 -------- d-----w- c:\program files (x86)\Trillian
2013-01-15 19:32 . 2013-01-15 19:34 -------- d-----w- C:\Fraps
2013-01-12 23:37 . 2013-01-12 23:37 -------- d-----w- c:\program files\Intel
2013-01-12 23:35 . 2013-01-12 23:35 -------- d-----w- c:\users\Holi\AppData\Roaming\InstallShield
2013-01-12 23:34 . 2010-01-25 14:09 349776 ----a-w- c:\windows\UNINSTLMv4.EXE
2013-01-12 20:16 . 2012-11-09 04:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2013-01-12 20:16 . 2012-11-09 05:45 750592 ----a-w- c:\windows\system32\win32spl.dll
2013-01-12 20:15 . 2012-11-01 04:47 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll
2013-01-12 20:15 . 2012-11-01 04:47 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2013-01-12 20:15 . 2012-11-01 05:43 2002432 ----a-w- c:\windows\system32\msxml6.dll
2013-01-12 20:15 . 2012-11-01 05:43 1882624 ----a-w- c:\windows\system32\msxml3.dll
2013-01-12 20:15 . 2012-11-20 04:51 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2013-01-12 20:13 . 2012-12-07 13:20 441856 ----a-w- c:\windows\system32\Wpc.dll
2013-01-12 20:10 . 2012-11-30 04:45 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-12 20:08 . 2012-11-30 05:45 362496 ----a-w- c:\windows\system32\wow64win.dll
2013-01-12 20:08 . 2012-11-30 05:45 243200 ----a-w- c:\windows\system32\wow64.dll
2013-01-12 20:08 . 2012-11-30 05:45 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2013-01-12 20:08 . 2012-11-30 05:43 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2013-01-12 20:06 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe
2013-01-12 20:05 . 2012-10-30 22:51 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-01-12 20:05 . 2012-10-30 22:51 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-01-12 20:05 . 2012-10-15 16:59 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-01-12 20:05 . 2012-11-23 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys
2013-01-12 20:05 . 2012-10-30 22:51 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-01-12 20:05 . 2012-10-30 22:51 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-01-12 20:05 . 2012-10-30 22:51 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-01-12 20:05 . 2012-10-30 22:50 285328 ----a-w- c:\windows\system32\aswBoot.exe
2013-01-12 20:04 . 2012-10-30 22:50 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2013-01-08 16:59 . 2013-01-12 23:34 -------- d-----w- c:\program files (x86)\Launch Manager
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-12 20:36 . 2012-04-21 22:24 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-12 20:36 . 2011-12-28 02:26 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-12 19:39 . 2012-03-04 22:50 67599240 ----a-w- c:\windows\system32\MRT.exe
2012-12-27 11:28 . 2012-12-27 11:28 53248 ----a-r- c:\users\Holi\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2012-12-27 11:27 . 2012-12-27 11:27 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2012-12-26 23:00 . 2012-12-26 23:00 270240 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-12-26 23:00 . 2012-02-15 21:12 270240 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-12-26 22:53 . 2012-02-15 21:12 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-12-26 22:53 . 2012-02-15 21:12 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-12-16 17:11 . 2012-12-23 20:46 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-23 20:46 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-23 20:46 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-23 20:46 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-14 17:13 . 2012-10-03 15:46 1060832 ----a-w- c:\programdata\Microsoft\WDExpress\11.0\1033\ResourceCache.dll
2012-12-14 17:12 . 2012-10-03 16:03 1085024 ----a-w- c:\programdata\Microsoft\WDExpress\11.0\1029\ResourceCache.dll
2012-11-30 04:45 . 2013-01-12 20:10 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-21 14:10 . 2011-11-07 19:53 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-11-21 14:10 . 2011-11-25 22:32 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-11-14 07:06 . 2012-12-14 17:03 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-14 17:03 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-14 17:03 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-14 17:03 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-14 17:03 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-14 17:03 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-14 17:03 237056 ----a-w- c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-14 17:03 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-14 17:03 816640 ----a-w- c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-14 17:03 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-14 17:03 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-14 17:03 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-14 17:03 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-14 17:03 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-14 17:03 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-14 17:03 248320 ----a-w- c:\windows\system32\ieui.dll
2012-11-14 02:09 . 2012-12-14 17:03 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-14 17:03 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-14 17:03 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-14 17:03 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-14 17:03 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-14 17:03 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-09 05:45 . 2012-12-13 02:09 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-13 02:09 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-08 10:29 . 2012-11-08 10:29 1402312 ----a-w- c:\windows\SysWow64\msxml4.dll
2012-11-05 21:26 . 2012-11-05 21:26 849360 ----a-w- c:\windows\system32\msvcr110.dll
2012-11-05 21:26 . 2012-11-05 21:26 74704 ----a-w- c:\windows\system32\mfc110fra.dll
2012-11-05 21:26 . 2012-11-05 21:26 74704 ----a-w- c:\windows\system32\mfc110deu.dll
2012-11-05 21:26 . 2012-11-05 21:26 73680 ----a-w- c:\windows\system32\mfc110esn.dll
2012-11-05 21:26 . 2012-11-05 21:26 72656 ----a-w- c:\windows\system32\mfc110ita.dll
2012-11-05 21:26 . 2012-11-05 21:26 70608 ----a-w- c:\windows\system32\mfc110rus.dll
2012-11-05 21:26 . 2012-11-05 21:26 661456 ----a-w- c:\windows\system32\msvcp110.dll
2012-11-05 21:26 . 2012-11-05 21:26 64976 ----a-w- c:\windows\system32\mfc110enu.dll
2012-11-05 21:26 . 2012-11-05 21:26 5620192 ----a-w- c:\windows\system32\mfc110u.dll
2012-11-05 21:26 . 2012-11-05 21:26 5592520 ----a-w- c:\windows\system32\mfc110.dll
2012-11-05 21:26 . 2012-11-05 21:26 53712 ----a-w- c:\windows\system32\mfc110jpn.dll
2012-11-05 21:26 . 2012-11-05 21:26 53200 ----a-w- c:\windows\system32\mfc110kor.dll
2012-11-05 21:26 . 2012-11-05 21:26 46032 ----a-w- c:\windows\system32\mfc110cht.dll
2012-11-05 21:26 . 2012-11-05 21:26 46032 ----a-w- c:\windows\system32\mfc110chs.dll
2012-11-05 21:26 . 2012-11-05 21:26 385488 ----a-w- c:\windows\system32\vcamp110.dll
2012-11-05 21:26 . 2012-11-05 21:26 354264 ----a-w- c:\windows\system32\vccorlib110.dll
2012-11-05 21:26 . 2012-11-05 21:26 200136 ----a-w- c:\windows\system32\atl110.dll
2012-11-05 21:26 . 2012-11-05 21:26 138208 ----a-w- c:\windows\system32\vcomp110.dll
2012-11-05 21:26 . 2012-11-05 21:26 104400 ----a-w- c:\windows\system32\mfcm110u.dll
2012-11-05 21:26 . 2012-11-05 21:26 104392 ----a-w- c:\windows\system32\mfcm110.dll
2012-11-02 05:59 . 2012-12-13 02:08 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 05:11 . 2012-12-13 02:08 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-02-17 221184]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2012-12-17 16328976]
"Lucidita"="c:\users\Holi\Desktop\Programy\lucidita\Lucidita.exe" [2009-09-01 419840]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2013-01-16 3093624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-27 98304]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-17 81920]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-06-22 968272]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
"HideFastUserSwitching"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"GreyMSIAds"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [2006-07-05 77688]
R2 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [2011-09-10 18432]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
R2 XAMPP;XAMPP Service;c:\xampp\service.exe [2007-12-21 60928]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys [2012-09-18 78648]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys [2012-09-18 15160]
R3 massfilter;Mass Storage Filter Driver; [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [2012-01-09 171008]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [2010-06-17 246376]
R3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys [2009-12-01 38992]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352]
R3 uxkx164;ASUS MyCinema DiBcom based digital tuner device;c:\windows\system32\DRIVERS\uxkx164.sys [2008-10-28 694272]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-12-19 146736]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-10-11 1255736]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys [2012-05-13 133728]
S0 vidsflt61;Acronis Disk Storage Filter (61);c:\windows\system32\DRIVERS\vsflt61.sys [2012-05-13 142944]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-01-06 279616]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-27 203264]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-06-22 321104]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-06-11 868896]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-28 255744]
S2 ShowAnalyzerMaster;ShowAnalyzerMaster;c:\program files (x86)\Dragon Global\ShowAnalyzerSuite\ShowAnalyzerMaster.exe [2010-06-05 2136576]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2009-11-02 13784]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-04-13 135560]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2010-05-15 384040]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-21 20:36]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552]
"ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-06-11 861216]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2012-11-04 2419512]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\SYSTEM32\blank.htm
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: WikiKomentáře Google... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Holi\AppData\Roaming\Mozilla\Firefox\Profiles\sji3hda5.default\
FF - ExtSQL: 2012-12-17 23:43; {9c51bd27-6ed8-4000-a2bf-36cb95c0c947}; c:\users\Holi\AppData\Roaming\Mozilla\Firefox\Profiles\sji3hda5.default\extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi
FF - ExtSQL: 2012-12-27 12:26; {F003DA68-8256-4b37-A6C4-350FA04494DF}; c:\program files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF - ExtSQL: 2013-01-03 23:05; client@anonymox.net; c:\users\Holi\AppData\Roaming\Mozilla\Firefox\Profiles\sji3hda5.default\extensions\client@anonymox.net.xpi
FF - ExtSQL: 2013-01-11 16:44; {8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}; c:\users\Holi\AppData\Roaming\Mozilla\Firefox\Profiles\sji3hda5.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
AddRemove-Sweetpacks Bundle Uninstaller - c:\program files (x86)\sweetpacks bundle uninstaller\uninstaller.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1937654973-51059477-1887806541-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\xampp\FileZillaFTP\FileZillaServer.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\xampp\mysql\bin\mysqld.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\users\Holi\AppData\Local\Google\Update\GoogleUpdate.exe
c:\users\Holi\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe
c:\users\Holi\AppData\Local\Facebook\Update\FacebookUpdate.exe
.
**************************************************************************
.
Celkový čas: 2013-01-29 22:57:43 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-01-29 21:57
ComboFix2.txt 2013-01-28 16:25
.
Před spuštěním: Volných bajtů: 160 819 617 792
Po spuštění: Volných bajtů: 160 253 513 728
.
- - End Of File - - 7689950720A72905327620C3A732343C
ComboFix 13-01-28.02 - Holi 29.01.2013 22:19:33.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3959.2147 [GMT 1:00]
Spuštěný z: c:\users\Holi\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\Holi\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\users\Holi\AppData\Local\Temp\_MEI15362\_ctypes.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\_elementtree.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\_hashlib.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\_socket.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\_ssl.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\pyexpat.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\pysqlite2._sqlite.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\python26.dll
c:\users\Holi\AppData\Local\Temp\_MEI15362\pythoncom26.dll
c:\users\Holi\AppData\Local\Temp\_MEI15362\PyWinTypes26.dll
c:\users\Holi\AppData\Local\Temp\_MEI15362\select.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\unicodedata.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\win32api.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\win32com.shell.shell.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\win32crypt.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\win32event.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\win32file.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\win32inet.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\win32pdh.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\win32process.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\win32profile.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\win32security.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\win32ts.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\windows._cacheinvalidation.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\wx._controls_.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\wx._core_.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\wx._gdi_.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\wx._html2.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\wx._misc_.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\wx._windows_.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\wx._wizard.pyd
c:\users\Holi\AppData\Local\Temp\_MEI15362\wxbase293u_net_vc.dll
c:\users\Holi\AppData\Local\Temp\_MEI15362\wxbase293u_vc.dll
c:\users\Holi\AppData\Local\Temp\_MEI15362\wxmsw293u_adv_vc.dll
c:\users\Holi\AppData\Local\Temp\_MEI15362\wxmsw293u_core_vc.dll
c:\users\Holi\AppData\Local\Temp\_MEI15362\wxmsw293u_html_vc.dll
c:\users\Holi\AppData\Local\Temp\_MEI15362\wxmsw293u_webview_vc.dll
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_X6VA011
-------\Service_0112931318277625mcinstcleanup
-------\Service_0225481318271037mcinstcleanup
-------\Service_SkypeUpdate
-------\Service_X6va011
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-28 do 2013-01-29 )))))))))))))))))))))))))))))))
.
.
2013-01-29 21:34 . 2013-01-29 21:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-29 21:34 . 2013-01-29 21:34 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2013-01-29 19:25 . 2013-01-29 19:55 -------- d-----w- c:\users\Holi\AppData\Roaming\Rainmeter
2013-01-27 20:17 . 2013-01-27 20:17 -------- d-----w- c:\users\Holi\AppData\Roaming\Malwarebytes
2013-01-27 20:17 . 2013-01-27 20:17 -------- d-----w- c:\programdata\Malwarebytes
2013-01-27 20:17 . 2013-01-27 20:17 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-01-27 20:17 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-27 20:16 . 2013-01-27 20:16 -------- d-----w- c:\users\Holi\AppData\Local\Programs
2013-01-27 18:42 . 2013-01-27 18:42 388096 ----a-r- c:\users\Holi\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-01-27 18:41 . 2013-01-27 18:41 -------- d-----w- c:\program files (x86)\Trend Micro
2013-01-25 19:48 . 2013-01-25 19:48 -------- d-----w- c:\users\Holi\AppData\Roaming\Nokia
2013-01-25 19:06 . 2013-01-25 19:10 -------- d-----w- c:\users\Holi\WebToolsWorkspace
2013-01-17 18:01 . 2013-01-17 18:01 -------- d-----w- c:\users\Holi\AppData\Roaming\LolClient
2013-01-16 21:54 . 2013-01-29 21:42 -------- d-----w- c:\users\Holi\AppData\Local\PMB Files
2013-01-16 21:54 . 2013-01-17 20:14 -------- d-----w- c:\programdata\PMB Files
2013-01-16 21:54 . 2013-01-16 21:54 -------- d-----w- c:\program files (x86)\Pando Networks
2013-01-16 21:54 . 2013-01-16 21:54 -------- d-----w- c:\users\Holi\.swt
2013-01-16 20:46 . 2013-01-16 21:30 -------- d-----w- c:\users\Holi\AppData\Roaming\Trillian
2013-01-16 20:46 . 2013-01-18 20:23 -------- d-----w- c:\program files (x86)\Trillian
2013-01-15 19:32 . 2013-01-15 19:34 -------- d-----w- C:\Fraps
2013-01-12 23:37 . 2013-01-12 23:37 -------- d-----w- c:\program files\Intel
2013-01-12 23:35 . 2013-01-12 23:35 -------- d-----w- c:\users\Holi\AppData\Roaming\InstallShield
2013-01-12 23:34 . 2010-01-25 14:09 349776 ----a-w- c:\windows\UNINSTLMv4.EXE
2013-01-12 20:16 . 2012-11-09 04:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2013-01-12 20:16 . 2012-11-09 05:45 750592 ----a-w- c:\windows\system32\win32spl.dll
2013-01-12 20:15 . 2012-11-01 04:47 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll
2013-01-12 20:15 . 2012-11-01 04:47 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2013-01-12 20:15 . 2012-11-01 05:43 2002432 ----a-w- c:\windows\system32\msxml6.dll
2013-01-12 20:15 . 2012-11-01 05:43 1882624 ----a-w- c:\windows\system32\msxml3.dll
2013-01-12 20:15 . 2012-11-20 04:51 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2013-01-12 20:13 . 2012-12-07 13:20 441856 ----a-w- c:\windows\system32\Wpc.dll
2013-01-12 20:10 . 2012-11-30 04:45 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-12 20:08 . 2012-11-30 05:45 362496 ----a-w- c:\windows\system32\wow64win.dll
2013-01-12 20:08 . 2012-11-30 05:45 243200 ----a-w- c:\windows\system32\wow64.dll
2013-01-12 20:08 . 2012-11-30 05:45 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2013-01-12 20:08 . 2012-11-30 05:43 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2013-01-12 20:06 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe
2013-01-12 20:05 . 2012-10-30 22:51 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-01-12 20:05 . 2012-10-30 22:51 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-01-12 20:05 . 2012-10-15 16:59 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-01-12 20:05 . 2012-11-23 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys
2013-01-12 20:05 . 2012-10-30 22:51 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-01-12 20:05 . 2012-10-30 22:51 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-01-12 20:05 . 2012-10-30 22:51 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-01-12 20:05 . 2012-10-30 22:50 285328 ----a-w- c:\windows\system32\aswBoot.exe
2013-01-12 20:04 . 2012-10-30 22:50 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2013-01-08 16:59 . 2013-01-12 23:34 -------- d-----w- c:\program files (x86)\Launch Manager
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-12 20:36 . 2012-04-21 22:24 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-12 20:36 . 2011-12-28 02:26 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-12 19:39 . 2012-03-04 22:50 67599240 ----a-w- c:\windows\system32\MRT.exe
2012-12-27 11:28 . 2012-12-27 11:28 53248 ----a-r- c:\users\Holi\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2012-12-27 11:27 . 2012-12-27 11:27 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2012-12-26 23:00 . 2012-12-26 23:00 270240 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-12-26 23:00 . 2012-02-15 21:12 270240 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-12-26 22:53 . 2012-02-15 21:12 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-12-26 22:53 . 2012-02-15 21:12 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-12-16 17:11 . 2012-12-23 20:46 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-23 20:46 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-23 20:46 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-23 20:46 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-14 17:13 . 2012-10-03 15:46 1060832 ----a-w- c:\programdata\Microsoft\WDExpress\11.0\1033\ResourceCache.dll
2012-12-14 17:12 . 2012-10-03 16:03 1085024 ----a-w- c:\programdata\Microsoft\WDExpress\11.0\1029\ResourceCache.dll
2012-11-30 04:45 . 2013-01-12 20:10 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-21 14:10 . 2011-11-07 19:53 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2012-11-21 14:10 . 2011-11-25 22:32 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-11-14 07:06 . 2012-12-14 17:03 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-14 17:03 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-14 17:03 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-14 17:03 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-14 17:03 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-14 17:03 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-14 17:03 237056 ----a-w- c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-14 17:03 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-14 17:03 816640 ----a-w- c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-14 17:03 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-14 17:03 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-14 17:03 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-14 17:03 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-14 17:03 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-14 17:03 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-14 17:03 248320 ----a-w- c:\windows\system32\ieui.dll
2012-11-14 02:09 . 2012-12-14 17:03 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-14 17:03 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-14 17:03 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-14 17:03 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-14 17:03 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-14 17:03 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-09 05:45 . 2012-12-13 02:09 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-13 02:09 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-08 10:29 . 2012-11-08 10:29 1402312 ----a-w- c:\windows\SysWow64\msxml4.dll
2012-11-05 21:26 . 2012-11-05 21:26 849360 ----a-w- c:\windows\system32\msvcr110.dll
2012-11-05 21:26 . 2012-11-05 21:26 74704 ----a-w- c:\windows\system32\mfc110fra.dll
2012-11-05 21:26 . 2012-11-05 21:26 74704 ----a-w- c:\windows\system32\mfc110deu.dll
2012-11-05 21:26 . 2012-11-05 21:26 73680 ----a-w- c:\windows\system32\mfc110esn.dll
2012-11-05 21:26 . 2012-11-05 21:26 72656 ----a-w- c:\windows\system32\mfc110ita.dll
2012-11-05 21:26 . 2012-11-05 21:26 70608 ----a-w- c:\windows\system32\mfc110rus.dll
2012-11-05 21:26 . 2012-11-05 21:26 661456 ----a-w- c:\windows\system32\msvcp110.dll
2012-11-05 21:26 . 2012-11-05 21:26 64976 ----a-w- c:\windows\system32\mfc110enu.dll
2012-11-05 21:26 . 2012-11-05 21:26 5620192 ----a-w- c:\windows\system32\mfc110u.dll
2012-11-05 21:26 . 2012-11-05 21:26 5592520 ----a-w- c:\windows\system32\mfc110.dll
2012-11-05 21:26 . 2012-11-05 21:26 53712 ----a-w- c:\windows\system32\mfc110jpn.dll
2012-11-05 21:26 . 2012-11-05 21:26 53200 ----a-w- c:\windows\system32\mfc110kor.dll
2012-11-05 21:26 . 2012-11-05 21:26 46032 ----a-w- c:\windows\system32\mfc110cht.dll
2012-11-05 21:26 . 2012-11-05 21:26 46032 ----a-w- c:\windows\system32\mfc110chs.dll
2012-11-05 21:26 . 2012-11-05 21:26 385488 ----a-w- c:\windows\system32\vcamp110.dll
2012-11-05 21:26 . 2012-11-05 21:26 354264 ----a-w- c:\windows\system32\vccorlib110.dll
2012-11-05 21:26 . 2012-11-05 21:26 200136 ----a-w- c:\windows\system32\atl110.dll
2012-11-05 21:26 . 2012-11-05 21:26 138208 ----a-w- c:\windows\system32\vcomp110.dll
2012-11-05 21:26 . 2012-11-05 21:26 104400 ----a-w- c:\windows\system32\mfcm110u.dll
2012-11-05 21:26 . 2012-11-05 21:26 104392 ----a-w- c:\windows\system32\mfcm110.dll
2012-11-02 05:59 . 2012-12-13 02:08 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 05:11 . 2012-12-13 02:08 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-02-17 221184]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2012-12-17 16328976]
"Lucidita"="c:\users\Holi\Desktop\Programy\lucidita\Lucidita.exe" [2009-09-01 419840]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2013-01-16 3093624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-05-27 98304]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-17 81920]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-06-22 968272]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
"HideFastUserSwitching"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"GreyMSIAds"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\system32\drivers\sfdrv01a.sys [2006-07-05 77688]
R2 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [2011-09-10 18432]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
R2 XAMPP;XAMPP Service;c:\xampp\service.exe [2007-12-21 60928]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys [2012-09-18 78648]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys [2012-09-18 15160]
R3 massfilter;Mass Storage Filter Driver; [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [2012-01-09 171008]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys [2010-06-17 246376]
R3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys [2009-12-01 38992]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352]
R3 uxkx164;ASUS MyCinema DiBcom based digital tuner device;c:\windows\system32\DRIVERS\uxkx164.sys [2008-10-28 694272]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-12-19 146736]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service; [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-10-11 1255736]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys [2012-05-13 133728]
S0 vidsflt61;Acronis Disk Storage Filter (61);c:\windows\system32\DRIVERS\vsflt61.sys [2012-05-13 142944]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-01-06 279616]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-05-27 203264]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-06-22 321104]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-06-11 868896]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-04-13 13336]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-28 255744]
S2 ShowAnalyzerMaster;ShowAnalyzerMaster;c:\program files (x86)\Dragon Global\ShowAnalyzerSuite\ShowAnalyzerMaster.exe [2010-06-05 2136576]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2009-11-02 13784]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-03-18 2320920]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-04-13 135560]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2010-05-15 384040]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-21 20:36]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-12-17 18:50 755816 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552]
"ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-06-11 861216]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2012-11-04 2419512]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\SYSTEM32\blank.htm
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: WikiKomentáře Google... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Holi\AppData\Roaming\Mozilla\Firefox\Profiles\sji3hda5.default\
FF - ExtSQL: 2012-12-17 23:43; {9c51bd27-6ed8-4000-a2bf-36cb95c0c947}; c:\users\Holi\AppData\Roaming\Mozilla\Firefox\Profiles\sji3hda5.default\extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi
FF - ExtSQL: 2012-12-27 12:26; {F003DA68-8256-4b37-A6C4-350FA04494DF}; c:\program files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF - ExtSQL: 2013-01-03 23:05; client@anonymox.net; c:\users\Holi\AppData\Roaming\Mozilla\Firefox\Profiles\sji3hda5.default\extensions\client@anonymox.net.xpi
FF - ExtSQL: 2013-01-11 16:44; {8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}; c:\users\Holi\AppData\Roaming\Mozilla\Firefox\Profiles\sji3hda5.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
AddRemove-Sweetpacks Bundle Uninstaller - c:\program files (x86)\sweetpacks bundle uninstaller\uninstaller.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1937654973-51059477-1887806541-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\xampp\FileZillaFTP\FileZillaServer.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\xampp\mysql\bin\mysqld.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\users\Holi\AppData\Local\Google\Update\GoogleUpdate.exe
c:\users\Holi\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe
c:\users\Holi\AppData\Local\Facebook\Update\FacebookUpdate.exe
.
**************************************************************************
.
Celkový čas: 2013-01-29 22:57:43 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-01-29 21:57
ComboFix2.txt 2013-01-28 16:25
.
Před spuštěním: Volných bajtů: 160 819 617 792
Po spuštění: Volných bajtů: 160 253 513 728
.
- - End Of File - - 7689950720A72905327620C3A732343C
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 106 hostů