Prosím o kontrolu logu - PC nenaběhl - růžová obrazovka Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Zamčeno
Karel.P
nováček
Příspěvky: 11
Registrován: leden 13
Pohlaví: Muž
Stav:
Offline

Prosím o kontrolu logu - PC nenaběhl - růžová obrazovka  Vyřešeno

Příspěvekod Karel.P » 30 led 2013 16:48

Dobré odpoledne. Spustil jsem mámy netbook PackardBell dot sc2 s Windows 7 HP 32 bit, normálně nabíhal až k obrazovce Vítejte s tím běhacím kolečkem. Potom se zobrazila růžová obrazovka a kurzor myši (s ním šlo hýbat). Dál nic, konec. Vypnout to šlo jen pomocí napájecího tlačítka. Po dalším zapnutí stejné. Tak jsem najel do nouzového režimu, ten najel OK, tak jsem spustil ESET Online scanner a našel tam jednu Win32/OpenCandy aplikaci (a odstranil ji). Potom jsem udělal HJT test a MBAM (logy níže) a PC restartoval a už to bylo dobré. Ale stejně bych prosil, jestli byste na to někdo nemohl kouknout, jestli je to již v pořádku nebo ještě ne. Děkuji.

P.S.: ta obrazovka byla růžová, protože je tak zbarvený motiv pracovního prostředí, ve výchozím by to bylo asi modré...

ESET karanténa log
► Zobrazit spoiler


MBAM log
► Zobrazit spoiler
Nahoru
Reklama
Top
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - PC nenaběhl - růžová obrazovka

Příspěvekod jaro3 » 30 led 2013 18:52

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')


Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.


Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Karel.P
nováček
Příspěvky: 11
Registrován: leden 13
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - PC nenaběhl - růžová obrazovka

Příspěvekod Karel.P » 30 led 2013 21:56

Zde je ten log:

# AdwCleaner v2.109 - Logfile created 01/30/2013 at 21:52:30
# Updated 26/01/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : Šárka - MAMINKY-NTB
# Boot Mode : Normal
# Running from : C:\Users\Šárka\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Users\Šárka\AppData\Roaming\pdfforge

***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Opera v12.2.1578.0

File : C:\Users\Šárka\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [691 octets] - [30/01/2013 21:52:30]

########## EOF - C:\AdwCleaner[R1].txt - [750 octets] ##########
Nahoru
Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - PC nenaběhl - růžová obrazovka

Příspěvekod memphisto » 30 led 2013 22:03

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Nahoru
Karel.P
nováček
Příspěvky: 11
Registrován: leden 13
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - PC nenaběhl - růžová obrazovka

Příspěvekod Karel.P » 31 led 2013 09:46

Tak zde je log z TDSS:

22:54:03.0791 4092 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
22:54:03.0979 4092 ============================================================
22:54:03.0979 4092 Current date / time: 2013/01/30 22:54:03.0979
22:54:03.0979 4092 SystemInfo:
22:54:03.0979 4092
22:54:03.0979 4092 OS Version: 6.1.7601 ServicePack: 1.0
22:54:03.0979 4092 Product type: Workstation
22:54:03.0979 4092 ComputerName: MAMINKY-NTB
22:54:03.0979 4092 UserName: Šárka
22:54:03.0979 4092 Windows directory: C:\Windows
22:54:03.0979 4092 System windows directory: C:\Windows
22:54:03.0979 4092 Processor architecture: Intel x86
22:54:03.0979 4092 Number of processors: 4
22:54:03.0979 4092 Page size: 0x1000
22:54:03.0979 4092 Boot type: Normal boot
22:54:03.0979 4092 ============================================================
22:54:08.0362 4092 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:54:08.0393 4092 Drive \Device\Harddisk1\DR1 - Size: 0xEF000000 (3.73 Gb), SectorSize: 0x200, Cylinders: 0x1E7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:54:08.0393 4092 ============================================================
22:54:08.0393 4092 \Device\Harddisk0\DR0:
22:54:08.0393 4092 MBR partitions:
22:54:08.0393 4092 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:54:08.0393 4092 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC31E000
22:54:08.0393 4092 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC350800, BlocksNum 0x190DD800
22:54:08.0393 4092 \Device\Harddisk1\DR1:
22:54:08.0409 4092 MBR partitions:
22:54:08.0409 4092 ============================================================
22:54:08.0471 4092 C: <-> \Device\Harddisk0\DR0\Partition2
22:54:08.0518 4092 D: <-> \Device\Harddisk0\DR0\Partition3
22:54:08.0518 4092 ============================================================
22:54:08.0534 4092 Initialize success
22:54:08.0534 4092 ============================================================
22:54:30.0389 2684 ============================================================
22:54:30.0389 2684 Scan started
22:54:30.0389 2684 Mode: Manual; SigCheck; TDLFS;
22:54:30.0389 2684 ============================================================
22:54:32.0620 2684 ================ Scan system memory ========================
22:54:32.0620 2684 System memory - ok
22:54:32.0620 2684 ================ Scan services =============================
22:54:32.0885 2684 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
22:54:33.0353 2684 1394ohci - ok
22:54:33.0416 2684 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:54:33.0509 2684 ACPI - ok
22:54:33.0587 2684 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
22:54:33.0697 2684 AcpiPmi - ok
22:54:33.0821 2684 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:54:33.0915 2684 AdobeARMservice - ok
22:54:33.0993 2684 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:54:34.0087 2684 AdobeFlashPlayerUpdateSvc - ok
22:54:34.0165 2684 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:54:34.0289 2684 adp94xx - ok
22:54:34.0352 2684 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:54:34.0477 2684 adpahci - ok
22:54:34.0523 2684 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:54:34.0601 2684 adpu320 - ok
22:54:34.0664 2684 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:54:34.0851 2684 AeLookupSvc - ok
22:54:34.0929 2684 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
22:54:35.0069 2684 AFD - ok
22:54:35.0116 2684 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
22:54:35.0194 2684 agp440 - ok
22:54:35.0241 2684 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
22:54:35.0319 2684 aic78xx - ok
22:54:35.0397 2684 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
22:54:35.0491 2684 ALG - ok
22:54:35.0522 2684 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
22:54:35.0600 2684 aliide - ok
22:54:35.0631 2684 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
22:54:35.0709 2684 amdagp - ok
22:54:35.0740 2684 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
22:54:35.0818 2684 amdide - ok
22:54:35.0849 2684 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
22:54:35.0959 2684 AmdK8 - ok
22:54:35.0990 2684 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
22:54:36.0115 2684 AmdPPM - ok
22:54:36.0146 2684 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:54:36.0224 2684 amdsata - ok
22:54:36.0255 2684 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
22:54:36.0317 2684 amdsbs - ok
22:54:36.0349 2684 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:54:36.0395 2684 amdxata - ok
22:54:36.0442 2684 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
22:54:36.0567 2684 AppID - ok
22:54:36.0614 2684 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:54:36.0754 2684 AppIDSvc - ok
22:54:36.0785 2684 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
22:54:36.0910 2684 Appinfo - ok
22:54:36.0926 2684 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
22:54:36.0988 2684 arc - ok
22:54:37.0004 2684 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:54:37.0051 2684 arcsas - ok
22:54:37.0113 2684 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
22:54:37.0175 2684 aswFsBlk - ok
22:54:37.0207 2684 [ 62F9DCEC95F91B8E0203E85D344A7E65 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
22:54:37.0285 2684 aswMonFlt - ok
22:54:37.0316 2684 [ 81F638A2DD94ABBF0B43880AB38D8DBD ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
22:54:37.0378 2684 aswRdr - ok
22:54:37.0425 2684 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
22:54:37.0550 2684 aswSnx - ok
22:54:37.0581 2684 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\Windows\system32\drivers\aswSP.sys
22:54:37.0675 2684 aswSP - ok
22:54:37.0706 2684 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
22:54:37.0768 2684 aswTdi - ok
22:54:37.0784 2684 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:54:37.0955 2684 AsyncMac - ok
22:54:38.0002 2684 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
22:54:38.0065 2684 atapi - ok
22:54:38.0143 2684 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:54:38.0345 2684 AudioEndpointBuilder - ok
22:54:38.0392 2684 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
22:54:38.0564 2684 Audiosrv - ok
22:54:38.0642 2684 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
22:54:38.0704 2684 avast! Antivirus - ok
22:54:38.0751 2684 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:54:38.0891 2684 AxInstSV - ok
22:54:38.0938 2684 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
22:54:39.0079 2684 b06bdrv - ok
22:54:39.0110 2684 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
22:54:39.0235 2684 b57nd60x - ok
22:54:39.0313 2684 [ A404CD57E374AEEAE2A2661763B0D1AB ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
22:54:39.0375 2684 BCM42RLY - ok
22:54:39.0578 2684 [ FC2698F7F72D72B98F0A029E1526AD20 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl6.sys
22:54:39.0937 2684 BCM43XX - ok
22:54:40.0015 2684 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
22:54:40.0139 2684 BDESVC - ok
22:54:40.0186 2684 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
22:54:40.0358 2684 Beep - ok
22:54:40.0420 2684 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
22:54:40.0623 2684 BFE - ok
22:54:40.0685 2684 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
22:54:40.0888 2684 BITS - ok
22:54:40.0919 2684 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:54:41.0029 2684 blbdrive - ok
22:54:41.0091 2684 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:54:41.0185 2684 bowser - ok
22:54:41.0216 2684 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
22:54:41.0309 2684 BrFiltLo - ok
22:54:41.0341 2684 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
22:54:41.0450 2684 BrFiltUp - ok
22:54:41.0512 2684 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
22:54:41.0606 2684 Browser - ok
22:54:41.0653 2684 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:54:41.0762 2684 Brserid - ok
22:54:41.0793 2684 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:54:41.0902 2684 BrSerWdm - ok
22:54:41.0918 2684 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:54:42.0027 2684 BrUsbMdm - ok
22:54:42.0058 2684 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:54:42.0167 2684 BrUsbSer - ok
22:54:42.0183 2684 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
22:54:42.0277 2684 BTHMODEM - ok
22:54:42.0339 2684 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
22:54:42.0526 2684 bthserv - ok
22:54:42.0573 2684 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:54:42.0729 2684 cdfs - ok
22:54:42.0776 2684 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:54:42.0869 2684 cdrom - ok
22:54:42.0916 2684 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
22:54:43.0088 2684 CertPropSvc - ok
22:54:43.0103 2684 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
22:54:43.0197 2684 circlass - ok
22:54:43.0244 2684 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
22:54:43.0337 2684 CLFS - ok
22:54:43.0431 2684 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:54:43.0509 2684 clr_optimization_v2.0.50727_32 - ok
22:54:43.0649 2684 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:54:43.0790 2684 clr_optimization_v4.0.30319_32 - ok
22:54:43.0821 2684 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:54:43.0915 2684 CmBatt - ok
22:54:43.0946 2684 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:54:44.0024 2684 cmdide - ok
22:54:44.0102 2684 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
22:54:44.0242 2684 CNG - ok
22:54:44.0289 2684 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:54:44.0367 2684 Compbatt - ok
22:54:44.0398 2684 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
22:54:44.0492 2684 CompositeBus - ok
22:54:44.0523 2684 COMSysApp - ok
22:54:44.0570 2684 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
22:54:44.0648 2684 crcdisk - ok
22:54:44.0726 2684 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:54:44.0851 2684 CryptSvc - ok
22:54:44.0929 2684 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
22:54:45.0131 2684 DcomLaunch - ok
22:54:45.0194 2684 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
22:54:45.0350 2684 defragsvc - ok
22:54:45.0381 2684 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:54:45.0537 2684 DfsC - ok
22:54:45.0584 2684 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
22:54:45.0693 2684 Dhcp - ok
22:54:45.0755 2684 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
22:54:45.0927 2684 discache - ok
22:54:45.0974 2684 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
22:54:46.0036 2684 Disk - ok
22:54:46.0099 2684 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:54:46.0223 2684 Dnscache - ok
22:54:46.0255 2684 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
22:54:46.0442 2684 dot3svc - ok
22:54:46.0473 2684 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
22:54:46.0645 2684 DPS - ok
22:54:46.0691 2684 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:54:46.0801 2684 drmkaud - ok
22:54:46.0863 2684 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:54:46.0988 2684 DXGKrnl - ok
22:54:47.0019 2684 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
22:54:47.0222 2684 EapHost - ok
22:54:47.0362 2684 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
22:54:47.0627 2684 ebdrv - ok
22:54:47.0690 2684 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
22:54:47.0783 2684 EFS - ok
22:54:47.0877 2684 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:54:47.0971 2684 ehRecvr - ok
22:54:47.0986 2684 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
22:54:48.0080 2684 ehSched - ok
22:54:48.0111 2684 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
22:54:48.0220 2684 elxstor - ok
22:54:48.0251 2684 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:54:48.0345 2684 ErrDev - ok
22:54:48.0439 2684 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
22:54:48.0641 2684 EventSystem - ok
22:54:48.0673 2684 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
22:54:48.0829 2684 exfat - ok
22:54:48.0875 2684 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:54:49.0031 2684 fastfat - ok
22:54:49.0063 2684 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
22:54:49.0187 2684 Fax - ok
22:54:49.0203 2684 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\drivers\fdc.sys
22:54:49.0265 2684 fdc - ok
22:54:49.0297 2684 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
22:54:49.0453 2684 fdPHost - ok
22:54:49.0484 2684 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
22:54:49.0609 2684 FDResPub - ok
22:54:49.0640 2684 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:54:49.0718 2684 FileInfo - ok
22:54:49.0749 2684 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:54:49.0921 2684 Filetrace - ok
22:54:49.0936 2684 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
22:54:50.0030 2684 flpydisk - ok
22:54:50.0077 2684 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:54:50.0186 2684 FltMgr - ok
22:54:50.0279 2684 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
22:54:50.0404 2684 FontCache - ok
22:54:50.0498 2684 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:54:50.0560 2684 FontCache3.0.0.0 - ok
22:54:50.0576 2684 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:54:50.0669 2684 FsDepends - ok
22:54:50.0701 2684 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:54:50.0763 2684 Fs_Rec - ok
22:54:50.0841 2684 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:54:50.0950 2684 fvevol - ok
22:54:51.0013 2684 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:54:51.0091 2684 gagp30kx - ok
22:54:51.0137 2684 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
22:54:51.0356 2684 gpsvc - ok
22:54:51.0387 2684 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:54:51.0481 2684 hcw85cir - ok
22:54:51.0543 2684 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:54:51.0683 2684 HdAudAddService - ok
22:54:51.0730 2684 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:54:51.0824 2684 HDAudBus - ok
22:54:51.0839 2684 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
22:54:51.0949 2684 HidBatt - ok
22:54:51.0995 2684 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\drivers\hidbth.sys
22:54:52.0105 2684 HidBth - ok
22:54:52.0120 2684 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
22:54:52.0229 2684 HidIr - ok
22:54:52.0261 2684 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
22:54:52.0448 2684 hidserv - ok
22:54:52.0495 2684 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:54:52.0604 2684 HidUsb - ok
22:54:52.0666 2684 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:54:52.0822 2684 hkmsvc - ok
22:54:52.0853 2684 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:54:53.0009 2684 HomeGroupListener - ok
22:54:53.0087 2684 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:54:53.0228 2684 HomeGroupProvider - ok
22:54:53.0259 2684 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:54:53.0337 2684 HpSAMD - ok
22:54:53.0384 2684 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:54:53.0571 2684 HTTP - ok
22:54:53.0602 2684 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:54:53.0680 2684 hwpolicy - ok
22:54:53.0727 2684 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
22:54:53.0821 2684 i8042prt - ok
22:54:53.0914 2684 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:54:54.0023 2684 iaStorV - ok
22:54:54.0148 2684 [ 0DFFBA5AE3D2E1C076BD8E6F52C4FDFB ] IconMan_R C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
22:54:54.0320 2684 IconMan_R ( UnsignedFile.Multi.Generic ) - warning
22:54:54.0320 2684 IconMan_R - detected UnsignedFile.Multi.Generic (1)
22:54:54.0413 2684 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:54:54.0569 2684 idsvc - ok
22:54:54.0647 2684 [ D5FEAFDF6570EA036D0D55F631B2F46B ] igddim32 C:\Windows\system32\DRIVERS\igddim32.sys
22:54:54.0772 2684 igddim32 ( UnsignedFile.Multi.Generic ) - warning
22:54:54.0772 2684 igddim32 - detected UnsignedFile.Multi.Generic (1)
22:54:54.0835 2684 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:54:54.0913 2684 iirsp - ok
22:54:54.0991 2684 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
22:54:55.0225 2684 IKEEXT - ok
22:54:55.0271 2684 [ 66BF8DF26CFDF793921281B45DDC5D25 ] imgkmd32 C:\Windows\system32\DRIVERS\imgkmd32.sys
22:54:55.0334 2684 imgkmd32 ( UnsignedFile.Multi.Generic ) - warning
22:54:55.0334 2684 imgkmd32 - detected UnsignedFile.Multi.Generic (1)
22:54:55.0427 2684 [ 8F4D251F1EA15FA97E8399128A72CC83 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
22:54:55.0537 2684 IntcDAud - ok
22:54:55.0568 2684 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
22:54:55.0646 2684 intelide - ok
22:54:55.0661 2684 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:54:55.0771 2684 intelppm - ok
22:54:55.0802 2684 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:54:55.0973 2684 IPBusEnum - ok
22:54:56.0020 2684 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:54:56.0192 2684 IpFilterDriver - ok
22:54:56.0270 2684 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:54:56.0379 2684 iphlpsvc - ok
22:54:56.0395 2684 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
22:54:56.0473 2684 IPMIDRV - ok
22:54:56.0519 2684 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:54:56.0675 2684 IPNAT - ok
22:54:56.0722 2684 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:54:56.0831 2684 IRENUM - ok
22:54:56.0863 2684 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:54:56.0941 2684 isapnp - ok
22:54:56.0987 2684 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
22:54:57.0081 2684 iScsiPrt - ok
22:54:57.0112 2684 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:54:57.0190 2684 kbdclass - ok
22:54:57.0206 2684 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
22:54:57.0315 2684 kbdhid - ok
22:54:57.0346 2684 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
22:54:57.0440 2684 KeyIso - ok
22:54:57.0518 2684 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:54:57.0596 2684 KSecDD - ok
22:54:57.0627 2684 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:54:57.0721 2684 KSecPkg - ok
22:54:57.0752 2684 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
22:54:57.0955 2684 KtmRm - ok
22:54:58.0064 2684 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
22:54:58.0267 2684 LanmanServer - ok
22:54:58.0454 2684 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:54:58.0641 2684 LanmanWorkstation - ok
22:54:58.0735 2684 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:54:58.0906 2684 lltdio - ok
22:54:58.0969 2684 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:54:59.0156 2684 lltdsvc - ok
22:54:59.0171 2684 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
22:54:59.0327 2684 lmhosts - ok
22:54:59.0374 2684 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
22:54:59.0437 2684 LSI_FC - ok
22:54:59.0499 2684 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:54:59.0561 2684 LSI_SAS - ok
22:54:59.0593 2684 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
22:54:59.0655 2684 LSI_SAS2 - ok
22:54:59.0686 2684 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:54:59.0764 2684 LSI_SCSI - ok
22:54:59.0811 2684 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
22:54:59.0998 2684 luafv - ok
22:55:00.0170 2684 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:55:00.0263 2684 Mcx2Svc - ok
22:55:00.0310 2684 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
22:55:00.0373 2684 megasas - ok
22:55:00.0419 2684 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
22:55:00.0497 2684 MegaSR - ok
22:55:00.0560 2684 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
22:55:00.0794 2684 MMCSS - ok
22:55:00.0856 2684 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
22:55:01.0028 2684 Modem - ok
22:55:01.0106 2684 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:55:01.0215 2684 monitor - ok
22:55:01.0293 2684 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:55:01.0355 2684 mouclass - ok
22:55:01.0402 2684 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:55:01.0511 2684 mouhid - ok
22:55:01.0543 2684 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:55:01.0605 2684 mountmgr - ok
22:55:01.0636 2684 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
22:55:01.0699 2684 mpio - ok
22:55:01.0730 2684 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:55:01.0839 2684 mpsdrv - ok
22:55:01.0933 2684 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:55:02.0089 2684 MpsSvc - ok
22:55:02.0151 2684 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:55:02.0291 2684 MRxDAV - ok
22:55:02.0369 2684 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:55:02.0479 2684 mrxsmb - ok
22:55:02.0541 2684 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:55:02.0650 2684 mrxsmb10 - ok
22:55:02.0775 2684 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:55:02.0869 2684 mrxsmb20 - ok
22:55:02.0993 2684 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
22:55:03.0056 2684 msahci - ok
22:55:03.0087 2684 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:55:03.0181 2684 msdsm - ok
22:55:03.0212 2684 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
22:55:03.0337 2684 MSDTC - ok
22:55:03.0430 2684 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:55:03.0539 2684 Msfs - ok
22:55:03.0586 2684 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:55:03.0758 2684 mshidkmdf - ok
22:55:03.0820 2684 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:55:03.0883 2684 msisadrv - ok
22:55:03.0961 2684 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:55:04.0179 2684 MSiSCSI - ok
22:55:04.0195 2684 msiserver - ok
22:55:04.0241 2684 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:55:04.0397 2684 MSKSSRV - ok
22:55:04.0475 2684 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:55:04.0616 2684 MSPCLOCK - ok
22:55:04.0631 2684 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:55:04.0772 2684 MSPQM - ok
22:55:04.0803 2684 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:55:04.0865 2684 MsRPC - ok
22:55:04.0928 2684 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
22:55:04.0990 2684 mssmbios - ok
22:55:05.0021 2684 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:55:05.0146 2684 MSTEE - ok
22:55:05.0162 2684 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
22:55:05.0240 2684 MTConfig - ok
22:55:05.0271 2684 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
22:55:05.0333 2684 Mup - ok
22:55:05.0443 2684 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
22:55:05.0567 2684 napagent - ok
22:55:05.0630 2684 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:55:05.0708 2684 NativeWifiP - ok
22:55:05.0801 2684 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:55:05.0926 2684 NDIS - ok
22:55:05.0957 2684 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:55:06.0113 2684 NdisCap - ok
22:55:06.0160 2684 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:55:06.0254 2684 NdisTapi - ok
22:55:06.0269 2684 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:55:06.0363 2684 Ndisuio - ok
22:55:06.0410 2684 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:55:06.0503 2684 NdisWan - ok
22:55:06.0519 2684 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:55:06.0597 2684 NDProxy - ok
22:55:06.0613 2684 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:55:06.0737 2684 NetBIOS - ok
22:55:06.0753 2684 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:55:06.0831 2684 NetBT - ok
22:55:06.0862 2684 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
22:55:06.0909 2684 Netlogon - ok
22:55:07.0034 2684 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
22:55:07.0221 2684 Netman - ok
22:55:07.0283 2684 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
22:55:07.0580 2684 netprofm - ok
22:55:07.0642 2684 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:55:07.0689 2684 NetTcpPortSharing - ok
22:55:07.0783 2684 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:55:07.0845 2684 nfrd960 - ok
22:55:07.0923 2684 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
22:55:08.0048 2684 NlaSvc - ok
22:55:08.0079 2684 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:55:08.0251 2684 Npfs - ok
22:55:08.0297 2684 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
22:55:08.0469 2684 nsi - ok
22:55:08.0516 2684 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:55:08.0687 2684 nsiproxy - ok
22:55:09.0015 2684 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:55:09.0218 2684 Ntfs - ok
22:55:09.0249 2684 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
22:55:09.0436 2684 Null - ok
22:55:09.0483 2684 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:55:09.0545 2684 nvraid - ok
22:55:09.0592 2684 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:55:09.0655 2684 nvstor - ok
22:55:09.0701 2684 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:55:09.0764 2684 nv_agp - ok
22:55:09.0795 2684 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:55:09.0904 2684 ohci1394 - ok
22:55:09.0982 2684 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:55:10.0045 2684 ose - ok
22:55:11.0464 2684 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:55:11.0901 2684 osppsvc - ok
22:55:11.0963 2684 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:55:12.0073 2684 p2pimsvc - ok
22:55:12.0182 2684 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
22:55:12.0307 2684 p2psvc - ok
22:55:12.0338 2684 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\drivers\parport.sys
22:55:12.0416 2684 Parport - ok
22:55:12.0463 2684 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:55:12.0525 2684 partmgr - ok
22:55:12.0541 2684 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\drivers\parvdm.sys
22:55:12.0619 2684 Parvdm - ok
22:55:12.0650 2684 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:55:12.0759 2684 PcaSvc - ok
22:55:12.0775 2684 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
22:55:12.0853 2684 pci - ok
22:55:12.0868 2684 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
22:55:12.0931 2684 pciide - ok
22:55:12.0962 2684 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
22:55:13.0040 2684 pcmcia - ok
22:55:13.0055 2684 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
22:55:13.0118 2684 pcw - ok
22:55:13.0258 2684 [ 98655F862BB07CFB1CCC9262DA621AE1 ] PDF Architect Helper Service C:\Program Files\PDF Architect\HelperService.exe
22:55:13.0445 2684 PDF Architect Helper Service - ok
22:55:13.0523 2684 [ 73406F96E946F2B38615375269EF286F ] PDF Architect Service C:\Program Files\PDF Architect\ConversionService.exe
22:55:13.0648 2684 PDF Architect Service - ok
22:55:13.0711 2684 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:55:13.0929 2684 PEAUTH - ok
22:55:14.0069 2684 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
22:55:14.0350 2684 pla - ok
22:55:14.0413 2684 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:55:14.0569 2684 PlugPlay - ok
22:55:14.0600 2684 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:55:14.0725 2684 PNRPAutoReg - ok
22:55:14.0771 2684 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:55:14.0881 2684 PNRPsvc - ok
22:55:14.0943 2684 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:55:15.0193 2684 PolicyAgent - ok
22:55:15.0224 2684 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
22:55:15.0442 2684 Power - ok
22:55:15.0520 2684 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:55:15.0707 2684 PptpMiniport - ok
22:55:15.0739 2684 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys
22:55:15.0832 2684 Processor - ok
22:55:15.0910 2684 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
22:55:16.0051 2684 ProfSvc - ok
22:55:16.0066 2684 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:55:16.0160 2684 ProtectedStorage - ok
22:55:16.0191 2684 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:55:16.0378 2684 Psched - ok
22:55:16.0441 2684 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
22:55:16.0643 2684 ql2300 - ok
22:55:16.0690 2684 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
22:55:16.0768 2684 ql40xx - ok
22:55:16.0815 2684 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
22:55:16.0971 2684 QWAVE - ok
22:55:17.0002 2684 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:55:17.0111 2684 QWAVEdrv - ok
22:55:17.0158 2684 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:55:17.0314 2684 RasAcd - ok
22:55:17.0392 2684 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:55:17.0564 2684 RasAgileVpn - ok
22:55:17.0595 2684 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
22:55:17.0798 2684 RasAuto - ok
22:55:17.0829 2684 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:55:18.0001 2684 Rasl2tp - ok
22:55:18.0063 2684 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
22:55:18.0266 2684 RasMan - ok
22:55:18.0297 2684 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:55:18.0469 2684 RasPppoe - ok
22:55:18.0531 2684 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:55:18.0703 2684 RasSstp - ok
22:55:18.0749 2684 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:55:18.0937 2684 rdbss - ok
22:55:18.0968 2684 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
22:55:19.0061 2684 rdpbus - ok
22:55:19.0093 2684 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:55:19.0264 2684 RDPCDD - ok
22:55:19.0295 2684 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:55:19.0467 2684 RDPENCDD - ok
22:55:19.0514 2684 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:55:19.0685 2684 RDPREFMP - ok
22:55:19.0748 2684 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:55:19.0857 2684 RDPWD - ok
22:55:19.0919 2684 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:55:20.0029 2684 rdyboost - ok
22:55:20.0091 2684 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
22:55:20.0263 2684 RemoteAccess - ok
22:55:20.0309 2684 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:55:20.0528 2684 RemoteRegistry - ok
22:55:20.0575 2684 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:55:20.0762 2684 RpcEptMapper - ok
22:55:20.0809 2684 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
22:55:20.0918 2684 RpcLocator - ok
22:55:20.0949 2684 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
22:55:21.0136 2684 RpcSs - ok
22:55:21.0230 2684 [ 683B328B077D21F06E18C426DBAC0616 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
22:55:21.0308 2684 RSPCIESTOR - ok
22:55:21.0386 2684 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:55:21.0557 2684 rspndr - ok
22:55:21.0620 2684 [ 6A2586DCB5B04A52404699EB325DF1DB ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
22:55:21.0713 2684 RTL8167 - ok
22:55:21.0745 2684 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
22:55:21.0838 2684 SamSs - ok
22:55:21.0885 2684 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:55:21.0963 2684 sbp2port - ok
22:55:22.0010 2684 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:55:22.0228 2684 SCardSvr - ok
22:55:22.0259 2684 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:55:22.0415 2684 scfilter - ok
22:55:22.0462 2684 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
22:55:22.0696 2684 Schedule - ok
22:55:22.0743 2684 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
22:55:22.0883 2684 SCPolicySvc - ok
22:55:22.0930 2684 [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
22:55:23.0039 2684 sdbus - ok
22:55:23.0071 2684 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:55:23.0195 2684 SDRSVC - ok
22:55:23.0258 2684 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:55:23.0445 2684 secdrv - ok
22:55:23.0476 2684 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
22:55:23.0663 2684 seclogon - ok
22:55:23.0710 2684 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
22:55:23.0897 2684 SENS - ok
22:55:23.0944 2684 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:55:24.0085 2684 SensrSvc - ok
22:55:24.0100 2684 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\drivers\serenum.sys
22:55:24.0194 2684 Serenum - ok
22:55:24.0225 2684 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\drivers\serial.sys
22:55:24.0319 2684 Serial - ok
22:55:24.0365 2684 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys
22:55:24.0443 2684 sermouse - ok
22:55:24.0521 2684 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
22:55:24.0709 2684 SessionEnv - ok
22:55:24.0724 2684 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:55:24.0833 2684 sffdisk - ok
22:55:24.0849 2684 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:55:24.0943 2684 sffp_mmc - ok
22:55:24.0958 2684 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:55:25.0052 2684 sffp_sd - ok
22:55:25.0083 2684 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
22:55:25.0161 2684 sfloppy - ok
22:55:25.0223 2684 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:55:25.0426 2684 SharedAccess - ok
22:55:25.0489 2684 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:55:25.0691 2684 ShellHWDetection - ok
22:55:25.0723 2684 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
22:55:25.0801 2684 sisagp - ok
22:55:25.0847 2684 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
22:55:25.0926 2684 SiSRaid2 - ok
22:55:25.0957 2684 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:55:26.0035 2684 SiSRaid4 - ok
22:55:26.0097 2684 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:55:26.0253 2684 Smb - ok
22:55:26.0316 2684 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:55:26.0425 2684 SNMPTRAP - ok
22:55:26.0456 2684 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
22:55:26.0534 2684 spldr - ok
22:55:26.0612 2684 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
22:55:26.0737 2684 Spooler - ok
22:55:26.0877 2684 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
22:55:27.0220 2684 sppsvc - ok
22:55:27.0267 2684 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:55:27.0454 2684 sppuinotify - ok
22:55:27.0517 2684 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
22:55:27.0626 2684 srv - ok
22:55:27.0657 2684 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:55:27.0782 2684 srv2 - ok
22:55:27.0829 2684 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:55:27.0938 2684 srvnet - ok
22:55:27.0969 2684 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:55:28.0172 2684 SSDPSRV - ok
22:55:28.0188 2684 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:55:28.0390 2684 SstpSvc - ok
22:55:28.0437 2684 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys
22:55:28.0515 2684 stexstor - ok
22:55:28.0578 2684 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
22:55:28.0749 2684 StiSvc - ok
22:55:28.0796 2684 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
22:55:28.0874 2684 swenum - ok
22:55:28.0905 2684 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
22:55:29.0139 2684 swprv - ok
22:55:29.0202 2684 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
22:55:29.0358 2684 SysMain - ok
22:55:29.0389 2684 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:55:29.0498 2684 TabletInputService - ok
22:55:29.0545 2684 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
22:55:29.0748 2684 TapiSrv - ok
22:55:29.0779 2684 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
22:55:29.0966 2684 TBS - ok
22:55:30.0075 2684 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:55:30.0262 2684 Tcpip - ok
22:55:30.0356 2684 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:55:30.0512 2684 TCPIP6 - ok
22:55:30.0574 2684 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:55:30.0684 2684 tcpipreg - ok
22:55:30.0746 2684 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:55:30.0855 2684 TDPIPE - ok
22:55:30.0902 2684 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:55:31.0011 2684 TDTCP - ok
22:55:31.0042 2684 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:55:31.0214 2684 tdx - ok
22:55:31.0245 2684 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
22:55:31.0323 2684 TermDD - ok
22:55:31.0386 2684 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
22:55:31.0588 2684 TermService - ok
22:55:31.0651 2684 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
22:55:31.0807 2684 Themes - ok
22:55:31.0838 2684 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
22:55:32.0010 2684 THREADORDER - ok
22:55:32.0041 2684 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
22:55:32.0259 2684 TrkWks - ok
22:55:32.0322 2684 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:55:32.0524 2684 TrustedInstaller - ok
22:55:32.0571 2684 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:55:32.0743 2684 tssecsrv - ok
22:55:32.0774 2684 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:55:32.0883 2684 TsUsbFlt - ok
22:55:32.0914 2684 [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
22:55:33.0008 2684 TsUsbGD - ok
22:55:33.0086 2684 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:55:33.0242 2684 tunnel - ok
22:55:33.0273 2684 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:55:33.0351 2684 uagp35 - ok
22:55:33.0382 2684 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:55:33.0570 2684 udfs - ok
22:55:33.0648 2684 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:55:33.0788 2684 UI0Detect - ok
22:55:33.0850 2684 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:55:33.0928 2684 uliagpkx - ok
22:55:33.0960 2684 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:55:34.0053 2684 umbus - ok
22:55:34.0084 2684 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys
22:55:34.0178 2684 UmPass - ok
22:55:34.0225 2684 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
22:55:34.0396 2684 upnphost - ok
22:55:34.0443 2684 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:55:34.0506 2684 usbccgp - ok
22:55:34.0521 2684 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:55:34.0599 2684 usbcir - ok
22:55:34.0615 2684 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
22:55:34.0677 2684 usbehci - ok
22:55:34.0724 2684 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:55:34.0833 2684 usbhub - ok
22:55:34.0864 2684 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:55:34.0958 2684 usbohci - ok
22:55:34.0989 2684 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\drivers\usbprint.sys
22:55:35.0083 2684 usbprint - ok
22:55:35.0130 2684 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:55:35.0223 2684 USBSTOR - ok
22:55:35.0254 2684 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
22:55:35.0379 2684 usbuhci - ok
22:55:35.0457 2684 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
22:55:35.0551 2684 usbvideo - ok
22:55:35.0598 2684 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
22:55:35.0816 2684 UxSms - ok
22:55:35.0847 2684 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
22:55:35.0925 2684 VaultSvc - ok
22:55:36.0003 2684 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:55:36.0066 2684 vdrvroot - ok
22:55:36.0112 2684 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
22:55:36.0300 2684 vds - ok
22:55:36.0346 2684 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:55:36.0440 2684 vga - ok
22:55:36.0471 2684 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
22:55:36.0580 2684 VgaSave - ok
22:55:36.0627 2684 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
22:55:36.0690 2684 vhdmp - ok
22:55:36.0736 2684 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
22:55:36.0799 2684 viaagp - ok
22:55:36.0814 2684 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
22:55:36.0892 2684 ViaC7 - ok
22:55:36.0924 2684 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
22:55:36.0986 2684 viaide - ok
22:55:37.0002 2684 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:55:37.0064 2684 volmgr - ok
22:55:37.0095 2684 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:55:37.0173 2684 volmgrx - ok
22:55:37.0204 2684 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:55:37.0282 2684 volsnap - ok
22:55:37.0314 2684 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:55:37.0392 2684 vsmraid - ok
22:55:37.0454 2684 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
22:55:37.0672 2684 VSS - ok
Nahoru
Karel.P
nováček
Příspěvky: 11
Registrován: leden 13
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - PC nenaběhl - růžová obrazovka

Příspěvekod Karel.P » 31 led 2013 09:46

22:55:37.0704 2684 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
22:55:37.0782 2684 vwifibus - ok
22:55:37.0828 2684 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
22:55:37.0922 2684 vwififlt - ok
22:55:37.0953 2684 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
22:55:38.0109 2684 W32Time - ok
22:55:38.0156 2684 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
22:55:38.0234 2684 WacomPen - ok
22:55:38.0281 2684 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:55:38.0421 2684 WANARP - ok
22:55:38.0421 2684 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:55:38.0546 2684 Wanarpv6 - ok
22:55:38.0671 2684 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
22:55:38.0874 2684 WatAdminSvc - ok
22:55:38.0952 2684 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
22:55:39.0139 2684 wbengine - ok
22:55:39.0186 2684 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:55:39.0342 2684 WbioSrvc - ok
22:55:39.0373 2684 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:55:39.0544 2684 wcncsvc - ok
22:55:39.0576 2684 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:55:39.0747 2684 WcsPlugInService - ok
22:55:39.0794 2684 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys
22:55:39.0872 2684 Wd - ok
22:55:39.0934 2684 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:55:40.0059 2684 Wdf01000 - ok
22:55:40.0090 2684 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:55:40.0246 2684 WdiServiceHost - ok
22:55:40.0278 2684 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:55:40.0402 2684 WdiSystemHost - ok
22:55:40.0449 2684 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
22:55:40.0605 2684 WebClient - ok
22:55:40.0636 2684 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:55:40.0839 2684 Wecsvc - ok
22:55:40.0870 2684 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:55:41.0073 2684 wercplsupport - ok
22:55:41.0120 2684 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
22:55:41.0338 2684 WerSvc - ok
22:55:41.0385 2684 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:55:41.0541 2684 WfpLwf - ok
22:55:41.0588 2684 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:55:41.0666 2684 WIMMount - ok
22:55:41.0775 2684 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
22:55:41.0931 2684 WinDefend - ok
22:55:41.0962 2684 WinHttpAutoProxySvc - ok
22:55:42.0072 2684 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:55:42.0228 2684 Winmgmt - ok
22:55:42.0321 2684 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
22:55:42.0586 2684 WinRM - ok
22:55:42.0711 2684 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
22:55:42.0914 2684 Wlansvc - ok
22:55:42.0961 2684 [ F6EDAA9ED09FB51F81536387CF5157B3 ] wltrysvc C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
22:55:43.0008 2684 wltrysvc ( UnsignedFile.Multi.Generic ) - warning
22:55:43.0008 2684 wltrysvc - detected UnsignedFile.Multi.Generic (1)
22:55:43.0054 2684 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
22:55:43.0179 2684 WmiAcpi - ok
22:55:43.0242 2684 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:55:43.0351 2684 wmiApSrv - ok
22:55:43.0476 2684 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
22:55:43.0616 2684 WMPNetworkSvc - ok
22:55:43.0663 2684 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:55:43.0788 2684 WPCSvc - ok
22:55:43.0819 2684 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:55:43.0959 2684 WPDBusEnum - ok
22:55:44.0006 2684 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:55:44.0178 2684 ws2ifsl - ok
22:55:44.0209 2684 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
22:55:44.0349 2684 wscsvc - ok
22:55:44.0365 2684 WSearch - ok
22:55:44.0505 2684 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
22:55:44.0770 2684 wuauserv - ok
22:55:44.0817 2684 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:55:44.0911 2684 WudfPf - ok
22:55:44.0958 2684 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:55:45.0082 2684 WUDFRd - ok
22:55:45.0129 2684 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:55:45.0254 2684 wudfsvc - ok
22:55:45.0301 2684 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
22:55:45.0457 2684 WwanSvc - ok
22:55:45.0519 2684 ================ Scan global ===============================
22:55:45.0566 2684 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
22:55:45.0628 2684 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
22:55:45.0722 2684 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
22:55:45.0831 2684 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
22:55:45.0894 2684 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
22:55:45.0940 2684 [Global] - ok
22:55:45.0940 2684 ================ Scan MBR ==================================
22:55:45.0972 2684 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:55:46.0580 2684 \Device\Harddisk0\DR0 - ok
22:55:46.0611 2684 [ 3415131FE11EC9C12D725521D6F46916 ] \Device\Harddisk1\DR1
22:55:53.0272 2684 \Device\Harddisk1\DR1 - ok
22:55:53.0272 2684 ================ Scan VBR ==================================
22:55:53.0304 2684 [ 48574AB2FDBFA2A31FD707DB85FC79A3 ] \Device\Harddisk0\DR0\Partition1
22:55:53.0319 2684 \Device\Harddisk0\DR0\Partition1 - ok
22:55:53.0350 2684 [ 4E79DD33A16E642DF4162F9DC59A0C91 ] \Device\Harddisk0\DR0\Partition2
22:55:53.0366 2684 \Device\Harddisk0\DR0\Partition2 - ok
22:55:53.0397 2684 [ A6B659178D5BDB6945B4BCF0767776EA ] \Device\Harddisk0\DR0\Partition3
22:55:53.0413 2684 \Device\Harddisk0\DR0\Partition3 - ok
22:55:53.0413 2684 ============================================================
22:55:53.0413 2684 Scan finished
22:55:53.0413 2684 ============================================================
22:55:54.0208 2644 Detected object count: 4
22:55:54.0208 2644 Actual detected object count: 4
22:56:36.0266 2644 IconMan_R ( UnsignedFile.Multi.Generic ) - skipped by user
22:56:36.0266 2644 IconMan_R ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:56:36.0282 2644 igddim32 ( UnsignedFile.Multi.Generic ) - skipped by user
22:56:36.0282 2644 igddim32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:56:36.0297 2644 imgkmd32 ( UnsignedFile.Multi.Generic ) - skipped by user
22:56:36.0297 2644 imgkmd32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:56:36.0297 2644 wltrysvc ( UnsignedFile.Multi.Generic ) - skipped by user
22:56:36.0297 2644 wltrysvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:56:42.0506 4064 Deinitialize success
Nahoru
Karel.P
nováček
Příspěvky: 11
Registrován: leden 13
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - PC nenaběhl - růžová obrazovka

Příspěvekod Karel.P » 31 led 2013 09:47

A zde ComboFix

ComboFix 13-01-30.04 - Šárka 31.01.2013 8:58.1.4 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2036.1312 [GMT 1:00]
Spuštěný z: c:\users\Őßrka\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\PFRO.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-28 do 2013-01-31 )))))))))))))))))))))))))))))))
.
.
2013-01-31 08:10 . 2013-01-31 08:11 -------- d-----w- c:\users\Šárka\AppData\Local\temp
2013-01-31 08:10 . 2013-01-31 08:10 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-30 20:49 . 2013-01-30 20:49 -------- d-----w- c:\users\Šárka\AppData\Local\Adobe
2013-01-30 11:06 . 2013-01-30 11:06 -------- d-----w- c:\users\Šárka\AppData\Roaming\Malwarebytes
2013-01-30 11:06 . 2013-01-30 11:06 -------- d-----w- c:\programdata\Malwarebytes
2013-01-30 11:06 . 2013-01-30 11:06 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-01-30 11:06 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-30 09:42 . 2013-01-30 09:42 -------- d-----w- c:\program files\ESET
2013-01-29 11:56 . 2013-01-08 04:57 6991832 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B3004045-2722-467C-ABCB-2310106099F7}\mpengine.dll
2013-01-10 07:40 . 2012-11-09 04:43 492032 ----a-w- c:\windows\system32\win32spl.dll
2013-01-10 07:39 . 2012-11-23 02:56 2345984 ----a-w- c:\windows\system32\win32k.sys
2013-01-10 07:39 . 2012-11-22 04:45 626688 ----a-w- c:\windows\system32\usp10.dll
2013-01-10 07:37 . 2012-11-23 02:48 49152 ----a-w- c:\windows\system32\taskhost.exe
2013-01-10 07:37 . 2012-11-01 04:47 1389568 ----a-w- c:\windows\system32\msxml6.dll
2013-01-10 07:34 . 2012-12-07 10:46 43520 ----a-w- c:\windows\system32\csrr.rs
2013-01-10 07:33 . 2012-11-20 04:51 220160 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-08 20:59 . 2013-01-08 20:59 -------- d-----w- c:\users\Šárka\AppData\Roaming\PDF Architect
2013-01-08 20:56 . 2013-01-08 20:56 -------- d-----w- c:\users\Šárka\AppData\Roaming\APP_NAME_NON_STRING
2013-01-08 20:55 . 2013-01-08 20:56 -------- d-----w- c:\program files\PDF Architect
2013-01-08 20:55 . 2013-01-08 20:55 -------- d-----w- c:\users\Šárka\AppData\Roaming\pdfforge
2013-01-08 20:55 . 2012-05-05 09:54 137000 ----a-w- c:\windows\system32\MSMAPI32.OCX
2013-01-08 20:55 . 2012-10-28 17:32 88576 ----a-w- c:\windows\system32\pdfcmon.dll
2013-01-08 20:55 . 2012-05-05 09:54 662288 ----a-w- c:\windows\system32\MSCOMCT2.OCX
2013-01-08 20:55 . 2012-05-05 09:54 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2013-01-08 20:54 . 2013-01-08 20:56 -------- d-----w- c:\program files\PDFCreator
2013-01-08 20:50 . 2013-01-08 20:50 -------- d-----w- c:\users\Šárka\AppData\Local\Programs
2013-01-04 21:37 . 2013-01-04 21:37 -------- d-----w- c:\programdata\TreeCardGames
2013-01-04 21:37 . 2013-01-13 01:04 -------- d-----w- c:\users\Šárka\AppData\Roaming\MahJong Suite
2013-01-04 21:37 . 2013-01-04 21:37 -------- d-----w- c:\program files\MahJong Suite
2013-01-04 21:36 . 2013-01-04 21:36 -------- d-----w- c:\users\Šárka\AppData\Local\Diagnostics
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-08 19:28 . 2012-12-12 18:35 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-08 19:28 . 2012-12-12 18:35 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-16 14:13 . 2012-12-21 23:31 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 23:31 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-12 13:24 . 2012-12-12 13:24 86528 ----a-w- c:\windows\system32\iesysprep.dll
2012-12-12 13:24 . 2012-12-12 13:24 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-12-12 13:24 . 2012-12-12 13:24 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-12-12 13:24 . 2012-12-12 13:24 74752 ----a-w- c:\windows\system32\iesetup.dll
2012-12-12 13:24 . 2012-12-12 13:24 63488 ----a-w- c:\windows\system32\tdc.ocx
2012-12-12 13:24 . 2012-12-12 13:24 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-12-12 13:24 . 2012-12-12 13:24 367104 ----a-w- c:\windows\system32\html.iec
2012-12-12 13:24 . 2012-12-12 13:24 35840 ----a-w- c:\windows\system32\imgutil.dll
2012-12-12 13:24 . 2012-12-12 13:24 23552 ----a-w- c:\windows\system32\licmgr10.dll
2012-12-12 13:24 . 2012-12-12 13:24 161792 ----a-w- c:\windows\system32\msls31.dll
2012-12-12 13:24 . 2012-12-12 13:24 152064 ----a-w- c:\windows\system32\wextract.exe
2012-12-12 13:24 . 2012-12-12 13:24 150528 ----a-w- c:\windows\system32\iexpress.exe
2012-12-12 13:24 . 2012-12-12 13:24 11776 ----a-w- c:\windows\system32\mshta.exe
2012-12-12 13:24 . 2012-12-12 13:24 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-12-12 13:24 . 2012-12-12 13:24 101888 ----a-w- c:\windows\system32\admparse.dll
2012-12-11 21:26 . 2012-12-11 21:26 52224 ----a-w- c:\windows\system32\wltrynt.dll
2012-12-11 21:26 . 2012-12-11 21:26 35088 ----a-w- c:\windows\system32\drivers\npf.sys
2012-12-11 21:26 . 2012-12-11 21:26 445 ----a-w- c:\windows\system32\vcredist_x86.bat
2012-12-11 21:26 . 2012-12-11 21:26 2682880 ----a-w- c:\windows\system32\vcredist_x86.exe
2012-12-11 21:26 . 2012-12-11 21:26 6656 ----a-w- c:\windows\system32\bcmwlrc.dll
2012-12-11 21:25 . 2012-12-11 21:26 91448 ----a-w- c:\windows\system32\bcmwlcoi.dll
2012-12-11 21:25 . 2012-12-11 21:26 3933496 ----a-w- c:\windows\system32\bcmihvsrv.dll
2012-12-11 21:25 . 2012-12-11 21:26 3622200 ----a-w- c:\windows\system32\bcmihvui.dll
2012-12-11 21:25 . 2012-12-11 21:26 4268096 ----a-w- c:\windows\system32\drivers\BCMWL6.SYS
2012-12-11 21:25 . 2012-12-11 21:27 989184 ----a-w- c:\windows\system32\BCMLogon.dll
2012-12-11 21:25 . 2012-12-11 21:26 4358144 ----a-w- c:\windows\system32\bcmttls.dll
2012-12-11 21:25 . 2012-12-11 21:26 18496 ----a-w- c:\windows\system32\drivers\bcm42rly.sys
2012-11-14 02:09 . 2012-12-12 20:59 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58 . 2012-12-12 20:59 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57 . 2012-12-12 20:59 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49 . 2012-12-12 20:59 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48 . 2012-12-12 20:59 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44 . 2012-12-12 20:59 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-09 04:42 . 2012-12-12 09:17 2048 ----a-w- c:\windows\system32\tzres.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"Broadcom Wireless Manager UI"="c:\program files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe" [2012-12-11 6475264]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-10-20 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-10-20 168960]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-10-20 161280]
"GfxServiceInstall"="c:\windows\system32\GfxServiceInstall.bat" [2011-10-20 51]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKLM\~\startupfolder\C:^Users^Šárka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk]
path=c:\users\Šárka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-12-03 07:35 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 IconMan_R;IconMan_R;c:\program files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files\PDF Architect\HelperService.exe [x]
S2 PDF Architect Service;PDF Architect Service;c:\program files\PDF Architect\ConversionService.exe [x]
S3 igddim32;igddim32;c:\windows\system32\DRIVERS\igddim32.sys [x]
S3 imgkmd32;imgkmd32;c:\windows\system32\DRIVERS\imgkmd32.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-12 19:28]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-01-31 09:15:18
ComboFix-quarantined-files.txt 2013-01-31 08:15
.
Před spuštěním: Volných bajtů: 82 318 708 736
Po spuštění: Volných bajtů: 82 229 411 840
.
- - End Of File - - 39B591667EB318753D0D06B1578F24BA
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - PC nenaběhl - růžová obrazovka

Příspěvekod jaro3 » 31 led 2013 10:38

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
KillAll::
FileLook::
c:\windows\system32\csrr.rs

Folder::
c:\program files\ESET

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]



Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
Karel.P
nováček
Příspěvky: 11
Registrován: leden 13
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - PC nenaběhl - růžová obrazovka

Příspěvekod Karel.P » 31 led 2013 12:48

Combofix log

ComboFix 13-01-30.04 - Šárka 31.01.2013 11:28:04.2.4 - x86
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2036.1307 [GMT 1:00]
Spuštěný z: c:\users\Őßrka\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Őßrka\Desktop\CFScript.txt
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-28 do 2013-01-31 )))))))))))))))))))))))))))))))
.
.
2013-01-31 10:40 . 2013-01-31 10:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-31 08:15 . 2013-01-31 10:40 -------- d-----w- c:\users\Šárka\AppData\Local\temp
2013-01-30 20:49 . 2013-01-30 20:49 -------- d-----w- c:\users\Šárka\AppData\Local\Adobe
2013-01-30 11:06 . 2013-01-30 11:06 -------- d-----w- c:\users\Šárka\AppData\Roaming\Malwarebytes
2013-01-30 11:06 . 2013-01-30 11:06 -------- d-----w- c:\programdata\Malwarebytes
2013-01-30 11:06 . 2013-01-30 11:06 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-01-30 11:06 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-30 09:42 . 2013-01-30 09:42 -------- d-----w- c:\program files\ESET
2013-01-29 11:56 . 2013-01-08 04:57 6991832 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B3004045-2722-467C-ABCB-2310106099F7}\mpengine.dll
2013-01-10 07:40 . 2012-11-09 04:43 492032 ----a-w- c:\windows\system32\win32spl.dll
2013-01-10 07:39 . 2012-11-23 02:56 2345984 ----a-w- c:\windows\system32\win32k.sys
2013-01-10 07:39 . 2012-11-22 04:45 626688 ----a-w- c:\windows\system32\usp10.dll
2013-01-10 07:37 . 2012-11-23 02:48 49152 ----a-w- c:\windows\system32\taskhost.exe
2013-01-10 07:37 . 2012-11-01 04:47 1389568 ----a-w- c:\windows\system32\msxml6.dll
2013-01-10 07:34 . 2012-12-07 10:46 43520 ----a-w- c:\windows\system32\csrr.rs
2013-01-10 07:33 . 2012-11-20 04:51 220160 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-08 20:59 . 2013-01-08 20:59 -------- d-----w- c:\users\Šárka\AppData\Roaming\PDF Architect
2013-01-08 20:56 . 2013-01-08 20:56 -------- d-----w- c:\users\Šárka\AppData\Roaming\APP_NAME_NON_STRING
2013-01-08 20:55 . 2013-01-08 20:56 -------- d-----w- c:\program files\PDF Architect
2013-01-08 20:55 . 2013-01-08 20:55 -------- d-----w- c:\users\Šárka\AppData\Roaming\pdfforge
2013-01-08 20:55 . 2012-05-05 09:54 137000 ----a-w- c:\windows\system32\MSMAPI32.OCX
2013-01-08 20:55 . 2012-10-28 17:32 88576 ----a-w- c:\windows\system32\pdfcmon.dll
2013-01-08 20:55 . 2012-05-05 09:54 662288 ----a-w- c:\windows\system32\MSCOMCT2.OCX
2013-01-08 20:55 . 2012-05-05 09:54 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2013-01-08 20:54 . 2013-01-08 20:56 -------- d-----w- c:\program files\PDFCreator
2013-01-08 20:50 . 2013-01-08 20:50 -------- d-----w- c:\users\Šárka\AppData\Local\Programs
2013-01-04 21:37 . 2013-01-04 21:37 -------- d-----w- c:\programdata\TreeCardGames
2013-01-04 21:37 . 2013-01-13 01:04 -------- d-----w- c:\users\Šárka\AppData\Roaming\MahJong Suite
2013-01-04 21:37 . 2013-01-04 21:37 -------- d-----w- c:\program files\MahJong Suite
2013-01-04 21:36 . 2013-01-04 21:36 -------- d-----w- c:\users\Šárka\AppData\Local\Diagnostics
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-08 19:28 . 2012-12-12 18:35 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-08 19:28 . 2012-12-12 18:35 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-16 14:13 . 2012-12-21 23:31 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 23:31 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-12 13:24 . 2012-12-12 13:24 86528 ----a-w- c:\windows\system32\iesysprep.dll
2012-12-12 13:24 . 2012-12-12 13:24 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-12-12 13:24 . 2012-12-12 13:24 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-12-12 13:24 . 2012-12-12 13:24 74752 ----a-w- c:\windows\system32\iesetup.dll
2012-12-12 13:24 . 2012-12-12 13:24 63488 ----a-w- c:\windows\system32\tdc.ocx
2012-12-12 13:24 . 2012-12-12 13:24 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-12-12 13:24 . 2012-12-12 13:24 367104 ----a-w- c:\windows\system32\html.iec
2012-12-12 13:24 . 2012-12-12 13:24 35840 ----a-w- c:\windows\system32\imgutil.dll
2012-12-12 13:24 . 2012-12-12 13:24 23552 ----a-w- c:\windows\system32\licmgr10.dll
2012-12-12 13:24 . 2012-12-12 13:24 161792 ----a-w- c:\windows\system32\msls31.dll
2012-12-12 13:24 . 2012-12-12 13:24 152064 ----a-w- c:\windows\system32\wextract.exe
2012-12-12 13:24 . 2012-12-12 13:24 150528 ----a-w- c:\windows\system32\iexpress.exe
2012-12-12 13:24 . 2012-12-12 13:24 11776 ----a-w- c:\windows\system32\mshta.exe
2012-12-12 13:24 . 2012-12-12 13:24 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-12-12 13:24 . 2012-12-12 13:24 101888 ----a-w- c:\windows\system32\admparse.dll
2012-12-11 21:26 . 2012-12-11 21:26 52224 ----a-w- c:\windows\system32\wltrynt.dll
2012-12-11 21:26 . 2012-12-11 21:26 35088 ----a-w- c:\windows\system32\drivers\npf.sys
2012-12-11 21:26 . 2012-12-11 21:26 445 ----a-w- c:\windows\system32\vcredist_x86.bat
2012-12-11 21:26 . 2012-12-11 21:26 2682880 ----a-w- c:\windows\system32\vcredist_x86.exe
2012-12-11 21:26 . 2012-12-11 21:26 6656 ----a-w- c:\windows\system32\bcmwlrc.dll
2012-12-11 21:25 . 2012-12-11 21:26 91448 ----a-w- c:\windows\system32\bcmwlcoi.dll
2012-12-11 21:25 . 2012-12-11 21:26 3933496 ----a-w- c:\windows\system32\bcmihvsrv.dll
2012-12-11 21:25 . 2012-12-11 21:26 3622200 ----a-w- c:\windows\system32\bcmihvui.dll
2012-12-11 21:25 . 2012-12-11 21:26 4268096 ----a-w- c:\windows\system32\drivers\BCMWL6.SYS
2012-12-11 21:25 . 2012-12-11 21:27 989184 ----a-w- c:\windows\system32\BCMLogon.dll
2012-12-11 21:25 . 2012-12-11 21:26 4358144 ----a-w- c:\windows\system32\bcmttls.dll
2012-12-11 21:25 . 2012-12-11 21:26 18496 ----a-w- c:\windows\system32\drivers\bcm42rly.sys
2012-11-14 02:09 . 2012-12-12 20:59 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58 . 2012-12-12 20:59 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57 . 2012-12-12 20:59 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49 . 2012-12-12 20:59 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48 . 2012-12-12 20:59 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44 . 2012-12-12 20:59 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-09 04:42 . 2012-12-12 09:17 2048 ----a-w- c:\windows\system32\tzres.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"Broadcom Wireless Manager UI"="c:\program files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe" [2012-12-11 6475264]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-10-20 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-10-20 168960]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-10-20 161280]
"GfxServiceInstall"="c:\windows\system32\GfxServiceInstall.bat" [2011-10-20 51]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKLM\~\startupfolder\C:^Users^Šárka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk]
path=c:\users\Šárka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-12-03 07:35 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 IconMan_R;IconMan_R;c:\program files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files\PDF Architect\HelperService.exe [x]
S2 PDF Architect Service;PDF Architect Service;c:\program files\PDF Architect\ConversionService.exe [x]
S3 igddim32;igddim32;c:\windows\system32\DRIVERS\igddim32.sys [x]
S3 imgkmd32;imgkmd32;c:\windows\system32\DRIVERS\imgkmd32.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-12 19:28]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-01-31 11:44:42
ComboFix-quarantined-files.txt 2013-01-31 10:44
ComboFix2.txt 2013-01-31 08:15
.
Před spuštěním: Volných bajtů: 82 287 738 880
Po spuštění: Volných bajtů: 82 108 424 192
.
- - End Of File - - 7C094725D174FBD562D9ED1E2C69C3FF

HJT log

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:48:55, on 31.1.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Šárka\Documents\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files\PDF Architect\PDFIEPlugin.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [GfxServiceInstall] C:\Windows\system32\GfxServiceInstall.bat
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: PDF Architect Helper Service - pdfforge GbR - C:\Program Files\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GbR - C:\Program Files\PDF Architect\ConversionService.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Broadcom Corporation - C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE

--
End of file - 4407 bytes

aswMBR log

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-31 11:50:10
-----------------------------
11:50:10.434 OS Version: Windows 6.1.7601 Service Pack 1
11:50:10.434 Number of processors: 4 586 0x3601
11:50:10.434 ComputerName: MAMINKY-NTB UserName: Šárka
11:50:47.484 Initialize success
11:50:47.780 AVAST engine defs: 13012903
11:51:11.102 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
11:51:11.118 Disk 0 Vendor: ST320LT020-9YG142 0010SDM1 Size: 305245MB BusType: 11
11:51:11.134 Disk 0 MBR read successfully
11:51:11.149 Disk 0 MBR scan
11:51:11.539 Disk 0 Windows 7 default MBR code
11:51:11.570 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
11:51:12.054 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 99900 MB offset 206848
11:51:12.148 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 205243 MB offset 204802048
11:51:12.210 Disk 0 scanning sectors +625139712
11:51:12.584 Disk 0 scanning C:\Windows\system32\drivers
11:51:36.718 Service scanning
11:52:07.808 Modules scanning
11:52:26.731 Disk 0 trace - called modules:
11:52:26.778 ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll PCIIDEX.SYS msahci.sys
11:52:26.809 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x846ad030]
11:52:26.840 3 CLASSPNP.SYS[881ac59e] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x84547030]
11:52:27.917 AVAST engine scan C:\Windows
11:52:31.052 AVAST engine scan C:\Windows\system32
11:57:33.178 AVAST engine scan C:\Windows\system32\drivers
11:57:54.769 AVAST engine scan C:\Users\Šárka
11:58:46.389 AVAST engine scan C:\ProgramData
11:59:01.100 Scan finished successfully
12:03:21.340 Disk 0 MBR has been saved successfully to "E:\MBR.dat"
12:03:21.371 The log file has been saved successfully to "E:\aswMBR.txt"
Nahoru
Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - PC nenaběhl - růžová obrazovka

Příspěvekod memphisto » 31 led 2013 12:50

Nic se neprovedlo. Ten Combofix udělej ještě jednou ale v nouzovém režimu
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Nahoru
Karel.P
nováček
Příspěvky: 11
Registrován: leden 13
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - PC nenaběhl - růžová obrazovka

Příspěvekod Karel.P » 31 led 2013 14:56

Tak tady to je.

ComboFix 13-01-30.04 - Šárka 31.01.2013 14:41:06.3.4 - x86 MINIMAL
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2036.1379 [GMT 1:00]
Spuštěný z: c:\users\Őßrka\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Őßrka\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-28 do 2013-01-31 )))))))))))))))))))))))))))))))
.
.
2013-01-31 13:48 . 2013-01-31 13:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-31 08:15 . 2013-01-31 13:48 -------- d-----w- c:\users\Šárka\AppData\Local\temp
2013-01-30 20:49 . 2013-01-30 20:49 -------- d-----w- c:\users\Šárka\AppData\Local\Adobe
2013-01-30 11:06 . 2013-01-30 11:06 -------- d-----w- c:\users\Šárka\AppData\Roaming\Malwarebytes
2013-01-30 11:06 . 2013-01-30 11:06 -------- d-----w- c:\programdata\Malwarebytes
2013-01-30 11:06 . 2013-01-30 11:06 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-01-30 11:06 . 2012-12-14 15:49 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-01-30 09:42 . 2013-01-30 09:42 -------- d-----w- c:\program files\ESET
2013-01-29 11:56 . 2013-01-08 04:57 6991832 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B3004045-2722-467C-ABCB-2310106099F7}\mpengine.dll
2013-01-10 07:40 . 2012-11-09 04:43 492032 ----a-w- c:\windows\system32\win32spl.dll
2013-01-10 07:39 . 2012-11-23 02:56 2345984 ----a-w- c:\windows\system32\win32k.sys
2013-01-10 07:39 . 2012-11-22 04:45 626688 ----a-w- c:\windows\system32\usp10.dll
2013-01-10 07:37 . 2012-11-23 02:48 49152 ----a-w- c:\windows\system32\taskhost.exe
2013-01-10 07:37 . 2012-11-01 04:47 1389568 ----a-w- c:\windows\system32\msxml6.dll
2013-01-10 07:34 . 2012-12-07 10:46 43520 ----a-w- c:\windows\system32\csrr.rs
2013-01-10 07:33 . 2012-11-20 04:51 220160 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-08 20:59 . 2013-01-08 20:59 -------- d-----w- c:\users\Šárka\AppData\Roaming\PDF Architect
2013-01-08 20:56 . 2013-01-08 20:56 -------- d-----w- c:\users\Šárka\AppData\Roaming\APP_NAME_NON_STRING
2013-01-08 20:55 . 2013-01-08 20:56 -------- d-----w- c:\program files\PDF Architect
2013-01-08 20:55 . 2013-01-08 20:55 -------- d-----w- c:\users\Šárka\AppData\Roaming\pdfforge
2013-01-08 20:55 . 2012-05-05 09:54 137000 ----a-w- c:\windows\system32\MSMAPI32.OCX
2013-01-08 20:55 . 2012-10-28 17:32 88576 ----a-w- c:\windows\system32\pdfcmon.dll
2013-01-08 20:55 . 2012-05-05 09:54 662288 ----a-w- c:\windows\system32\MSCOMCT2.OCX
2013-01-08 20:55 . 2012-05-05 09:54 23552 ----a-w- c:\windows\system32\MSMPIDE.DLL
2013-01-08 20:54 . 2013-01-08 20:56 -------- d-----w- c:\program files\PDFCreator
2013-01-08 20:50 . 2013-01-08 20:50 -------- d-----w- c:\users\Šárka\AppData\Local\Programs
2013-01-04 21:37 . 2013-01-04 21:37 -------- d-----w- c:\programdata\TreeCardGames
2013-01-04 21:37 . 2013-01-13 01:04 -------- d-----w- c:\users\Šárka\AppData\Roaming\MahJong Suite
2013-01-04 21:37 . 2013-01-04 21:37 -------- d-----w- c:\program files\MahJong Suite
2013-01-04 21:36 . 2013-01-04 21:36 -------- d-----w- c:\users\Šárka\AppData\Local\Diagnostics
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-08 19:28 . 2012-12-12 18:35 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-08 19:28 . 2012-12-12 18:35 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-16 14:13 . 2012-12-21 23:31 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 23:31 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-12 13:24 . 2012-12-12 13:24 86528 ----a-w- c:\windows\system32\iesysprep.dll
2012-12-12 13:24 . 2012-12-12 13:24 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-12-12 13:24 . 2012-12-12 13:24 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-12-12 13:24 . 2012-12-12 13:24 74752 ----a-w- c:\windows\system32\iesetup.dll
2012-12-12 13:24 . 2012-12-12 13:24 63488 ----a-w- c:\windows\system32\tdc.ocx
2012-12-12 13:24 . 2012-12-12 13:24 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-12-12 13:24 . 2012-12-12 13:24 367104 ----a-w- c:\windows\system32\html.iec
2012-12-12 13:24 . 2012-12-12 13:24 35840 ----a-w- c:\windows\system32\imgutil.dll
2012-12-12 13:24 . 2012-12-12 13:24 23552 ----a-w- c:\windows\system32\licmgr10.dll
2012-12-12 13:24 . 2012-12-12 13:24 161792 ----a-w- c:\windows\system32\msls31.dll
2012-12-12 13:24 . 2012-12-12 13:24 152064 ----a-w- c:\windows\system32\wextract.exe
2012-12-12 13:24 . 2012-12-12 13:24 150528 ----a-w- c:\windows\system32\iexpress.exe
2012-12-12 13:24 . 2012-12-12 13:24 11776 ----a-w- c:\windows\system32\mshta.exe
2012-12-12 13:24 . 2012-12-12 13:24 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-12-12 13:24 . 2012-12-12 13:24 101888 ----a-w- c:\windows\system32\admparse.dll
2012-12-11 21:26 . 2012-12-11 21:26 52224 ----a-w- c:\windows\system32\wltrynt.dll
2012-12-11 21:26 . 2012-12-11 21:26 35088 ----a-w- c:\windows\system32\drivers\npf.sys
2012-12-11 21:26 . 2012-12-11 21:26 445 ----a-w- c:\windows\system32\vcredist_x86.bat
2012-12-11 21:26 . 2012-12-11 21:26 2682880 ----a-w- c:\windows\system32\vcredist_x86.exe
2012-12-11 21:26 . 2012-12-11 21:26 6656 ----a-w- c:\windows\system32\bcmwlrc.dll
2012-12-11 21:25 . 2012-12-11 21:26 91448 ----a-w- c:\windows\system32\bcmwlcoi.dll
2012-12-11 21:25 . 2012-12-11 21:26 3933496 ----a-w- c:\windows\system32\bcmihvsrv.dll
2012-12-11 21:25 . 2012-12-11 21:26 3622200 ----a-w- c:\windows\system32\bcmihvui.dll
2012-12-11 21:25 . 2012-12-11 21:26 4268096 ----a-w- c:\windows\system32\drivers\BCMWL6.SYS
2012-12-11 21:25 . 2012-12-11 21:27 989184 ----a-w- c:\windows\system32\BCMLogon.dll
2012-12-11 21:25 . 2012-12-11 21:26 4358144 ----a-w- c:\windows\system32\bcmttls.dll
2012-12-11 21:25 . 2012-12-11 21:26 18496 ----a-w- c:\windows\system32\drivers\bcm42rly.sys
2012-11-14 02:09 . 2012-12-12 20:59 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58 . 2012-12-12 20:59 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57 . 2012-12-12 20:59 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49 . 2012-12-12 20:59 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48 . 2012-12-12 20:59 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44 . 2012-12-12 20:59 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-09 04:42 . 2012-12-12 09:17 2048 ----a-w- c:\windows\system32\tzres.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"Broadcom Wireless Manager UI"="c:\program files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe" [2012-12-11 6475264]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-10-20 135168]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-10-20 168960]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-10-20 161280]
"GfxServiceInstall"="c:\windows\system32\GfxServiceInstall.bat" [2011-10-20 51]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKLM\~\startupfolder\C:^Users^Šárka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk]
path=c:\users\Šárka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-12-03 07:35 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
R1 aswSnx;aswSnx; [x]
R1 aswSP;aswSP; [x]
R2 aswFsBlk;aswFsBlk; [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
R2 IconMan_R;IconMan_R;c:\program files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
R2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files\PDF Architect\HelperService.exe [x]
R2 PDF Architect Service;PDF Architect Service;c:\program files\PDF Architect\ConversionService.exe [x]
R3 igddim32;igddim32;c:\windows\system32\DRIVERS\igddim32.sys [x]
R3 imgkmd32;imgkmd32;c:\windows\system32\DRIVERS\imgkmd32.sys [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-12 19:28]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-01-31 14:51:57
ComboFix-quarantined-files.txt 2013-01-31 13:51
ComboFix2.txt 2013-01-31 10:44
ComboFix3.txt 2013-01-31 08:15
.
Před spuštěním: Volných bajtů: 82 153 648 128
Po spuštění: Volných bajtů: 82 055 192 576
.
- - End Of File - - 8A6D21ED9F9CF9F8DEAF4D8D78A448A4


A pro jistotu přikládám i ten CFScript.txt, jestli je dobře:

ClearJavaCache::
KillAll::
FileLook::
c:\windows\system32\csrr.rs

Folder::
c:\program files\ESET

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
Nahoru
Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu - PC nenaběhl - růžová obrazovka

Příspěvekod memphisto » 31 led 2013 15:06

Je správně akorát se pořád nic neděje...

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj antivir a antispyware ,následně T-Cleaner smaž a zapni si znovu antivir a antispyware.


Stáhni si OTL by OldTimer
na plochu. Ujisti se , že máš zavřena všechna ostatní okna a poklepej na ikonu OTL.Nahoře v okně pod Výstup klikni na minimální výstup.Pod Běžné registry změň na Vše. Zatrhni Kontrola na havěť “LOP“ a Kontrola na havěť “ Purity“ . Klikni na Prohledat. Všechny ostatní nastavení ponech jak jsou. Sken může trvat dlouho, až skončí otevřou se dva logy:
OTL.Txt
Extras.Txt
Jsou uloženy ve stejném místě jako OTL. Oba logy sem prosím zkopíruj.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Nahoru
Zamčeno

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 100 hostů