PC-HELP.CZ

Avast mi hlásí, že našel v PC Rootkit, který jsem okamžitě smazal. Avast udělal test systému po restartu PC, ale žádný infikovaný soubor nenašel. Proto přidávám log z HJT.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:16:40, on 1.2.2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\GamePark2\gpcl.exe
C:\Program Files\TeamSpeak 3 Client\ts3client_win32.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: GamePark klient 2.lnk = C:\Program Files\GamePark2\gpcl.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

--
End of file - 4356 bytes

Fixni:
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.

Ještě jsem si všiml, pozoruju to už od včerejška, že mi mizí místo na disku a to přitom nic neinstaluju. Ještě včera jsem měl 83 GB volného a dneska mám 79 GB. Nevíte proč ?

Tady je log z MBAM:

Malwarebytes Anti-Malware 1.70.0.1100
http://www.malwarebytes.org

Verze: v2013.02.01.03

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Maty :: MATY-PC [administrátor]

1.2.2013 11:57:19
mbam-log-2013-02-01 (11-57-19).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 188641
Uplynulý čas: 2 minut, 48 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

Zatím se dá těžko soudit čím to je, ale 4 GB jsou dneska nic. Můžeš je spapat browser, obnovení systému atd.

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

====================================================

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.

Pokud budou problémy , spusť v nouz. režimu.

TDSS

16:05:26.0293 3808 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
16:05:28.0294 3808 ============================================================
16:05:28.0294 3808 Current date / time: 2013/02/01 16:05:28.0294
16:05:28.0294 3808 SystemInfo:
16:05:28.0294 3808
16:05:28.0294 3808 OS Version: 6.0.6002 ServicePack: 2.0
16:05:28.0294 3808 Product type: Workstation
16:05:28.0295 3808 ComputerName: MATY-PC
16:05:28.0295 3808 UserName: Maty
16:05:28.0295 3808 Windows directory: C:\Windows
16:05:28.0295 3808 System windows directory: C:\Windows
16:05:28.0295 3808 Processor architecture: Intel x86
16:05:28.0295 3808 Number of processors: 2
16:05:28.0295 3808 Page size: 0x1000
16:05:28.0295 3808 Boot type: Normal boot
16:05:28.0295 3808 ============================================================
16:05:31.0391 3808 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:05:31.0418 3808 ============================================================
16:05:31.0418 3808 \Device\Harddisk0\DR0:
16:05:31.0424 3808 MBR partitions:
16:05:31.0424 3808 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x12A18800
16:05:31.0424 3808 ============================================================
16:05:31.0579 3808 C: <-> \Device\Harddisk0\DR0\Partition1
16:05:31.0579 3808 ============================================================
16:05:31.0579 3808 Initialize success
16:05:31.0579 3808 ============================================================
16:05:36.0259 2476 ============================================================
16:05:36.0259 2476 Scan started
16:05:36.0259 2476 Mode: Manual;
16:05:36.0259 2476 ============================================================
16:05:37.0647 2476 ================ Scan system memory ========================
16:05:37.0647 2476 System memory - ok
16:05:37.0647 2476 ================ Scan services =============================
16:05:38.0552 2476 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
16:05:38.0552 2476 ACPI - ok
16:05:38.0615 2476 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:05:38.0615 2476 AdobeFlashPlayerUpdateSvc - ok
16:05:38.0646 2476 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:05:38.0661 2476 adp94xx - ok
16:05:38.0677 2476 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:05:38.0677 2476 adpahci - ok
16:05:38.0693 2476 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
16:05:38.0693 2476 adpu160m - ok
16:05:38.0708 2476 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:05:38.0708 2476 adpu320 - ok
16:05:38.0739 2476 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:05:38.0739 2476 AeLookupSvc - ok
16:05:38.0786 2476 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
16:05:38.0802 2476 AFD - ok
16:05:38.0817 2476 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:05:38.0833 2476 agp440 - ok
16:05:38.0849 2476 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
16:05:38.0849 2476 aic78xx - ok
16:05:38.0880 2476 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
16:05:38.0880 2476 ALG - ok
16:05:38.0911 2476 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
16:05:38.0911 2476 aliide - ok
16:05:38.0942 2476 [ AEFEEE2E852F2774A4491C8EFA6C3B6E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:05:38.0942 2476 AMD External Events Utility - ok
16:05:38.0958 2476 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
16:05:38.0958 2476 amdagp - ok
16:05:38.0973 2476 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
16:05:38.0973 2476 amdide - ok
16:05:38.0989 2476 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
16:05:38.0989 2476 AmdK7 - ok
16:05:39.0020 2476 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:05:39.0020 2476 AmdK8 - ok
16:05:39.0644 2476 [ D05CF4523E0C04EF82454ABFD84FDC1D ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:05:39.0785 2476 amdkmdag - ok
16:05:39.0925 2476 [ 92DC2E0AE49148F83B24D89C737B0C97 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
16:05:39.0925 2476 amdkmdap - ok
16:05:40.0019 2476 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
16:05:40.0019 2476 Appinfo - ok
16:05:40.0097 2476 [ F5F0F78286A849BC0E45E0E99065B04F ] AppleCharger C:\Windows\system32\DRIVERS\AppleCharger.sys
16:05:40.0097 2476 AppleCharger - ok
16:05:40.0112 2476 [ 95EF7247C50C7241FDAE39A9B3AFF4AE ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
16:05:40.0112 2476 AppleChargerSrv - ok
16:05:40.0128 2476 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
16:05:40.0128 2476 arc - ok
16:05:40.0159 2476 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:05:40.0159 2476 arcsas - ok
16:05:40.0190 2476 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
16:05:40.0190 2476 aswFsBlk - ok
16:05:40.0206 2476 [ 62F9DCEC95F91B8E0203E85D344A7E65 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
16:05:40.0206 2476 aswMonFlt - ok
16:05:40.0237 2476 [ 7C9F0A2AB17D52261A9252A2EB320884 ] AswRdr C:\Windows\system32\drivers\AswRdr.sys
16:05:40.0237 2476 AswRdr - ok
16:05:40.0253 2476 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
16:05:40.0253 2476 aswSnx - ok
16:05:40.0284 2476 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\Windows\system32\drivers\aswSP.sys
16:05:40.0284 2476 aswSP - ok
16:05:40.0284 2476 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
16:05:40.0284 2476 aswTdi - ok
16:05:40.0331 2476 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:05:40.0331 2476 AsyncMac - ok
16:05:40.0362 2476 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
16:05:40.0362 2476 atapi - ok
16:05:40.0393 2476 [ 0C3C2E9136397E1AAA9033DCAE25CED2 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdLH3.sys
16:05:40.0393 2476 AtiHDAudioService - ok
16:05:40.0440 2476 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:05:40.0440 2476 AudioEndpointBuilder - ok
16:05:40.0455 2476 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
16:05:40.0455 2476 Audiosrv - ok
16:05:40.0611 2476 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
16:05:40.0611 2476 avast! Antivirus - ok
16:05:40.0689 2476 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
16:05:40.0689 2476 Beep - ok
16:05:40.0752 2476 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
16:05:40.0752 2476 BFE - ok
16:05:40.0814 2476 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
16:05:40.0830 2476 BITS - ok
16:05:40.0830 2476 blbdrive - ok
16:05:40.0892 2476 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:05:40.0908 2476 bowser - ok
16:05:40.0939 2476 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
16:05:40.0939 2476 BrFiltLo - ok
16:05:40.0955 2476 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
16:05:40.0955 2476 BrFiltUp - ok
16:05:40.0986 2476 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
16:05:41.0001 2476 Browser - ok
16:05:41.0033 2476 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
16:05:41.0033 2476 Brserid - ok
16:05:41.0048 2476 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
16:05:41.0048 2476 BrSerWdm - ok
16:05:41.0064 2476 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
16:05:41.0064 2476 BrUsbMdm - ok
16:05:41.0079 2476 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
16:05:41.0079 2476 BrUsbSer - ok
16:05:41.0095 2476 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:05:41.0095 2476 BTHMODEM - ok
16:05:41.0126 2476 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:05:41.0126 2476 cdfs - ok
16:05:41.0157 2476 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:05:41.0157 2476 cdrom - ok
16:05:41.0220 2476 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
16:05:41.0220 2476 CertPropSvc - ok
16:05:41.0235 2476 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
16:05:41.0235 2476 circlass - ok
16:05:41.0267 2476 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
16:05:41.0267 2476 CLFS - ok
16:05:41.0360 2476 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:05:41.0360 2476 clr_optimization_v2.0.50727_32 - ok
16:05:42.0000 2476 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:05:42.0047 2476 clr_optimization_v4.0.30319_32 - ok
16:05:42.0062 2476 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:05:42.0062 2476 cmdide - ok
16:05:42.0078 2476 [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
16:05:42.0078 2476 Compbatt - ok
16:05:42.0078 2476 COMSysApp - ok
16:05:42.0093 2476 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:05:42.0093 2476 crcdisk - ok
16:05:42.0109 2476 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
16:05:42.0109 2476 Crusoe - ok
16:05:42.0156 2476 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:05:42.0156 2476 CryptSvc - ok
16:05:42.0203 2476 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:05:42.0218 2476 DcomLaunch - ok
16:05:42.0265 2476 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:05:42.0265 2476 DfsC - ok
16:05:42.0733 2476 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
16:05:42.0811 2476 DFSR - ok
16:05:42.0858 2476 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
16:05:42.0858 2476 Dhcp - ok
16:05:42.0905 2476 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
16:05:42.0905 2476 disk - ok
16:05:42.0936 2476 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:05:42.0936 2476 Dnscache - ok
16:05:43.0029 2476 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
16:05:43.0061 2476 dot3svc - ok
16:05:43.0092 2476 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
16:05:43.0092 2476 DPS - ok
16:05:43.0123 2476 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:05:43.0139 2476 drmkaud - ok
16:05:43.0170 2476 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:05:43.0170 2476 DXGKrnl - ok
16:05:43.0217 2476 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
16:05:43.0217 2476 E1G60 - ok
16:05:43.0248 2476 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
16:05:43.0248 2476 EapHost - ok
16:05:43.0310 2476 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
16:05:43.0310 2476 Ecache - ok
16:05:43.0341 2476 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:05:43.0341 2476 elxstor - ok
16:05:43.0373 2476 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
16:05:43.0388 2476 EMDMgmt - ok
16:05:43.0451 2476 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
16:05:43.0451 2476 EventSystem - ok
16:05:43.0497 2476 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
16:05:43.0497 2476 exfat - ok
16:05:43.0529 2476 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:05:43.0544 2476 fastfat - ok
16:05:43.0575 2476 [ 63BDADA84951B9C03E641800E176898A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:05:43.0575 2476 fdc - ok
16:05:43.0591 2476 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
16:05:43.0591 2476 fdPHost - ok
16:05:43.0622 2476 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
16:05:43.0622 2476 FDResPub - ok
16:05:43.0638 2476 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:05:43.0638 2476 FileInfo - ok
16:05:43.0638 2476 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:05:43.0653 2476 Filetrace - ok
16:05:43.0669 2476 [ 6603957EFF5EC62D25075EA8AC27DE68 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:05:43.0669 2476 flpydisk - ok
16:05:43.0731 2476 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:05:43.0747 2476 FltMgr - ok
16:05:43.0809 2476 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
16:05:43.0825 2476 FontCache - ok
16:05:43.0872 2476 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:05:43.0872 2476 FontCache3.0.0.0 - ok
16:05:43.0903 2476 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:05:43.0903 2476 Fs_Rec - ok
16:05:43.0919 2476 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:05:43.0919 2476 gagp30kx - ok
16:05:43.0934 2476 gdrv - ok
16:05:43.0965 2476 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
16:05:43.0981 2476 gpsvc - ok
16:05:44.0106 2476 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
16:05:44.0121 2476 gupdate - ok
16:05:44.0121 2476 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
16:05:44.0121 2476 gupdatem - ok
16:05:44.0153 2476 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:05:44.0168 2476 HdAudAddService - ok
16:05:44.0231 2476 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:05:44.0246 2476 HDAudBus - ok
16:05:44.0262 2476 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:05:44.0262 2476 HidBth - ok
16:05:44.0293 2476 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
16:05:44.0293 2476 HidIr - ok
16:05:44.0309 2476 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
16:05:44.0324 2476 hidserv - ok
16:05:44.0340 2476 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:05:44.0340 2476 HidUsb - ok
16:05:44.0371 2476 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:05:44.0371 2476 hkmsvc - ok
16:05:44.0387 2476 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
16:05:44.0387 2476 HpCISSs - ok
16:05:44.0433 2476 [ 0EEECA26C8D4BDE2A4664DB058A81937 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:05:44.0433 2476 HTTP - ok
16:05:44.0465 2476 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
16:05:44.0465 2476 i2omp - ok
16:05:44.0496 2476 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:05:44.0496 2476 i8042prt - ok
16:05:44.0527 2476 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
16:05:44.0527 2476 iaStorV - ok
16:05:44.0636 2476 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:05:44.0667 2476 idsvc - ok
16:05:44.0683 2476 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:05:44.0683 2476 iirsp - ok
16:05:44.0714 2476 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
16:05:44.0714 2476 IKEEXT - ok
16:05:44.0823 2476 [ F179FEB1B15AAD94C6BF082C0356DF16 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
16:05:44.0839 2476 IntcAzAudAddService - ok
16:05:44.0886 2476 [ 97469037714070E45194ED318D636401 ] intelide C:\Windows\system32\drivers\intelide.sys
16:05:44.0901 2476 intelide - ok
16:05:44.0933 2476 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:05:44.0933 2476 intelppm - ok
16:05:44.0979 2476 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:05:44.0979 2476 IPBusEnum - ok
16:05:45.0011 2476 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:05:45.0011 2476 IpFilterDriver - ok
16:05:45.0042 2476 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:05:45.0042 2476 iphlpsvc - ok
16:05:45.0042 2476 IpInIp - ok
16:05:45.0073 2476 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
16:05:45.0073 2476 IPMIDRV - ok
16:05:45.0104 2476 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
16:05:45.0135 2476 IPNAT - ok
16:05:45.0151 2476 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:05:45.0151 2476 IRENUM - ok
16:05:45.0167 2476 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:05:45.0167 2476 isapnp - ok
16:05:45.0307 2476 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
16:05:45.0307 2476 iScsiPrt - ok
16:05:45.0338 2476 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
16:05:45.0354 2476 iteatapi - ok
16:05:45.0401 2476 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
16:05:45.0401 2476 iteraid - ok
16:05:45.0432 2476 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:05:45.0432 2476 kbdclass - ok
16:05:45.0463 2476 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:05:45.0463 2476 kbdhid - ok
16:05:45.0494 2476 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
16:05:45.0494 2476 KeyIso - ok
16:05:45.0635 2476 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:05:45.0650 2476 KSecDD - ok
16:05:45.0713 2476 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
16:05:45.0713 2476 KtmRm - ok
16:05:45.0759 2476 [ 3DB114D4729B8FF7FCF5801F9489CD2C ] L1C C:\Windows\system32\DRIVERS\L1C60x86.sys
16:05:45.0759 2476 L1C - ok
16:05:45.0791 2476 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
16:05:45.0791 2476 LanmanServer - ok
16:05:45.0837 2476 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:05:45.0837 2476 LanmanWorkstation - ok
16:05:45.0869 2476 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:05:45.0869 2476 lltdio - ok
16:05:45.0931 2476 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:05:45.0931 2476 lltdsvc - ok
16:05:45.0962 2476 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:05:45.0962 2476 lmhosts - ok
16:05:46.0009 2476 [ 0803906D607A9B83184447B75B60ECC2 ] LMS C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:05:46.0009 2476 LMS - ok
16:05:46.0040 2476 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:05:46.0056 2476 LSI_FC - ok
16:05:46.0071 2476 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:05:46.0071 2476 LSI_SAS - ok
16:05:46.0103 2476 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:05:46.0103 2476 LSI_SCSI - ok
16:05:46.0149 2476 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
16:05:46.0149 2476 luafv - ok
16:05:46.0165 2476 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
16:05:46.0165 2476 megasas - ok
16:05:46.0181 2476 [ CFCB18986426A2D8E66F1992636221D0 ] MEI C:\Windows\system32\DRIVERS\HECI.sys
16:05:46.0181 2476 MEI - ok
16:05:46.0212 2476 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
16:05:46.0212 2476 MMCSS - ok
16:05:46.0227 2476 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
16:05:46.0227 2476 Modem - ok
16:05:46.0259 2476 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:05:46.0259 2476 monitor - ok
16:05:46.0290 2476 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:05:46.0290 2476 mouclass - ok
16:05:46.0337 2476 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:05:46.0352 2476 mouhid - ok
16:05:46.0383 2476 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
16:05:46.0383 2476 MountMgr - ok
16:05:46.0415 2476 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
16:05:46.0415 2476 mpio - ok
16:05:46.0415 2476 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:05:46.0415 2476 mpsdrv - ok
16:05:46.0446 2476 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
16:05:46.0461 2476 MpsSvc - ok
16:05:46.0477 2476 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
16:05:46.0477 2476 Mraid35x - ok
16:05:46.0508 2476 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:05:46.0508 2476 MRxDAV - ok
16:05:46.0539 2476 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:05:46.0539 2476 mrxsmb - ok
16:05:46.0571 2476 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:05:46.0571 2476 mrxsmb10 - ok
16:05:46.0586 2476 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:05:46.0586 2476 mrxsmb20 - ok
16:05:46.0602 2476 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
16:05:46.0617 2476 msahci - ok
16:05:46.0617 2476 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:05:46.0617 2476 msdsm - ok
16:05:46.0649 2476 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
16:05:46.0649 2476 MSDTC - ok
16:05:46.0695 2476 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:05:46.0695 2476 Msfs - ok
16:05:46.0711 2476 MSICDSetup - ok
16:05:46.0742 2476 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:05:46.0758 2476 msisadrv - ok
16:05:46.0789 2476 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:05:46.0805 2476 MSiSCSI - ok
16:05:46.0805 2476 msiserver - ok
16:05:46.0820 2476 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:05:46.0820 2476 MSKSSRV - ok
16:05:46.0851 2476 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:05:46.0851 2476 MSPCLOCK - ok
16:05:46.0867 2476 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:05:46.0867 2476 MSPQM - ok
16:05:46.0898 2476 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:05:46.0898 2476 MsRPC - ok
16:05:46.0914 2476 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:05:46.0914 2476 mssmbios - ok
16:05:46.0914 2476 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:05:46.0914 2476 MSTEE - ok
16:05:46.0945 2476 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
16:05:46.0945 2476 Mup - ok
16:05:46.0976 2476 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
16:05:46.0992 2476 napagent - ok
16:05:47.0023 2476 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:05:47.0023 2476 NativeWifiP - ok
16:05:47.0070 2476 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:05:47.0070 2476 NDIS - ok
16:05:47.0101 2476 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:05:47.0101 2476 NdisTapi - ok
16:05:47.0117 2476 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:05:47.0117 2476 Ndisuio - ok
16:05:47.0132 2476 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:05:47.0148 2476 NdisWan - ok
16:05:47.0148 2476 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:05:47.0163 2476 NDProxy - ok
16:05:47.0163 2476 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:05:47.0179 2476 NetBIOS - ok
16:05:47.0195 2476 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
16:05:47.0195 2476 netbt - ok
16:05:47.0210 2476 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
16:05:47.0210 2476 Netlogon - ok
16:05:47.0319 2476 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
16:05:47.0335 2476 Netman - ok
16:05:47.0382 2476 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
16:05:47.0382 2476 netprofm - ok
16:05:47.0413 2476 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:05:47.0413 2476 NetTcpPortSharing - ok
16:05:47.0444 2476 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:05:47.0444 2476 nfrd960 - ok
16:05:47.0475 2476 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:05:47.0475 2476 NlaSvc - ok
16:05:47.0507 2476 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:05:47.0507 2476 Npfs - ok
16:05:47.0538 2476 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
16:05:47.0538 2476 nsi - ok
16:05:47.0553 2476 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:05:47.0569 2476 nsiproxy - ok
16:05:47.0616 2476 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:05:47.0647 2476 Ntfs - ok
16:05:47.0678 2476 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
16:05:47.0678 2476 ntrigdigi - ok
16:05:47.0694 2476 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
16:05:47.0694 2476 Null - ok
16:05:47.0709 2476 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:05:47.0709 2476 nvraid - ok
16:05:47.0725 2476 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:05:47.0725 2476 nvstor - ok
16:05:47.0741 2476 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:05:47.0741 2476 nv_agp - ok
16:05:47.0741 2476 NwlnkFlt - ok
16:05:47.0741 2476 NwlnkFwd - ok
16:05:47.0756 2476 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:05:47.0756 2476 ohci1394 - ok
16:05:47.0803 2476 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
16:05:47.0819 2476 p2pimsvc - ok
16:05:47.0819 2476 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
16:05:47.0834 2476 p2psvc - ok
16:05:47.0881 2476 [ 8A79FDF04A73428597E2CAF9D0D67850 ] Parport C:\Windows\system32\DRIVERS\parport.sys
16:05:47.0881 2476 Parport - ok
16:05:47.0912 2476 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:05:47.0912 2476 partmgr - ok
16:05:47.0928 2476 [ 6C580025C81CAF3AE9E3617C22CAD00E ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
16:05:47.0928 2476 Parvdm - ok
16:05:47.0943 2476 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
16:05:47.0959 2476 PcaSvc - ok
16:05:48.0006 2476 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
16:05:48.0006 2476 pci - ok
16:05:48.0037 2476 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys
16:05:48.0037 2476 pciide - ok
16:05:48.0053 2476 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:05:48.0053 2476 pcmcia - ok
16:05:48.0084 2476 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:05:48.0115 2476 PEAUTH - ok
16:05:48.0177 2476 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
16:05:48.0224 2476 pla - ok
16:05:48.0255 2476 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:05:48.0271 2476 PlugPlay - ok
16:05:48.0302 2476 [ A1DD33D16F277CE34124EE52AB2C0F14 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
16:05:48.0302 2476 PnkBstrA - ok
16:05:48.0349 2476 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
16:05:48.0365 2476 PNRPAutoReg - ok
16:05:48.0380 2476 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
16:05:48.0380 2476 PNRPsvc - ok
16:05:48.0489 2476 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:05:48.0536 2476 PolicyAgent - ok
16:05:48.0567 2476 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:05:48.0567 2476 PptpMiniport - ok
16:05:48.0599 2476 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
16:05:48.0599 2476 Processor - ok
16:05:48.0630 2476 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
16:05:48.0630 2476 ProfSvc - ok
16:05:48.0645 2476 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
16:05:48.0645 2476 ProtectedStorage - ok
16:05:48.0692 2476 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
16:05:48.0708 2476 PSched - ok
16:05:48.0739 2476 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:05:48.0755 2476 ql2300 - ok
16:05:48.0786 2476 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:05:48.0786 2476 ql40xx - ok
16:05:48.0817 2476 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
16:05:48.0833 2476 QWAVE - ok
16:05:48.0848 2476 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:05:48.0848 2476 QWAVEdrv - ok
16:05:48.0848 2476 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:05:48.0848 2476 RasAcd - ok
16:05:48.0864 2476 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
16:05:48.0879 2476 RasAuto - ok
16:05:48.0911 2476 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:05:48.0911 2476 Rasl2tp - ok
16:05:48.0942 2476 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
16:05:48.0942 2476 RasMan - ok
16:05:48.0973 2476 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:05:48.0973 2476 RasPppoe - ok
16:05:48.0989 2476 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:05:49.0004 2476 RasSstp - ok
16:05:49.0020 2476 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:05:49.0035 2476 rdbss - ok
16:05:49.0051 2476 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:05:49.0051 2476 RDPCDD - ok
16:05:49.0082 2476 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
16:05:49.0082 2476 rdpdr - ok
16:05:49.0098 2476 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:05:49.0098 2476 RDPENCDD - ok
16:05:49.0129 2476 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:05:49.0129 2476 RDPWD - ok
16:05:49.0191 2476 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:05:49.0191 2476 RemoteAccess - ok
16:05:49.0223 2476 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:05:49.0238 2476 RemoteRegistry - ok
16:05:49.0269 2476 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
16:05:49.0269 2476 RpcLocator - ok
16:05:49.0301 2476 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
16:05:49.0301 2476 RpcSs - ok
16:05:49.0347 2476 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:05:49.0363 2476 rspndr - ok
16:05:49.0379 2476 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
16:05:49.0379 2476 SamSs - ok
16:05:49.0394 2476 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:05:49.0394 2476 sbp2port - ok
16:05:49.0425 2476 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:05:49.0425 2476 SCardSvr - ok
16:05:49.0472 2476 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
16:05:49.0488 2476 Schedule - ok
16:05:49.0503 2476 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:05:49.0503 2476 SCPolicySvc - ok
16:05:49.0566 2476 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:05:49.0581 2476 SDRSVC - ok
16:05:49.0597 2476 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:05:49.0613 2476 secdrv - ok
16:05:49.0628 2476 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
16:05:49.0628 2476 seclogon - ok
16:05:49.0675 2476 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
16:05:49.0675 2476 SENS - ok
16:05:49.0706 2476 [ CE9EC966638EF0B10B864DDEDF62A099 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:05:49.0706 2476 Serenum - ok
16:05:49.0769 2476 [ 6D663022DB3E7058907784AE14B69898 ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:05:49.0769 2476 Serial - ok
16:05:49.0800 2476 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:05:49.0800 2476 sermouse - ok
16:05:49.0815 2476 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
16:05:49.0831 2476 SessionEnv - ok
16:05:49.0847 2476 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:05:49.0847 2476 sffdisk - ok
16:05:49.0862 2476 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:05:49.0862 2476 sffp_mmc - ok
16:05:49.0862 2476 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:05:49.0862 2476 sffp_sd - ok
16:05:49.0878 2476 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:05:49.0878 2476 sfloppy - ok
16:05:49.0909 2476 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:05:49.0909 2476 SharedAccess - ok
16:05:49.0940 2476 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:05:49.0956 2476 ShellHWDetection - ok
16:05:49.0987 2476 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
16:05:49.0987 2476 sisagp - ok
16:05:49.0987 2476 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
16:05:49.0987 2476 SiSRaid2 - ok
16:05:50.0003 2476 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:05:50.0003 2476 SiSRaid4 - ok
16:05:50.0174 2476 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
16:05:50.0283 2476 slsvc - ok
16:05:50.0346 2476 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
16:05:50.0346 2476 SLUINotify - ok
16:05:50.0377 2476 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:05:50.0377 2476 Smb - ok
16:05:50.0408 2476 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:05:50.0424 2476 SNMPTRAP - ok
16:05:50.0439 2476 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
16:05:50.0439 2476 spldr - ok
16:05:50.0471 2476 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
16:05:50.0486 2476 Spooler - ok
16:05:50.0533 2476 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:05:50.0533 2476 srv - ok
16:05:50.0564 2476 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:05:50.0564 2476 srv2 - ok
16:05:50.0611 2476 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:05:50.0627 2476 srvnet - ok
16:05:50.0642 2476 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:05:50.0689 2476 SSDPSRV - ok
16:05:50.0720 2476 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:05:50.0720 2476 SstpSvc - ok
16:05:50.0829 2476 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
16:05:50.0829 2476 stisvc - ok
16:05:50.0845 2476 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:05:50.0861 2476 swenum - ok
16:05:50.0876 2476 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
16:05:50.0892 2476 swprv - ok
16:05:50.0907 2476 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
16:05:50.0923 2476 Symc8xx - ok
16:05:50.0923 2476 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
16:05:50.0923 2476 Sym_hi - ok
16:05:50.0939 2476 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
16:05:50.0939 2476 Sym_u3 - ok
16:05:50.0985 2476 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
16:05:51.0001 2476 SysMain - ok
16:05:51.0032 2476 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:05:51.0032 2476 TabletInputService - ok
16:05:51.0063 2476 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:05:51.0063 2476 TapiSrv - ok
16:05:51.0095 2476 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
16:05:51.0095 2476 TBS - ok
16:05:51.0141 2476 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:05:51.0157 2476 Tcpip - ok
16:05:51.0173 2476 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
16:05:51.0173 2476 Tcpip6 - ok
16:05:51.0235 2476 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:05:51.0235 2476 tcpipreg - ok
16:05:51.0266 2476 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:05:51.0266 2476 TDPIPE - ok
16:05:51.0282 2476 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:05:51.0282 2476 TDTCP - ok
16:05:51.0313 2476 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:05:51.0313 2476 tdx - ok
16:05:51.0329 2476 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:05:51.0329 2476 TermDD - ok
16:05:51.0344 2476 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
16:05:51.0360 2476 TermService - ok
16:05:51.0375 2476 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
16:05:51.0375 2476 Themes - ok
16:05:51.0391 2476 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
16:05:51.0407 2476 THREADORDER - ok
16:05:51.0422 2476 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
16:05:51.0422 2476 TrkWks - ok
16:05:51.0485 2476 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:05:51.0485 2476 TrustedInstaller - ok
16:05:51.0500 2476 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:05:51.0500 2476 tssecsrv - ok
16:05:51.0547 2476 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
16:05:51.0547 2476 tunmp - ok
16:05:51.0563 2476 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:05:51.0563 2476 tunnel - ok
16:05:51.0594 2476 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:05:51.0594 2476 uagp35 - ok
16:05:51.0625 2476 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:05:51.0625 2476 udfs - ok
16:05:51.0656 2476 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:05:51.0656 2476 UI0Detect - ok
16:05:51.0672 2476 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:05:51.0687 2476 uliagpkx - ok
16:05:51.0703 2476 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
16:05:51.0703 2476 uliahci - ok
16:05:51.0719 2476 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
16:05:51.0719 2476 UlSata - ok
16:05:51.0734 2476 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
16:05:51.0734 2476 ulsata2 - ok
16:05:51.0765 2476 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:05:51.0765 2476 umbus - ok
16:05:51.0843 2476 [ EB79C6C91A99930015EF29AE7FA802D1 ] UNS C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:05:51.0890 2476 UNS - ok
16:05:51.0953 2476 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
16:05:51.0953 2476 upnphost - ok
16:05:51.0984 2476 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:05:51.0984 2476 usbccgp - ok
16:05:52.0015 2476 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:05:52.0015 2476 usbcir - ok
16:05:52.0046 2476 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:05:52.0046 2476 usbehci - ok
16:05:52.0077 2476 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:05:52.0093 2476 usbhub - ok
16:05:52.0109 2476 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:05:52.0109 2476 usbohci - ok
16:05:52.0109 2476 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys
16:05:52.0109 2476 usbprint - ok
16:05:52.0140 2476 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:05:52.0140 2476 USBSTOR - ok
16:05:52.0155 2476 [ 325DBBACB8A36AF9988CCF40EAC228CC ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
16:05:52.0155 2476 usbuhci - ok
16:05:52.0187 2476 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
16:05:52.0187 2476 UxSms - ok
16:05:52.0218 2476 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
16:05:52.0218 2476 vds - ok
16:05:52.0233 2476 [ 7D92BE0028ECDEDEC74617009084B5EF ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:05:52.0249 2476 vga - ok
16:05:52.0265 2476 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
16:05:52.0265 2476 VgaSave - ok
16:05:52.0280 2476 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
16:05:52.0280 2476 viaagp - ok
16:05:52.0296 2476 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
16:05:52.0296 2476 ViaC7 - ok
16:05:52.0311 2476 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
16:05:52.0311 2476 viaide - ok
16:05:52.0343 2476 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:05:52.0343 2476 volmgr - ok
16:05:52.0374 2476 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:05:52.0374 2476 volmgrx - ok
16:05:52.0405 2476 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:05:52.0405 2476 volsnap - ok
16:05:52.0436 2476 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:05:52.0436 2476 vsmraid - ok
16:05:52.0483 2476 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
16:05:52.0514 2476 VSS - ok
16:05:52.0577 2476 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
16:05:52.0592 2476 W32Time - ok
16:05:52.0608 2476 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:05:52.0608 2476 WacomPen - ok
16:05:52.0639 2476 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
16:05:52.0639 2476 Wanarp - ok
16:05:52.0639 2476 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:05:52.0655 2476 Wanarpv6 - ok
16:05:52.0670 2476 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:05:52.0670 2476 wcncsvc - ok
16:05:52.0701 2476 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:05:52.0701 2476 WcsPlugInService - ok
16:05:52.0717 2476 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
16:05:52.0717 2476 Wd - ok
16:05:52.0748 2476 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:05:52.0764 2476 Wdf01000 - ok
16:05:52.0795 2476 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:05:52.0795 2476 WdiServiceHost - ok
16:05:52.0795 2476 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:05:52.0811 2476 WdiSystemHost - ok
16:05:52.0857 2476 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
16:05:52.0873 2476 WebClient - ok
16:05:52.0904 2476 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:05:52.0904 2476 Wecsvc - ok
16:05:52.0951 2476 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:05:52.0951 2476 wercplsupport - ok
16:05:52.0967 2476 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
16:05:52.0982 2476 WerSvc - ok
16:05:53.0029 2476 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
16:05:53.0029 2476 WinDefend - ok
16:05:53.0029 2476 WinHttpAutoProxySvc - ok
16:05:53.0107 2476 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:05:53.0123 2476 Winmgmt - ok
16:05:53.0169 2476 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
16:05:53.0201 2476 WinRM - ok
16:05:53.0294 2476 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:05:53.0310 2476 Wlansvc - ok
16:05:53.0357 2476 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:05:53.0372 2476 WmiAcpi - ok
16:05:53.0388 2476 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:05:53.0388 2476 wmiApSrv - ok
16:05:53.0622 2476 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
16:05:53.0622 2476 WMPNetworkSvc - ok
16:05:53.0669 2476 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:05:53.0669 2476 WPCSvc - ok
16:05:53.0731 2476 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:05:53.0747 2476 WPDBusEnum - ok
16:05:54.0012 2476 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
16:05:54.0043 2476 WPFFontCache_v0400 - ok
16:05:54.0074 2476 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:05:54.0074 2476 ws2ifsl - ok
16:05:54.0105 2476 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
16:05:54.0105 2476 wscsvc - ok
16:05:54.0105 2476 WSearch - ok
16:05:54.0183 2476 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
16:05:54.0199 2476 wuauserv - ok
16:05:54.0277 2476 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:05:54.0293 2476 WudfPf - ok
16:05:54.0308 2476 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:05:54.0324 2476 WUDFRd - ok
16:05:54.0339 2476 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:05:54.0355 2476 wudfsvc - ok
16:05:54.0355 2476 ================ Scan global ===============================
16:05:54.0386 2476 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
16:05:54.0417 2476 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
16:05:54.0433 2476 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
16:05:54.0527 2476 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
16:05:54.0527 2476 [Global] - ok
16:05:54.0527 2476 ================ Scan MBR ==================================
16:05:54.0542 2476 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
16:05:54.0932 2476 \Device\Harddisk0\DR0 - ok
16:05:54.0932 2476 ================ Scan VBR ==================================
16:05:54.0932 2476 [ 1AA4F33F9DD2FDF08DC3F286C8E4A406 ] \Device\Harddisk0\DR0\Partition1
16:05:54.0932 2476 \Device\Harddisk0\DR0\Partition1 - ok
16:05:54.0932 2476 ============================================================
16:05:54.0932 2476 Scan finished
16:05:54.0932 2476 ============================================================
16:05:54.0948 3180 Detected object count: 0
16:05:54.0948 3180 Actual detected object count: 0
16:06:05.0540 3328 Deinitialize success

ComboFix:

ComboFix 13-02-01.04 - Maty 01.02.2013 16:13:45.1.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.420.1029.18.3563.2587 [GMT 1:00]
Spuštěný z: c:\users\Maty\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Thumbs.db
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-01 do 2013-02-01 )))))))))))))))))))))))))))))))
.
.
2013-02-01 15:18 . 2013-02-01 15:18 -------- d-----w- c:\users\Maty\AppData\Local\temp
2013-02-01 15:18 . 2013-02-01 15:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-01 10:13 . 2013-02-01 10:13 388096 ----a-r- c:\users\Maty\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-02-01 10:13 . 2013-02-01 10:13 -------- d-----w- c:\program files\Trend Micro
2013-02-01 07:43 . 2013-02-01 07:43 -------- d-----w- c:\users\Maty\AppData\Local\Apps
2013-02-01 07:13 . 2013-01-08 04:57 6991832 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9143919F-A91C-43CF-80F2-33E226C96095}\mpengine.dll
2013-01-31 12:17 . 2011-03-12 21:55 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2013-01-31 12:17 . 2012-03-01 14:46 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-01-31 12:17 . 2012-02-29 13:41 1069056 ----a-w- c:\windows\system32\DWrite.dll
2013-01-31 12:17 . 2012-02-29 14:08 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2013-01-31 12:17 . 2012-02-29 13:44 683008 ----a-w- c:\windows\system32\d2d1.dll
2013-01-31 12:17 . 2012-03-01 14:46 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2013-01-30 22:12 . 2013-01-30 22:12 -------- d-----w- c:\users\Maty\AppData\Local\ATI
2013-01-30 17:30 . 2013-01-30 21:03 -------- d-----w- c:\program files\World of Warcraft
2013-01-30 13:27 . 2013-01-30 13:27 -------- d-----w- c:\program files\Windows Portable Devices
2013-01-30 13:16 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2013-01-30 13:15 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2013-01-30 13:15 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2013-01-30 13:15 . 2009-10-01 01:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2013-01-30 13:14 . 2009-10-01 01:02 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2013-01-30 13:14 . 2009-10-01 01:01 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2013-01-30 13:14 . 2009-10-01 01:01 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2013-01-30 13:14 . 2009-10-01 01:02 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2013-01-30 13:14 . 2009-10-01 01:02 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2013-01-30 13:14 . 2009-10-01 01:02 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2013-01-30 13:14 . 2009-10-01 01:01 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2013-01-30 13:14 . 2009-10-01 01:01 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2013-01-30 13:14 . 2009-10-01 01:01 350208 ----a-w- c:\windows\system32\WPDSp.dll
2013-01-30 13:14 . 2009-10-01 01:01 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2013-01-30 13:14 . 2009-10-01 01:01 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2013-01-30 13:07 . 2012-02-29 15:11 5120 ----a-w- c:\windows\system32\wmi.dll
2013-01-30 13:07 . 2012-02-29 15:09 157696 ----a-w- c:\windows\system32\imagehlp.dll
2013-01-30 13:07 . 2012-02-29 13:32 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-01-30 12:59 . 2013-01-30 12:59 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2013-01-30 12:58 . 2013-01-30 12:58 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-01-30 12:58 . 2013-01-30 12:58 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2013-01-30 12:58 . 2013-01-30 12:58 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-01-30 12:47 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-01-30 12:47 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-01-30 12:47 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-01-30 12:47 . 2009-07-14 12:12 16896 ----a-w- c:\windows\system32\winusb.dll
2013-01-30 12:47 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-01-30 12:47 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-01-30 12:47 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-01-30 12:47 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-01-30 12:47 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2013-01-30 12:47 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2013-01-30 12:47 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-01-30 12:41 . 2012-12-16 13:12 34304 ----a-w- c:\windows\system32\atmlib.dll
2013-01-30 12:41 . 2012-12-16 10:50 293376 ----a-w- c:\windows\system32\atmfd.dll
2013-01-30 12:40 . 2012-05-11 15:57 623616 ----a-w- c:\windows\system32\localspl.dll
2013-01-30 12:40 . 2011-07-29 16:01 293376 ----a-w- c:\windows\system32\psisdecd.dll
2013-01-30 12:40 . 2011-07-29 16:01 217088 ----a-w- c:\windows\system32\psisrndr.ax
2013-01-30 12:40 . 2011-07-29 16:00 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2013-01-30 12:40 . 2011-07-29 16:00 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax
2013-01-30 12:40 . 2011-10-14 16:03 189952 ----a-w- c:\windows\system32\winmm.dll
2013-01-30 12:40 . 2011-10-14 16:00 23552 ----a-w- c:\windows\system32\mciseq.dll
2013-01-30 12:40 . 2011-11-18 20:23 1205064 ----a-w- c:\windows\system32\ntdll.dll
2013-01-30 12:40 . 2012-09-25 16:19 75776 ----a-w- c:\windows\system32\synceng.dll
2013-01-30 12:38 . 2011-11-18 17:47 66560 ----a-w- c:\windows\system32\packager.dll
2013-01-30 12:38 . 2012-11-20 04:22 204288 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-30 12:37 . 2011-11-25 15:59 376320 ----a-w- c:\windows\system32\winsrv.dll
2013-01-30 12:37 . 2011-12-14 16:17 680448 ----a-w- c:\windows\system32\msvcrt.dll
2013-01-30 12:37 . 2012-06-02 00:02 985088 ----a-w- c:\windows\system32\crypt32.dll
2013-01-30 12:37 . 2012-06-02 00:02 98304 ----a-w- c:\windows\system32\cryptnet.dll
2013-01-30 12:37 . 2012-06-02 00:02 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2013-01-30 12:37 . 2012-08-24 15:53 172544 ----a-w- c:\windows\system32\wintrust.dll
2013-01-30 12:37 . 2012-06-05 16:47 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2013-01-30 12:37 . 2012-11-13 01:29 2048 ----a-w- c:\windows\system32\tzres.dll
2013-01-30 12:37 . 2012-11-02 10:19 1400832 ----a-w- c:\windows\system32\msxml6.dll
2013-01-30 12:37 . 2011-10-25 15:56 49152 ----a-w- c:\windows\system32\csrsrv.dll
2013-01-30 12:36 . 2011-11-16 16:23 377344 ----a-w- c:\windows\system32\winhttp.dll
2013-01-30 12:36 . 2011-10-25 15:58 1314816 ----a-w- c:\windows\system32\quartz.dll
2013-01-30 12:36 . 2011-10-25 15:58 497152 ----a-w- c:\windows\system32\qdvd.dll
2013-01-30 12:36 . 2011-08-25 16:15 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2013-01-30 12:36 . 2011-08-25 16:14 238080 ----a-w- c:\windows\system32\oleacc.dll
2013-01-30 12:36 . 2011-08-25 13:31 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2013-01-30 12:36 . 2011-08-25 16:14 563712 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-30 12:36 . 2012-03-01 11:01 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2013-01-30 12:36 . 2012-06-05 16:47 1248768 ----a-w- c:\windows\system32\msxml3.dll
2013-01-30 12:36 . 2012-05-01 14:03 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2013-01-30 12:36 . 2011-09-30 15:57 707584 ----a-w- c:\program files\Common Files\System\wab32.dll
2013-01-30 12:35 . 2012-06-04 15:26 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2013-01-30 12:35 . 2012-06-02 00:04 278528 ----a-w- c:\windows\system32\schannel.dll
2013-01-30 12:35 . 2011-11-16 16:21 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2013-01-30 12:35 . 2011-11-16 16:23 72704 ----a-w- c:\windows\system32\secur32.dll
2013-01-30 12:35 . 2011-11-16 14:12 9728 ----a-w- c:\windows\system32\lsass.exe
2013-01-30 12:35 . 2012-08-29 11:27 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-30 12:35 . 2012-08-29 11:27 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-30 12:17 . 2012-01-09 15:54 613376 ----a-w- c:\windows\system32\rdpencom.dll
2013-01-30 12:05 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2013-01-30 12:05 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2013-01-30 12:05 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2013-01-30 12:05 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2013-01-30 12:05 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2013-01-30 12:05 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2013-01-30 12:05 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2013-01-30 12:05 . 2012-06-02 14:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2013-01-30 12:05 . 2012-06-02 14:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2013-01-29 20:32 . 2013-01-29 20:37 -------- d-----w- c:\users\Maty\AppData\Roaming\TeamViewer
2013-01-29 20:15 . 2013-01-29 20:15 -------- d-----w- c:\programdata\Blizzard
2013-01-29 15:47 . 2013-01-31 17:23 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2013-01-29 15:47 . 2013-01-29 16:48 -------- d-----w- c:\programdata\Blizzard Entertainment
2013-01-29 15:42 . 2013-01-29 15:42 -------- d-----w- c:\program files\Microsoft.NET
2013-01-29 15:29 . 2013-01-29 15:29 -------- d-----w- c:\windows\system32\eu-ES
2013-01-29 15:29 . 2013-01-29 15:29 -------- d-----w- c:\windows\system32\ca-ES
2013-01-29 15:29 . 2013-01-29 15:29 -------- d-----w- c:\windows\system32\vi-VN
2013-01-29 15:17 . 2013-01-29 15:17 -------- d-----w- c:\windows\system32\EventProviders
2013-01-29 14:59 . 2008-05-27 04:59 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin
2013-01-29 14:54 . 2009-11-08 09:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2013-01-29 14:54 . 2009-11-08 09:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
2013-01-29 14:54 . 2009-11-08 09:55 297808 ----a-w- c:\windows\system32\mscoree.dll
2013-01-29 14:54 . 2009-11-08 09:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2013-01-29 14:54 . 2009-11-08 09:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
2013-01-29 14:49 . 2009-04-11 05:03 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2013-01-29 14:49 . 2009-04-11 06:28 1081344 ----a-w- c:\windows\system32\SLCExt.dll
2013-01-29 14:49 . 2009-04-11 06:27 3408896 ----a-w- c:\windows\system32\SLsvc.exe
2013-01-29 14:49 . 2009-04-11 06:28 2134528 ----a-w- c:\windows\system32\FunctionDiscoveryFolder.dll
2013-01-29 14:49 . 2009-04-11 06:27 65536 ----a-w- c:\windows\system32\DevicePairingWizard.exe
2013-01-29 14:49 . 2009-04-11 05:03 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2013-01-29 14:49 . 2009-04-11 06:28 1480704 ----a-w- c:\windows\system32\mssrch.dll
2013-01-29 14:49 . 2009-04-11 02:52 684032 ----a-w- c:\windows\system32\drivers\spsys.sys
2013-01-29 14:47 . 2009-04-11 06:28 115712 ----a-w- c:\windows\system32\WinSCard.dll
2013-01-29 14:46 . 2009-04-11 06:28 705536 ----a-w- c:\windows\system32\SmiEngine.dll
2013-01-29 14:46 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-30 13:00 . 2013-01-30 13:00 203776 ----a-w- c:\windows\system32\webcheck.dll
2013-01-30 12:59 . 2013-01-30 12:59 4096 ----a-w- c:\windows\system32\drivers\cs-CZ\dxgkrnl.sys.mui
2013-01-28 20:45 . 2012-12-22 12:34 137464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2013-01-28 20:45 . 2012-12-22 12:34 214520 ----a-w- c:\windows\system32\PnkBstrB.exe
2013-01-28 20:45 . 2012-12-22 12:34 214520 ----a-w- c:\windows\system32\PnkBstrB.xtr
2013-01-28 15:11 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2013-01-28 15:11 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2013-01-17 00:28 . 2012-12-21 23:07 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-01-09 19:51 . 2012-12-22 08:53 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-09 19:51 . 2012-12-22 08:53 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-22 19:13 . 2012-12-22 19:13 40960 ----a-w- c:\windows\system32\drivers\cs-CZ\http.sys.mui
2012-12-22 19:13 . 2012-12-22 19:13 30720 ----a-w- c:\windows\system32\httpapi.dll
2012-12-22 19:13 . 2012-12-22 19:13 24064 ----a-w- c:\windows\system32\nshhttp.dll
2012-12-22 19:13 . 2012-12-22 19:13 411648 ----a-w- c:\windows\system32\drivers\http.sys
2012-12-22 12:34 . 2012-12-22 12:34 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2012-12-22 10:14 . 2012-12-22 10:14 23552 ----a-w- c:\windows\system32\lpk.dll
2012-12-22 10:14 . 2012-12-22 10:14 10240 ----a-w- c:\windows\system32\dciman32.dll
2012-12-22 10:14 . 2012-12-22 10:14 61440 ----a-w- c:\windows\system32\winipsec.dll
2012-12-22 10:14 . 2012-12-22 10:14 272896 ----a-w- c:\windows\system32\polstore.dll
2012-12-22 10:11 . 2012-12-22 10:11 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2012-12-22 10:11 . 2012-12-22 10:11 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2012-12-22 10:11 . 2012-12-22 10:11 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2012-12-22 10:11 . 2012-12-22 10:11 19968 ----a-w- c:\windows\system32\ARP.EXE
2012-12-22 10:11 . 2012-12-22 10:11 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2012-12-22 10:11 . 2012-12-22 10:11 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2012-12-22 10:11 . 2012-12-22 10:11 105984 ----a-w- c:\windows\system32\netiohlp.dll
2012-12-22 10:11 . 2012-12-22 10:11 10240 ----a-w- c:\windows\system32\finger.exe
2012-12-22 10:09 . 2012-12-22 10:09 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2012-12-22 10:09 . 2012-12-22 10:09 68096 ----a-w- c:\windows\system32\wlanhlp.dll
2012-12-22 10:09 . 2012-12-22 10:09 65024 ----a-w- c:\windows\system32\wlanapi.dll
2012-12-22 10:09 . 2012-12-22 10:09 513536 ----a-w- c:\windows\system32\wlansvc.dll
2012-12-22 10:09 . 2012-12-22 10:09 302592 ----a-w- c:\windows\system32\wlansec.dll
2012-12-22 10:09 . 2012-12-22 10:09 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2012-12-22 10:09 . 2012-12-22 10:09 15181 ----a-w- c:\windows\system32\gatherWirelessInfo.vbs
2012-12-22 10:09 . 2012-12-22 10:09 2048 ----a-w- c:\windows\system32\msxml3r.dll
2012-12-22 10:09 . 2012-12-22 10:09 2048 ----a-w- c:\windows\system32\msxml6r.dll
2012-12-22 10:08 . 2012-12-22 10:08 218624 ----a-w- c:\windows\system32\msv1_0.dll
2012-12-22 10:07 . 2012-12-22 10:07 53248 ----a-w- c:\windows\system32\rrinstaller.exe
2012-12-22 10:07 . 2012-12-22 10:07 24576 ----a-w- c:\windows\system32\mfpmp.exe
2012-12-22 10:07 . 2012-12-22 10:07 2048 ----a-w- c:\windows\system32\mferror.dll
2012-12-22 10:05 . 2012-12-22 10:05 71680 ----a-w- c:\windows\system32\atl.dll
2012-12-22 10:02 . 2012-12-22 10:02 160256 ----a-w- c:\windows\system32\wkssvc.dll
2012-12-22 10:01 . 2012-12-22 10:01 714240 ----a-w- c:\windows\system32\timedate.cpl
2012-12-22 09:54 . 2012-12-22 09:54 7964672 ----a-w- c:\windows\system32\NlsLexicons0024.dll
2012-12-22 09:54 . 2012-12-22 09:54 5499904 ----a-w- c:\windows\system32\NlsLexicons0022.dll
2012-12-22 09:54 . 2012-12-22 09:54 2136064 ----a-w- c:\windows\system32\NlsLexicons0021.dll
2012-12-22 09:54 . 2012-12-22 09:54 1808896 ----a-w- c:\windows\system32\NlsLexicons0046.dll
2012-12-22 09:54 . 2012-12-22 09:54 1793536 ----a-w- c:\windows\system32\NlsLexicons0045.dll
2012-12-22 09:54 . 2012-12-22 09:54 1782272 ----a-w- c:\windows\system32\NlsLexicons0039.dll
2012-12-22 09:54 . 2012-12-22 09:54 1558016 ----a-w- c:\windows\system32\NlsLexicons0049.dll
2012-12-22 09:54 . 2012-12-22 09:54 1411072 ----a-w- c:\windows\system32\NlsLexicons0047.dll
2012-12-22 09:54 . 2012-12-22 09:54 1236992 ----a-w- c:\windows\system32\NlsLexicons0020.dll
2012-12-22 09:54 . 2012-12-22 09:54 6781440 ----a-w- c:\windows\system32\NlsLexicons0019.dll
2012-12-22 09:54 . 2012-12-22 09:54 6224896 ----a-w- c:\windows\system32\NlsLexicons0027.dll
2012-12-22 09:54 . 2012-12-22 09:54 5791232 ----a-w- c:\windows\system32\NlsLexicons0026.dll
2012-12-22 09:54 . 2012-12-22 09:54 4981248 ----a-w- c:\windows\system32\NlsLexicons0013.dll
2012-12-22 09:54 . 2012-12-22 09:54 4175872 ----a-w- c:\windows\system32\NlsLexicons0010.dll
2012-12-22 09:54 . 2012-12-22 09:54 4164096 ----a-w- c:\windows\system32\NlsLexicons0002.dll
2012-12-22 09:54 . 2012-12-22 09:54 3331072 ----a-w- c:\windows\system32\NlsLexicons0018.dll
2012-12-22 09:54 . 2012-12-22 09:54 2466816 ----a-w- c:\windows\system32\NlsLexicons0011.dll
2012-12-22 09:54 . 2012-12-22 09:54 1452544 ----a-w- c:\windows\system32\NlsLexicons0003.dll
2012-12-22 09:54 . 2012-12-22 09:54 11722752 ----a-w- c:\windows\system32\NlsLexicons0001.dll
2012-12-22 09:54 . 2012-12-22 09:54 4093440 ----a-w- c:\windows\system32\NlsLexicons004c.dll
2012-12-22 09:54 . 2012-12-22 09:54 3419136 ----a-w- c:\windows\system32\NlsLexicons004a.dll
2012-12-22 09:54 . 2012-12-22 09:54 1702912 ----a-w- c:\windows\system32\NlsLexicons004b.dll
2012-12-22 09:54 . 2012-12-22 09:54 9892864 ----a-w- c:\windows\system32\NlsLexicons000a.dll
2012-12-22 09:54 . 2012-12-22 09:54 6585856 ----a-w- c:\windows\system32\NlsLexicons001b.dll
2012-12-22 09:54 . 2012-12-22 09:54 6346240 ----a-w- c:\windows\system32\NlsLexicons001d.dll
2012-12-22 09:54 . 2012-12-22 09:54 6237696 ----a-w- c:\windows\system32\NlsLexicons000c.dll
2012-12-22 09:54 . 2012-12-22 09:54 6014976 ----a-w- c:\windows\system32\NlsLexicons001a.dll
2012-12-22 09:54 . 2012-12-22 09:54 5654528 ----a-w- c:\windows\system32\NlsLexicons000f.dll
2012-12-22 09:54 . 2012-12-22 09:54 4096 ----a-w- c:\windows\system32\NlsLexicons002a.dll
2012-12-22 09:54 . 2012-12-22 09:54 4045824 ----a-w- c:\windows\system32\NlsLexicons003e.dll
2012-12-22 09:54 . 2012-12-22 09:54 1972736 ----a-w- c:\windows\system32\NlsLexicons004e.dll
2012-12-22 09:54 . 2012-12-22 09:54 1722368 ----a-w- c:\windows\system32\NlsLexicons000d.dll
2012-12-22 09:54 . 2012-12-22 09:54 7042560 ----a-w- c:\windows\system32\NlsLexicons081a.dll
2012-12-22 09:54 . 2012-12-22 09:54 5090816 ----a-w- c:\windows\system32\NlsLexicons0416.dll
2012-12-22 09:54 . 2012-12-22 09:54 5071872 ----a-w- c:\windows\system32\NlsModels0011.dll
2012-12-22 09:54 . 2012-12-22 09:54 5031936 ----a-w- c:\windows\system32\NlsLexicons0816.dll
2012-12-22 09:54 . 2012-12-22 09:54 4616192 ----a-w- c:\windows\system32\NlsLexicons0414.dll
2012-12-22 09:54 . 2012-12-22 09:54 3104768 ----a-w- c:\windows\system32\NlsData0049.dll
2012-12-22 09:54 . 2012-12-22 09:54 3104768 ----a-w- c:\windows\system32\NlsData0047.dll
2012-12-22 09:54 . 2012-12-22 09:54 3104768 ----a-w- c:\windows\system32\NlsData0046.dll
2012-12-22 09:54 . 2012-12-22 09:54 3104768 ----a-w- c:\windows\system32\NlsData0045.dll
2012-12-22 09:54 . 2012-12-22 09:54 3104768 ----a-w- c:\windows\system32\NlsData0039.dll
2012-12-22 09:54 . 2012-12-22 09:54 3104768 ----a-w- c:\windows\system32\NlsData0020.dll
2012-12-22 09:54 . 2012-12-22 09:54 4497408 ----a-w- c:\windows\system32\NlsData0019.dll
2012-12-22 09:54 . 2012-12-22 09:54 4495360 ----a-w- c:\windows\system32\NlsData0010.dll
2012-12-22 09:54 . 2012-12-22 09:54 3466752 ----a-w- c:\windows\system32\NlsData0013.dll
2012-12-22 09:54 . 2012-12-22 09:54 2657280 ----a-w- c:\windows\system32\NlsData0011.dll
2012-12-22 09:54 . 2012-12-22 09:54 2599936 ----a-w- c:\windows\system32\NlsData0001.dll
2012-12-22 09:54 . 2012-12-22 09:54 1966592 ----a-w- c:\windows\system32\NlsData0027.dll
2012-12-22 09:54 . 2012-12-22 09:54 1965056 ----a-w- c:\windows\system32\NlsData0026.dll
2012-12-22 09:54 . 2012-12-22 09:54 1965056 ----a-w- c:\windows\system32\NlsData0024.dll
2012-12-22 09:54 . 2012-12-22 09:54 1965056 ----a-w- c:\windows\system32\NlsData0018.dll
2012-12-22 09:54 . 2012-12-22 09:54 1965056 ----a-w- c:\windows\system32\NlsData0003.dll
2012-12-22 09:54 . 2012-12-22 09:54 1965056 ----a-w- c:\windows\system32\NlsData0002.dll
2012-12-22 09:54 . 2012-12-22 09:54 1801216 ----a-w- c:\windows\system32\NlsData0022.dll
2012-12-22 09:54 . 2012-12-22 09:54 1801216 ----a-w- c:\windows\system32\NlsData0021.dll
2012-12-22 09:54 . 2012-12-22 09:54 1523712 ----a-w- c:\windows\system32\NlsData0000.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-11-18 11483752]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-01-26 336384]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-01 07:43 1607120 ----a-w- c:\program files\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-22 19:51]
.
2013-02-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-01 07:43]
.
2013-02-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-02-01 07:43]
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-WudfPf
SafeBoot-WudfRd
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-02-01 16:18
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
Celkový čas: 2013-02-01 16:19:47
ComboFix-quarantined-files.txt 2013-02-01 15:19
.
Před spuštěním: Volných bajtů: 84 736 827 392
Po spuštění: Volných bajtů: 84 661 084 160
.
- - End Of File - - C2C741F6DF3AC95EAC4ADF574149A312

Tak co ? :)

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE
Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.


- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

ComboFix 13-02-01.04 - Maty 03.02.2013 16:18:29.2.2 - x86
Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1250.420.1029.18.3563.2634 [GMT 1:00]
Spuštěný z: c:\users\Maty\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\Maty\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Google\Update
c:\program files\Google\Update\1.3.21.123\GoogleCrashHandler.exe
c:\program files\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
c:\program files\Google\Update\1.3.21.123\GoogleUpdate.exe
c:\program files\Google\Update\1.3.21.123\GoogleUpdateBroker.exe
c:\program files\Google\Update\1.3.21.123\GoogleUpdateHelper.msi
c:\program files\Google\Update\1.3.21.123\GoogleUpdateOnDemand.exe
c:\program files\Google\Update\1.3.21.123\GoogleUpdateSetup.exe
c:\program files\Google\Update\1.3.21.123\goopdate.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_am.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ar.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_bg.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_bn.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ca.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_cs.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_da.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_de.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_el.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_en-GB.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_en.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_es-419.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_es.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_et.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_fa.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_fi.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_fil.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_fr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_gu.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_hi.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_hr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_hu.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_id.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_is.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_it.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_iw.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ja.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_kn.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ko.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_lt.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_lv.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ml.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_mr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ms.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_nl.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_no.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_pl.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_pt-BR.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_pt-PT.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ro.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ru.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sk.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sl.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sv.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sw.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ta.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_te.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_th.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_tr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_uk.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ur.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_vi.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_zh-CN.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_zh-TW.dll
c:\program files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
c:\program files\Google\Update\1.3.21.123\psmachine.dll
c:\program files\Google\Update\1.3.21.123\psuser.dll
c:\program files\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\24.0.1312.57\24.0.1312.57_chrome_installer.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-03 do 2013-02-03 )))))))))))))))))))))))))))))))
.
.
2013-02-03 15:23 . 2013-02-03 15:25 -------- d-----w- c:\users\Maty\AppData\Local\temp
2013-02-01 10:13 . 2013-02-01 10:13 388096 ----a-r- c:\users\Maty\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-02-01 10:13 . 2013-02-01 10:13 -------- d-----w- c:\program files\Trend Micro
2013-02-01 07:43 . 2013-02-01 07:43 -------- d-----w- c:\users\Maty\AppData\Local\Apps
2013-02-01 07:13 . 2013-01-08 04:57 6991832 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9143919F-A91C-43CF-80F2-33E226C96095}\mpengine.dll
2013-01-31 12:17 . 2011-03-12 21:55 876032 ----a-w- c:\windows\system32\XpsPrint.dll
2013-01-31 12:17 . 2012-03-01 14:46 219648 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-01-31 12:17 . 2012-02-29 13:41 1069056 ----a-w- c:\windows\system32\DWrite.dll
2013-01-31 12:17 . 2012-02-29 14:08 1172480 ----a-w- c:\windows\system32\d3d10warp.dll
2013-01-31 12:17 . 2012-02-29 13:44 683008 ----a-w- c:\windows\system32\d2d1.dll
2013-01-31 12:17 . 2012-03-01 14:46 160768 ----a-w- c:\windows\system32\d3d10_1.dll
2013-01-30 22:12 . 2013-01-30 22:12 -------- d-----w- c:\users\Maty\AppData\Local\ATI
2013-01-30 17:30 . 2013-01-30 21:03 -------- d-----w- c:\program files\World of Warcraft
2013-01-30 13:27 . 2013-01-30 13:27 -------- d-----w- c:\program files\Windows Portable Devices
2013-01-30 13:16 . 2009-09-10 02:00 92672 ----a-w- c:\windows\system32\UIAnimation.dll
2013-01-30 13:15 . 2009-09-10 02:01 3023360 ----a-w- c:\windows\system32\UIRibbon.dll
2013-01-30 13:15 . 2009-09-10 02:00 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2013-01-30 13:15 . 2009-10-01 01:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2013-01-30 13:14 . 2009-10-01 01:02 31232 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2013-01-30 13:14 . 2009-10-01 01:01 81920 ----a-w- c:\windows\system32\wpdbusenum.dll
2013-01-30 13:14 . 2009-10-01 01:01 60928 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2013-01-30 13:14 . 2009-10-01 01:02 2537472 ----a-w- c:\windows\system32\wpdshext.dll
2013-01-30 13:14 . 2009-10-01 01:02 334848 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2013-01-30 13:14 . 2009-10-01 01:02 87552 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2013-01-30 13:14 . 2009-10-01 01:01 546816 ----a-w- c:\windows\system32\wpd_ci.dll
2013-01-30 13:14 . 2009-10-01 01:01 160256 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2013-01-30 13:14 . 2009-10-01 01:01 350208 ----a-w- c:\windows\system32\WPDSp.dll
2013-01-30 13:14 . 2009-10-01 01:01 196608 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2013-01-30 13:14 . 2009-10-01 01:01 100864 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2013-01-30 13:07 . 2012-02-29 15:11 5120 ----a-w- c:\windows\system32\wmi.dll
2013-01-30 13:07 . 2012-02-29 15:09 157696 ----a-w- c:\windows\system32\imagehlp.dll
2013-01-30 13:07 . 2012-02-29 13:32 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-01-30 12:59 . 2013-01-30 12:59 979456 ----a-w- c:\windows\system32\MFH264Dec.dll
2013-01-30 12:58 . 2013-01-30 12:58 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-01-30 12:58 . 2013-01-30 12:58 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2013-01-30 12:58 . 2013-01-30 12:58 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-01-30 12:47 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-01-30 12:47 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-01-30 12:47 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-01-30 12:47 . 2009-07-14 12:12 16896 ----a-w- c:\windows\system32\winusb.dll
2013-01-30 12:47 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-01-30 12:47 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-01-30 12:47 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-01-30 12:47 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-01-30 12:47 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2013-01-30 12:47 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2013-01-30 12:47 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-01-30 12:41 . 2012-12-16 13:12 34304 ----a-w- c:\windows\system32\atmlib.dll
2013-01-30 12:41 . 2012-12-16 10:50 293376 ----a-w- c:\windows\system32\atmfd.dll
2013-01-30 12:40 . 2012-05-11 15:57 623616 ----a-w- c:\windows\system32\localspl.dll
2013-01-30 12:40 . 2011-07-29 16:01 293376 ----a-w- c:\windows\system32\psisdecd.dll
2013-01-30 12:40 . 2011-07-29 16:01 217088 ----a-w- c:\windows\system32\psisrndr.ax
2013-01-30 12:40 . 2011-07-29 16:00 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2013-01-30 12:40 . 2011-07-29 16:00 69632 ----a-w- c:\windows\system32\Mpeg2Data.ax
2013-01-30 12:40 . 2011-10-14 16:03 189952 ----a-w- c:\windows\system32\winmm.dll
2013-01-30 12:40 . 2011-10-14 16:00 23552 ----a-w- c:\windows\system32\mciseq.dll
2013-01-30 12:40 . 2011-11-18 20:23 1205064 ----a-w- c:\windows\system32\ntdll.dll
2013-01-30 12:40 . 2012-09-25 16:19 75776 ----a-w- c:\windows\system32\synceng.dll
2013-01-30 12:38 . 2011-11-18 17:47 66560 ----a-w- c:\windows\system32\packager.dll
2013-01-30 12:38 . 2012-11-20 04:22 204288 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-30 12:37 . 2011-11-25 15:59 376320 ----a-w- c:\windows\system32\winsrv.dll
2013-01-30 12:37 . 2011-12-14 16:17 680448 ----a-w- c:\windows\system32\msvcrt.dll
2013-01-30 12:37 . 2012-06-02 00:02 985088 ----a-w- c:\windows\system32\crypt32.dll
2013-01-30 12:37 . 2012-06-02 00:02 98304 ----a-w- c:\windows\system32\cryptnet.dll
2013-01-30 12:37 . 2012-06-02 00:02 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2013-01-30 12:37 . 2012-08-24 15:53 172544 ----a-w- c:\windows\system32\wintrust.dll
2013-01-30 12:37 . 2012-06-05 16:47 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll
2013-01-30 12:37 . 2012-11-13 01:29 2048 ----a-w- c:\windows\system32\tzres.dll
2013-01-30 12:37 . 2012-11-02 10:19 1400832 ----a-w- c:\windows\system32\msxml6.dll
2013-01-30 12:37 . 2011-10-25 15:56 49152 ----a-w- c:\windows\system32\csrsrv.dll
2013-01-30 12:36 . 2011-11-16 16:23 377344 ----a-w- c:\windows\system32\winhttp.dll
2013-01-30 12:36 . 2011-10-25 15:58 1314816 ----a-w- c:\windows\system32\quartz.dll
2013-01-30 12:36 . 2011-10-25 15:58 497152 ----a-w- c:\windows\system32\qdvd.dll
2013-01-30 12:36 . 2011-08-25 16:15 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2013-01-30 12:36 . 2011-08-25 16:14 238080 ----a-w- c:\windows\system32\oleacc.dll
2013-01-30 12:36 . 2011-08-25 13:31 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2013-01-30 12:36 . 2011-08-25 16:14 563712 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-30 12:36 . 2012-03-01 11:01 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
2013-01-30 12:36 . 2012-06-05 16:47 1248768 ----a-w- c:\windows\system32\msxml3.dll
2013-01-30 12:36 . 2012-05-01 14:03 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2013-01-30 12:36 . 2011-09-30 15:57 707584 ----a-w- c:\program files\Common Files\System\wab32.dll
2013-01-30 12:35 . 2012-06-04 15:26 440704 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2013-01-30 12:35 . 2012-06-02 00:04 278528 ----a-w- c:\windows\system32\schannel.dll
2013-01-30 12:35 . 2011-11-16 16:21 1259008 ----a-w- c:\windows\system32\lsasrv.dll
2013-01-30 12:35 . 2011-11-16 16:23 72704 ----a-w- c:\windows\system32\secur32.dll
2013-01-30 12:35 . 2011-11-16 14:12 9728 ----a-w- c:\windows\system32\lsass.exe
2013-01-30 12:35 . 2012-08-29 11:27 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-30 12:35 . 2012-08-29 11:27 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-30 12:17 . 2012-01-09 15:54 613376 ----a-w- c:\windows\system32\rdpencom.dll
2013-01-30 12:05 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2013-01-30 12:05 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2013-01-30 12:05 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2013-01-30 12:05 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2013-01-30 12:05 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2013-01-30 12:05 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2013-01-30 12:05 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2013-01-30 12:05 . 2012-06-02 14:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2013-01-30 12:05 . 2012-06-02 14:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2013-01-29 20:32 . 2013-01-29 20:37 -------- d-----w- c:\users\Maty\AppData\Roaming\TeamViewer
2013-01-29 20:15 . 2013-01-29 20:15 -------- d-----w- c:\programdata\Blizzard
2013-01-29 15:47 . 2013-01-31 17:23 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2013-01-29 15:47 . 2013-01-29 16:48 -------- d-----w- c:\programdata\Blizzard Entertainment
2013-01-29 15:42 . 2013-01-29 15:42 -------- d-----w- c:\program files\Microsoft.NET
2013-01-29 15:29 . 2013-01-29 15:29 -------- d-----w- c:\windows\system32\eu-ES
2013-01-29 15:29 . 2013-01-29 15:29 -------- d-----w- c:\windows\system32\ca-ES
2013-01-29 15:29 . 2013-01-29 15:29 -------- d-----w- c:\windows\system32\vi-VN
2013-01-29 15:17 . 2013-01-29 15:17 -------- d-----w- c:\windows\system32\EventProviders
2013-01-29 14:59 . 2008-05-27 04:59 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin
2013-01-29 14:54 . 2009-11-08 09:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2013-01-29 14:54 . 2009-11-08 09:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
2013-01-29 14:54 . 2009-11-08 09:55 297808 ----a-w- c:\windows\system32\mscoree.dll
2013-01-29 14:54 . 2009-11-08 09:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2013-01-29 14:54 . 2009-11-08 09:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
2013-01-29 14:49 . 2009-04-11 05:03 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2013-01-29 14:49 . 2009-04-11 06:28 1081344 ----a-w- c:\windows\system32\SLCExt.dll
2013-01-29 14:49 . 2009-04-11 06:27 3408896 ----a-w- c:\windows\system32\SLsvc.exe
2013-01-29 14:49 . 2009-04-11 06:28 2134528 ----a-w- c:\windows\system32\FunctionDiscoveryFolder.dll
2013-01-29 14:49 . 2009-04-11 06:27 65536 ----a-w- c:\windows\system32\DevicePairingWizard.exe
2013-01-29 14:49 . 2009-04-11 05:03 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2013-01-29 14:49 . 2009-04-11 06:28 1480704 ----a-w- c:\windows\system32\mssrch.dll
2013-01-29 14:49 . 2009-04-11 02:52 684032 ----a-w- c:\windows\system32\drivers\spsys.sys
2013-01-29 14:47 . 2009-04-11 06:28 115712 ----a-w- c:\windows\system32\WinSCard.dll
2013-01-29 14:46 . 2009-04-11 06:28 705536 ----a-w- c:\windows\system32\SmiEngine.dll
2013-01-29 14:46 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll
2013-01-29 14:46 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-30 13:00 . 2013-01-30 13:00 203776 ----a-w- c:\windows\system32\webcheck.dll
2013-01-30 12:59 . 2013-01-30 12:59 4096 ----a-w- c:\windows\system32\drivers\cs-CZ\dxgkrnl.sys.mui
2013-01-28 20:45 . 2012-12-22 12:34 137464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2013-01-28 20:45 . 2012-12-22 12:34 214520 ----a-w- c:\windows\system32\PnkBstrB.exe
2013-01-28 20:45 . 2012-12-22 12:34 214520 ----a-w- c:\windows\system32\PnkBstrB.xtr
2013-01-28 15:11 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2013-01-28 15:11 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2013-01-17 00:28 . 2012-12-21 23:07 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-01-09 19:51 . 2012-12-22 08:53 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-01-09 19:51 . 2012-12-22 08:53 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-22 19:13 . 2012-12-22 19:13 40960 ----a-w- c:\windows\system32\drivers\cs-CZ\http.sys.mui
2012-12-22 19:13 . 2012-12-22 19:13 30720 ----a-w- c:\windows\system32\httpapi.dll
2012-12-22 19:13 . 2012-12-22 19:13 24064 ----a-w- c:\windows\system32\nshhttp.dll
2012-12-22 19:13 . 2012-12-22 19:13 411648 ----a-w- c:\windows\system32\drivers\http.sys
2012-12-22 12:34 . 2012-12-22 12:34 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2012-12-22 10:14 . 2012-12-22 10:14 23552 ----a-w- c:\windows\system32\lpk.dll
2012-12-22 10:14 . 2012-12-22 10:14 10240 ----a-w- c:\windows\system32\dciman32.dll
2012-12-22 10:14 . 2012-12-22 10:14 61440 ----a-w- c:\windows\system32\winipsec.dll
2012-12-22 10:14 . 2012-12-22 10:14 272896 ----a-w- c:\windows\system32\polstore.dll
2012-12-22 10:11 . 2012-12-22 10:11 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2012-12-22 10:11 . 2012-12-22 10:11 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2012-12-22 10:11 . 2012-12-22 10:11 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2012-12-22 10:11 . 2012-12-22 10:11 19968 ----a-w- c:\windows\system32\ARP.EXE
2012-12-22 10:11 . 2012-12-22 10:11 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2012-12-22 10:11 . 2012-12-22 10:11 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2012-12-22 10:11 . 2012-12-22 10:11 105984 ----a-w- c:\windows\system32\netiohlp.dll
2012-12-22 10:11 . 2012-12-22 10:11 10240 ----a-w- c:\windows\system32\finger.exe
2012-12-22 10:09 . 2012-12-22 10:09 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2012-12-22 10:09 . 2012-12-22 10:09 68096 ----a-w- c:\windows\system32\wlanhlp.dll
2012-12-22 10:09 . 2012-12-22 10:09 65024 ----a-w- c:\windows\system32\wlanapi.dll
2012-12-22 10:09 . 2012-12-22 10:09 513536 ----a-w- c:\windows\system32\wlansvc.dll
2012-12-22 10:09 . 2012-12-22 10:09 302592 ----a-w- c:\windows\system32\wlansec.dll
2012-12-22 10:09 . 2012-12-22 10:09 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2012-12-22 10:09 . 2012-12-22 10:09 15181 ----a-w- c:\windows\system32\gatherWirelessInfo.vbs
2012-12-22 10:09 . 2012-12-22 10:09 2048 ----a-w- c:\windows\system32\msxml3r.dll
2012-12-22 10:09 . 2012-12-22 10:09 2048 ----a-w- c:\windows\system32\msxml6r.dll
2012-12-22 10:08 . 2012-12-22 10:08 218624 ----a-w- c:\windows\system32\msv1_0.dll
2012-12-22 10:07 . 2012-12-22 10:07 53248 ----a-w- c:\windows\system32\rrinstaller.exe
2012-12-22 10:07 . 2012-12-22 10:07 24576 ----a-w- c:\windows\system32\mfpmp.exe
2012-12-22 10:07 . 2012-12-22 10:07 2048 ----a-w- c:\windows\system32\mferror.dll
2012-12-22 10:05 . 2012-12-22 10:05 71680 ----a-w- c:\windows\system32\atl.dll
2012-12-22 10:02 . 2012-12-22 10:02 160256 ----a-w- c:\windows\system32\wkssvc.dll
2012-12-22 10:01 . 2012-12-22 10:01 714240 ----a-w- c:\windows\system32\timedate.cpl
2012-12-22 09:54 . 2012-12-22 09:54 7964672 ----a-w- c:\windows\system32\NlsLexicons0024.dll
2012-12-22 09:54 . 2012-12-22 09:54 5499904 ----a-w- c:\windows\system32\NlsLexicons0022.dll
2012-12-22 09:54 . 2012-12-22 09:54 2136064 ----a-w- c:\windows\system32\NlsLexicons0021.dll
2012-12-22 09:54 . 2012-12-22 09:54 1808896 ----a-w- c:\windows\system32\NlsLexicons0046.dll
2012-12-22 09:54 . 2012-12-22 09:54 1793536 ----a-w- c:\windows\system32\NlsLexicons0045.dll
2012-12-22 09:54 . 2012-12-22 09:54 1782272 ----a-w- c:\windows\system32\NlsLexicons0039.dll
2012-12-22 09:54 . 2012-12-22 09:54 1558016 ----a-w- c:\windows\system32\NlsLexicons0049.dll
2012-12-22 09:54 . 2012-12-22 09:54 1411072 ----a-w- c:\windows\system32\NlsLexicons0047.dll
2012-12-22 09:54 . 2012-12-22 09:54 1236992 ----a-w- c:\windows\system32\NlsLexicons0020.dll
2012-12-22 09:54 . 2012-12-22 09:54 6781440 ----a-w- c:\windows\system32\NlsLexicons0019.dll
2012-12-22 09:54 . 2012-12-22 09:54 6224896 ----a-w- c:\windows\system32\NlsLexicons0027.dll
2012-12-22 09:54 . 2012-12-22 09:54 5791232 ----a-w- c:\windows\system32\NlsLexicons0026.dll
2012-12-22 09:54 . 2012-12-22 09:54 4981248 ----a-w- c:\windows\system32\NlsLexicons0013.dll
2012-12-22 09:54 . 2012-12-22 09:54 4175872 ----a-w- c:\windows\system32\NlsLexicons0010.dll
2012-12-22 09:54 . 2012-12-22 09:54 4164096 ----a-w- c:\windows\system32\NlsLexicons0002.dll
2012-12-22 09:54 . 2012-12-22 09:54 3331072 ----a-w- c:\windows\system32\NlsLexicons0018.dll
2012-12-22 09:54 . 2012-12-22 09:54 2466816 ----a-w- c:\windows\system32\NlsLexicons0011.dll
2012-12-22 09:54 . 2012-12-22 09:54 1452544 ----a-w- c:\windows\system32\NlsLexicons0003.dll
2012-12-22 09:54 . 2012-12-22 09:54 11722752 ----a-w- c:\windows\system32\NlsLexicons0001.dll
2012-12-22 09:54 . 2012-12-22 09:54 4093440 ----a-w- c:\windows\system32\NlsLexicons004c.dll
2012-12-22 09:54 . 2012-12-22 09:54 3419136 ----a-w- c:\windows\system32\NlsLexicons004a.dll
2012-12-22 09:54 . 2012-12-22 09:54 1702912 ----a-w- c:\windows\system32\NlsLexicons004b.dll
2012-12-22 09:54 . 2012-12-22 09:54 9892864 ----a-w- c:\windows\system32\NlsLexicons000a.dll
2012-12-22 09:54 . 2012-12-22 09:54 6585856 ----a-w- c:\windows\system32\NlsLexicons001b.dll
2012-12-22 09:54 . 2012-12-22 09:54 6346240 ----a-w- c:\windows\system32\NlsLexicons001d.dll
2012-12-22 09:54 . 2012-12-22 09:54 6237696 ----a-w- c:\windows\system32\NlsLexicons000c.dll
2012-12-22 09:54 . 2012-12-22 09:54 6014976 ----a-w- c:\windows\system32\NlsLexicons001a.dll
2012-12-22 09:54 . 2012-12-22 09:54 5654528 ----a-w- c:\windows\system32\NlsLexicons000f.dll
2012-12-22 09:54 . 2012-12-22 09:54 4096 ----a-w- c:\windows\system32\NlsLexicons002a.dll
2012-12-22 09:54 . 2012-12-22 09:54 4045824 ----a-w- c:\windows\system32\NlsLexicons003e.dll
2012-12-22 09:54 . 2012-12-22 09:54 1972736 ----a-w- c:\windows\system32\NlsLexicons004e.dll
2012-12-22 09:54 . 2012-12-22 09:54 1722368 ----a-w- c:\windows\system32\NlsLexicons000d.dll
2012-12-22 09:54 . 2012-12-22 09:54 7042560 ----a-w- c:\windows\system32\NlsLexicons081a.dll
2012-12-22 09:54 . 2012-12-22 09:54 5090816 ----a-w- c:\windows\system32\NlsLexicons0416.dll
2012-12-22 09:54 . 2012-12-22 09:54 5071872 ----a-w- c:\windows\system32\NlsModels0011.dll
2012-12-22 09:54 . 2012-12-22 09:54 5031936 ----a-w- c:\windows\system32\NlsLexicons0816.dll
2012-12-22 09:54 . 2012-12-22 09:54 4616192 ----a-w- c:\windows\system32\NlsLexicons0414.dll
2012-12-22 09:54 . 2012-12-22 09:54 3104768 ----a-w- c:\windows\system32\NlsData0049.dll
2012-12-22 09:54 . 2012-12-22 09:54 3104768 ----a-w- c:\windows\system32\NlsData0047.dll
2012-12-22 09:54 . 2012-12-22 09:54 3104768 ----a-w- c:\windows\system32\NlsData0046.dll
2012-12-22 09:54 . 2012-12-22 09:54 3104768 ----a-w- c:\windows\system32\NlsData0045.dll
2012-12-22 09:54 . 2012-12-22 09:54 3104768 ----a-w- c:\windows\system32\NlsData0039.dll
2012-12-22 09:54 . 2012-12-22 09:54 3104768 ----a-w- c:\windows\system32\NlsData0020.dll
2012-12-22 09:54 . 2012-12-22 09:54 4497408 ----a-w- c:\windows\system32\NlsData0019.dll
2012-12-22 09:54 . 2012-12-22 09:54 4495360 ----a-w- c:\windows\system32\NlsData0010.dll
2012-12-22 09:54 . 2012-12-22 09:54 3466752 ----a-w- c:\windows\system32\NlsData0013.dll
2012-12-22 09:54 . 2012-12-22 09:54 2657280 ----a-w- c:\windows\system32\NlsData0011.dll
2012-12-22 09:54 . 2012-12-22 09:54 2599936 ----a-w- c:\windows\system32\NlsData0001.dll
2012-12-22 09:54 . 2012-12-22 09:54 1966592 ----a-w- c:\windows\system32\NlsData0027.dll
2012-12-22 09:54 . 2012-12-22 09:54 1965056 ----a-w- c:\windows\system32\NlsData0026.dll
2012-12-22 09:54 . 2012-12-22 09:54 1965056 ----a-w- c:\windows\system32\NlsData0024.dll
2012-12-22 09:54 . 2012-12-22 09:54 1965056 ----a-w- c:\windows\system32\NlsData0018.dll
2012-12-22 09:54 . 2012-12-22 09:54 1965056 ----a-w- c:\windows\system32\NlsData0003.dll
2012-12-22 09:54 . 2012-12-22 09:54 1965056 ----a-w- c:\windows\system32\NlsData0002.dll
2012-12-22 09:54 . 2012-12-22 09:54 1801216 ----a-w- c:\windows\system32\NlsData0022.dll
2012-12-22 09:54 . 2012-12-22 09:54 1801216 ----a-w- c:\windows\system32\NlsData0021.dll
2012-12-22 09:54 . 2012-12-22 09:54 1523712 ----a-w- c:\windows\system32\NlsData0000.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-11-18 11483752]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-01-26 336384]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-01 07:43 1607120 ----a-w- c:\program files\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-22 19:51]
.
.
------- Doplňkový sken -------
.
TCP: DhcpNameServer = 192.168.1.1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-02-03 16:25
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\atiesrxx.exe
c:\windows\system32\atieclxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\System32\WUDFHost.exe
c:\windows\system32\conime.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
.
**************************************************************************
.
Celkový čas: 2013-02-03 16:28:33 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-02-03 15:28
ComboFix2.txt 2013-02-01 15:19
.
Před spuštěním: Volných bajtů: 83 729 354 752
Po spuštění: Volných bajtů: 84 168 114 176
.
- - End Of File - - 17BEF4BDB55A5B567401F2DF11E4D2F2

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj AVG , Avast,Avira či Microsoft Security Essentials následně T-Cleaner smaž a zapni si AVG , Avast, Avira či Microsoft Security Essentials

+ Nový log z HJT

Jak se chová PC?

Tak PC se chová už jak má, akorát nevím proč mi furt ubývá místo na disku :)

Log z HJT

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:48:21, on 3.2.2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conime.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

--
End of file - 3187 bytes

HJT OK

Zjisti, která složka to zabírá