Klavesnice pise jine znaky prosim o kontrolu

[StressCZ]

Dobry den mam problem, ze 3/4 klavesnice dela neco uplne jineho nez by mela.
Zde prikladam vypis z Hijack This:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:06:30, on 1.6.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Users\Jakub\AppData\Roaming\QipGuard\QipGuard.exe
C:\Users\Jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\Jakub\AppData\Local\Facebook\Messenger\2.1.4520.0\FacebookMessenger.exe
C:\Program Files (x86)\Xfire\Xfire.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\HP HD Webcam [Fixed]\Monitor.exe
C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\datamngrUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\SysWOW64\bsh\usr\sbin\sshd.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\SysWOW64\rundll32.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\SysWOW64\DllHost.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Jakub\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1&cf=2c48aefb- ... 1f74e2db10
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Jakub\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.7\bh\facemoods.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: IE5BarLauncherBHO Class - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Jakub\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll
O2 - BHO: SearchCore for Browsers - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\SEARCH~1\SEARCH~1\BROWSE~1.DLL
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll
O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll
O3 - Toolbar: facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodsTlbr.dll
O3 - Toolbar: VShareToolBar - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [NUSB3MON] "c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [HP HD Webcam [Fixed]_Monitor] C:\Program Files (x86)\HP HD Webcam [Fixed]\monitor.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [DTRun] c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~2\SEARCH~1\SEARCH~1\DATAMN~1.EXE
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [facemoods] "C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodssrv.exe" /md I
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [QIP Internet Guardian] C:\Users\Jakub\AppData\Roaming\QipGuard\QipGuard.exe /p
O4 - HKCU\..\Run: [Google Update] "C:\Users\Jakub\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Jakub\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-695818009-2212152024-3822427678-1006\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'postgres')
O4 - HKUS\S-1-5-21-695818009-2212152024-3822427678-1006\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'postgres')
O4 - HKUS\S-1-5-21-695818009-2212152024-3822427678-1007\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'sshdsvc')
O4 - HKUS\S-1-5-21-695818009-2212152024-3822427678-1007\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'sshdsvc')
O4 - Startup: Dropbox.lnk = Jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Facebook Messenger.lnk = Jakub\AppData\Local\Facebook\Messenger\2.1.4520.0\FacebookMessenger.exe
O4 - Startup: Xfire.lnk = C:\Program Files (x86)\Xfire\Xfire.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Noble Poker - {B723B1B8-9788-4684-ADA7-D1DB02E1D516} - C:\Poker\Noble Poker\casino.exe
O9 - Extra 'Tools' menuitem: Noble Poker - {B723B1B8-9788-4684-ADA7-D1DB02E1D516} - C:\Poker\Noble Poker\casino.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Jakub\Desktop\PartyPoker.lnk (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Jakub\Desktop\PartyPoker.lnk (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/pub/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0CB70230-5270-41D0-8271-1AE13B8C7C3F}: NameServer = 89.203.192.1,89.203.192.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{45F7E510-DD1F-44A6-8BA9-CB1EBE8E8854}: NameServer = 8.8.8.8,8.8.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{0CB70230-5270-41D0-8271-1AE13B8C7C3F}: NameServer = 89.203.192.1,89.203.192.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{0CB70230-5270-41D0-8271-1AE13B8C7C3F}: NameServer = 89.203.192.1,89.203.192.2
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\SEARCH~1\SEARCH~1\datamngr.dll C:\PROGRA~2\SEARCH~1\SEARCH~1\IEBHO.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP Health Check Service - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe (file missing)
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Endpoint Encryption Agent - Unknown owner - C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe (file missing)
O23 - Service: MobaSSH (MobaSSH1) - Mobatek - http://mobassh.mobatek.net - C:\Windows\SysWOW64\MobaSSH.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: postgresql-x64-9.1 - PostgreSQL Server 9.1 (postgresql-x64-9.1) - PostgreSQL Global Development Group - C:/Program Files/PostgreSQL/9.1/bin/pg_ctl.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: QipGuard - QIP.ru - C:\Program Files (x86)\QipGuard\QipGuard.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Aktivátor Správce výběru OS Acronis (Správce výběru OS) - Unknown owner - C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XobniService - Xobni Corporation - C:\Program Files (x86)\Xobni\XobniService.exe

--
End of file - 19546 bytes

[Reklama]

[Žbeky]

Odinstaluj:
Searchqu Toolbar
facemoods
VShareToolBar

Fixni:

Kód: Vybrat vše

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://startsear.ch/?aff=1&cf=2c48aefb- ... 1f74e2db10
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Jakub\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.7\bh\facemoods.dll
O2 - BHO: IE5BarLauncherBHO Class - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\Jakub\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll
O2 - BHO: SearchCore for Browsers - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\SEARCH~1\SEARCH~1\BROWSE~1.DLL
O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WI3C8A~1\Datamngr\ToolBar\searchqudtx.dll
O3 - Toolbar: facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodsTlbr.dll
O3 - Toolbar: VShareToolBar - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [facemoods] "C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.7\facemoodssrv.exe" /md I
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKCU\..\Run: [QIP Internet Guardian] C:\Users\Jakub\AppData\Roaming\QipGuard\QipGuard.exe /p
O4 - HKCU\..\Run: [Google Update] "C:\Users\Jakub\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Jakub\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-695818009-2212152024-3822427678-1006\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'postgres')
O4 - HKUS\S-1-5-21-695818009-2212152024-3822427678-1007\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'sshdsvc')
O4 - Startup: Facebook Messenger.lnk = Jakub\AppData\Local\Facebook\Messenger\2.1.4520.0\FacebookMessenger.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Jakub\Desktop\PartyPoker.lnk (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Jakub\Desktop\PartyPoker.lnk (file missing)

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.

[StressCZ]

Snad jsem teda udělal vše co jsi napsal, předem dík alespoň za nějakou radu a log přikládám zde:


Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.61.0.1400
www.malwarebytes.org

Verze databáze: v2012.06.01.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Jakub :: JAKUB-HP [administrátor]

Ochrana: Povolena

1.6.2012 15:58:06
mbam-log-2012-06-01 (16-04-56).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 274900
Uplynulý čas: 6 minut, 36 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 22
HKCR\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Žádná instrukce nebyla provedena.
HKCR\TypeLib\{BB7256DD-EBA9-480B-8441-A00388C2BEC3} (PUP.VShareRedir) -> Žádná instrukce nebyla provedena.
HKCR\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000} (PUP.VShareRedir) -> Žádná instrukce nebyla provedena.
HKCR\MyNewsBarLauncher.IE5BarLauncher.1 (PUP.VShareRedir) -> Žádná instrukce nebyla provedena.
HKCR\MyNewsBarLauncher.IE5BarLauncher (PUP.VShareRedir) -> Žádná instrukce nebyla provedena.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Žádná instrukce nebyla provedena.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Žádná instrukce nebyla provedena.
HKCR\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649} (Adware.Zwangi) -> Žádná instrukce nebyla provedena.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Žádná instrukce nebyla provedena.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Žádná instrukce nebyla provedena.
HKCU\Software\RavenBleuSA (Adware.Hotbar.RB) -> Žádná instrukce nebyla provedena.
HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\RavenBleuSA (Adware.Hotbar.RB) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\FocusInteractive (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Fun Web Products (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\BASICSCAN (Adware.Zwangi) -> Žádná instrukce nebyla provedena.

Nalezené hodnoty v registru: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BasicScan|DisplayName (Adware.Zwangi) -> Data: BasicScan 1.0 build 115 -> Žádná instrukce nebyla provedena.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 8
C:\Program Files (x86)\FunWebProducts (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\FunWebProducts\ScreenSaver (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\FunWebProducts\ScreenSaver\Images (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\MyWebSearch (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\MyWebSearch\bar (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\MyWebSearch\bar\1.bin (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\ThirdPartyInstallers (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\MyWebSearch\bar\Settings (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.

Nalezené soubory: 13
C:\ProgramData\BasicScan\basicscan115.exe (Adware.QuestBasic) -> Žádná instrukce nebyla provedena.
C:\Windows\System32\f3PSSavr.scr (PUP.FunWebProducts) -> Žádná instrukce nebyla provedena.
C:\Users\Jakub\AppData\Local\Temp\QipUpdate2011\QipUpdater.exe (Rogue.Agent) -> Žádná instrukce nebyla provedena.
C:\Users\Jakub\Downloads\4Sync_1.0.2.exe (PUP.BundleInstaller.4S) -> Žádná instrukce nebyla provedena.
C:\Windows\KMSEmulator.exe (RiskWare.Tool.CK) -> Žádná instrukce nebyla provedena.
C:\Windows\System32\f3PSSavr.scr (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Windows\SysWOW64\f3PSSavr.scr (Trojan.Agent) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3HIGHIN.EXE (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3TPINST.DLL (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSOEMON.EXE (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSOESTB.DLL (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSVC.EXE (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.
C:\Program Files (x86)\MyWebSearch\bar\Settings\s_pid.dat (PUP.MyWebSearch) -> Žádná instrukce nebyla provedena.

(konec)

[jaro3]

. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Můžeš sem pak vložit nový log z MbAM.

Stáhni si TDSSKiller

Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.


Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[StressCZ]

Všechny výše uvedené kroky provedeny, výpisy z logů:
Malwarebytes Anti-Malware


Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.61.0.1400
www.malwarebytes.org

Verze databáze: v2012.06.01.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Jakub :: JAKUB-HP [administrátor]

Ochrana: Povolena

1.6.2012 16:51:55
mbam-log-2012-06-01 (16-51-55).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 274686
Uplynulý čas: 4 minut, 19 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 22
HKCR\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Umístnění do karantény a smazání se zdařilo.
HKCR\TypeLib\{BB7256DD-EBA9-480B-8441-A00388C2BEC3} (PUP.VShareRedir) -> Umístnění do karantény a smazání se zdařilo.
HKCR\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000} (PUP.VShareRedir) -> Umístnění do karantény a smazání se zdařilo.
HKCR\MyNewsBarLauncher.IE5BarLauncher.1 (PUP.VShareRedir) -> Umístnění do karantény a smazání se zdařilo.
HKCR\MyNewsBarLauncher.IE5BarLauncher (PUP.VShareRedir) -> Umístnění do karantény a smazání se zdařilo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Umístnění do karantény a smazání se zdařilo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Umístnění do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} (PUP.VShareRedir) -> Umístnění do karantény a smazání se zdařilo.
HKCR\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (PUP.MyWebSearch) -> Umístnění do karantény a smazání se zdařilo.
HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (PUP.MyWebSearch) -> Umístnění do karantény a smazání se zdařilo.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33524C00-63FB-43DB-A6BF-0A4E14B24649} (Adware.Zwangi) -> Umístnění do karantény a smazání se zdařilo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Umístnění do karantény a smazání se zdařilo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Umístnění do karantény a smazání se zdařilo.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Umístnění do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD} (PUP.VShareRedir) -> Umístnění do karantény a smazání se zdařilo.
HKCU\Software\RavenBleuSA (Adware.Hotbar.RB) -> Umístnění do karantény a smazání se zdařilo.
HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\RavenBleuSA (Adware.Hotbar.RB) -> Umístnění do karantény a smazání se zdařilo.
HKLM\SOFTWARE\FocusInteractive (PUP.MyWebSearch) -> Umístnění do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Fun Web Products (PUP.MyWebSearch) -> Umístnění do karantény a smazání se zdařilo.
HKLM\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> Umístnění do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (PUP.MyWebSearch) -> Umístnění do karantény a smazání se zdařilo.
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\BASICSCAN (Adware.Zwangi) -> Umístnění do karantény a smazání se zdařilo.

Nalezené hodnoty v registru: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BasicScan|DisplayName (Adware.Zwangi) -> Data: BasicScan 1.0 build 115 -> Umístnění do karantény a smazání se zdařilo.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 8
C:\Program Files (x86)\FunWebProducts (PUP.MyWebSearch) -> Umístnění do karantény a smazání se zdařilo.
C:\Program Files (x86)\FunWebProducts\ScreenSaver (PUP.MyWebSearch) -> Umístnění do karantény a smazání se zdařilo.
C:\Program Files (x86)\FunWebProducts\ScreenSaver\Images (PUP.MyWebSearch) -> Umístnění do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch (PUP.MyWebSearch) -> Umístnění do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar (PUP.MyWebSearch) -> Umístnění do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\1.bin (PUP.MyWebSearch) -> Umístnění do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\ThirdPartyInstallers (PUP.MyWebSearch) -> Umístnění do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\Settings (PUP.MyWebSearch) -> Umístnění do karantény a smazání se zdařilo.

Nalezené soubory: 13
C:\ProgramData\BasicScan\basicscan115.exe (Adware.QuestBasic) -> Umístnění do karantény a smazání se zdařilo.
C:\Windows\System32\f3PSSavr.scr (PUP.FunWebProducts) -> Umístnění do karantény a smazání se zdařilo.
C:\Users\Jakub\AppData\Local\Temp\QipUpdate2011\QipUpdater.exe (Rogue.Agent) -> Umístnění do karantény a smazání se zdařilo.
C:\Users\Jakub\Downloads\4Sync_1.0.2.exe (PUP.BundleInstaller.4S) -> Umístnění do karantény a smazání se zdařilo.
C:\Windows\KMSEmulator.exe (RiskWare.Tool.CK) -> Umístnění do karantény a smazání se zdařilo.
C:\Windows\System32\f3PSSavr.scr (Trojan.Agent) -> Umístnění do karantény a smazání se zdařilo.
C:\Windows\SysWOW64\f3PSSavr.scr (Trojan.Agent) -> Umístnění do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3HIGHIN.EXE (PUP.MyWebSearch) -> Umístnění do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3TPINST.DLL (PUP.MyWebSearch) -> Umístnění do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSOEMON.EXE (PUP.MyWebSearch) -> Umístnění do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSOESTB.DLL (PUP.MyWebSearch) -> Umístnění do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSVC.EXE (PUP.MyWebSearch) -> Umístnění do karantény a smazání se zdařilo.
C:\Program Files (x86)\MyWebSearch\bar\Settings\s_pid.dat (PUP.MyWebSearch) -> Umístnění do karantény a smazání se zdařilo.

(konec)

TDSSKiller


17:08:22.0048 3408 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
17:08:22.0158 3408 ============================================================
17:08:22.0158 3408 Current date / time: 2012/06/01 17:08:22.0158
17:08:22.0158 3408 SystemInfo:
17:08:22.0158 3408
17:08:22.0158 3408 OS Version: 6.1.7601 ServicePack: 1.0
17:08:22.0158 3408 Product type: Workstation
17:08:22.0158 3408 ComputerName: JAKUB-HP
17:08:22.0158 3408 UserName: Jakub
17:08:22.0158 3408 Windows directory: C:\windows
17:08:22.0158 3408 System windows directory: C:\windows
17:08:22.0158 3408 Running under WOW64
17:08:22.0158 3408 Processor architecture: Intel x64
17:08:22.0158 3408 Number of processors: 4
17:08:22.0158 3408 Page size: 0x1000
17:08:22.0158 3408 Boot type: Normal boot
17:08:22.0158 3408 ============================================================
17:08:24.0919 3408 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:08:24.0919 3408 ============================================================
17:08:24.0934 3408 \Device\Harddisk0\DR0:
17:08:24.0934 3408 MBR partitions:
17:08:24.0934 3408 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x96000
17:08:24.0934 3408 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x96800, BlocksNum 0x47C0B000
17:08:24.0934 3408 ============================================================
17:08:25.0075 3408 C: <-> \Device\Harddisk0\DR0\Partition1
17:08:25.0075 3408 ============================================================
17:08:25.0075 3408 Initialize success
17:08:25.0075 3408 ============================================================
17:08:36.0416 5972 ============================================================
17:08:36.0416 5972 Scan started
17:08:36.0416 5972 Mode: Manual;
17:08:36.0416 5972 ============================================================
17:08:38.0272 5972 1394ohci (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
17:08:38.0335 5972 1394ohci - ok
17:08:38.0460 5972 Accelerometer (5c368f4b04ed2a923e6afca2d37baff5) C:\windows\system32\DRIVERS\Accelerometer.sys
17:08:38.0460 5972 Accelerometer - ok
17:08:38.0631 5972 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
17:08:38.0631 5972 ACPI - ok
17:08:38.0803 5972 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
17:08:38.0803 5972 AcpiPmi - ok
17:08:39.0255 5972 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:08:39.0302 5972 AdobeARMservice - ok
17:08:39.0895 5972 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:08:40.0394 5972 AdobeFlashPlayerUpdateSvc - ok
17:08:40.0503 5972 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
17:08:40.0597 5972 adp94xx - ok
17:08:40.0753 5972 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
17:08:40.0846 5972 adpahci - ok
17:08:40.0909 5972 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
17:08:40.0956 5972 adpu320 - ok
17:08:41.0096 5972 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
17:08:41.0112 5972 AeLookupSvc - ok
17:08:41.0533 5972 AESTFilters (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe
17:08:41.0533 5972 AESTFilters - ok
17:08:41.0970 5972 Afc (6ccd1135320109d6b219f1a6e04ad9f6) C:\windows\syswow64\drivers\Afc.sys
17:08:41.0985 5972 Afc - ok
17:08:42.0406 5972 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
17:08:42.0438 5972 AFD - ok
17:08:42.0765 5972 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\windows\system32\DRIVERS\agrsm64.sys
17:08:42.0890 5972 AgereSoftModem - ok
17:08:43.0062 5972 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
17:08:43.0062 5972 agp440 - ok
17:08:43.0202 5972 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
17:08:43.0280 5972 ALG - ok
17:08:43.0608 5972 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
17:08:43.0857 5972 aliide - ok
17:08:44.0216 5972 AMD External Events Utility (d5518e3bbfd69520fa3bdd3d05b5b458) C:\windows\system32\atiesrxx.exe
17:08:44.0247 5972 AMD External Events Utility - ok
17:08:44.0980 5972 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
17:08:44.0980 5972 amdide - ok
17:08:45.0214 5972 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
17:08:45.0277 5972 AmdK8 - ok
17:08:47.0008 5972 amdkmdag (be85fdc481f3bfbc036bb5d96dbbd12d) C:\windows\system32\DRIVERS\atikmdag.sys
17:08:47.0227 5972 amdkmdag - ok
17:08:48.0475 5972 amdkmdap (8e0146e61409c46855f1dd008eaedd5d) C:\windows\system32\DRIVERS\atikmpag.sys
17:08:48.0475 5972 amdkmdap - ok
17:08:49.0021 5972 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
17:08:49.0239 5972 AmdPPM - ok
17:08:49.0692 5972 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
17:08:50.0082 5972 amdsata - ok
17:08:50.0269 5972 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
17:08:50.0347 5972 amdsbs - ok
17:08:50.0565 5972 amdxata (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
17:08:50.0565 5972 amdxata - ok
17:08:50.0706 5972 androidusb (fad35699987baa96e22e13b24ff44769) C:\windows\system32\Drivers\androidusb.sys
17:08:50.0706 5972 androidusb - ok
17:08:51.0174 5972 AppID (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
17:08:51.0252 5972 AppID - ok
17:08:51.0330 5972 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
17:08:51.0408 5972 AppIDSvc - ok
17:08:51.0610 5972 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
17:08:51.0642 5972 Appinfo - ok
17:08:51.0844 5972 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
17:08:51.0938 5972 arc - ok
17:08:52.0063 5972 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
17:08:52.0203 5972 arcsas - ok
17:08:52.0219 5972 ARCVCAM - ok
17:08:52.0718 5972 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:08:53.0202 5972 aspnet_state - ok
17:08:53.0420 5972 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
17:08:53.0420 5972 AsyncMac - ok
17:08:53.0576 5972 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
17:08:53.0576 5972 atapi - ok
17:08:53.0701 5972 AthBTPort (cbe61b4494165f458bd87e37181ee934) C:\windows\system32\DRIVERS\btath_flt.sys
17:08:53.0716 5972 AthBTPort - ok
17:08:54.0106 5972 Atheros Bt&Wlan Coex Agent (4c4a576818ea028257c624ae36ff7a03) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
17:08:54.0106 5972 Atheros Bt&Wlan Coex Agent - ok
17:08:54.0200 5972 AtherosSvc (684b36ca4067da7000cf95771a3cf0e7) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
17:08:54.0200 5972 AtherosSvc - ok
17:08:54.0637 5972 athr (675b31fcfaf319c0cbb908feb6b90471) C:\windows\system32\DRIVERS\athrx.sys
17:08:54.0715 5972 athr - ok
17:08:55.0308 5972 athrusb (788914c42ad8318f1dd7a565eaffb049) C:\windows\system32\DRIVERS\athrxusb.sys
17:08:55.0370 5972 athrusb - ok
17:08:55.0698 5972 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
17:08:56.0103 5972 AudioEndpointBuilder - ok
17:08:56.0119 5972 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
17:08:56.0134 5972 AudioSrv - ok
17:08:56.0337 5972 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
17:08:56.0337 5972 AxInstSV - ok
17:08:56.0665 5972 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
17:08:56.0727 5972 b06bdrv - ok
17:08:57.0024 5972 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
17:08:57.0070 5972 b57nd60a - ok
17:08:57.0242 5972 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
17:08:57.0273 5972 BDESVC - ok
17:08:57.0351 5972 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
17:08:57.0351 5972 Beep - ok
17:08:57.0523 5972 BFE (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll
17:08:57.0538 5972 BFE - ok
17:08:57.0694 5972 BITS (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll
17:08:57.0788 5972 BITS - ok
17:08:58.0116 5972 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
17:08:58.0178 5972 blbdrive - ok
17:08:58.0537 5972 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
17:08:58.0599 5972 bowser - ok
17:08:58.0693 5972 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
17:08:58.0708 5972 BrFiltLo - ok
17:08:58.0755 5972 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
17:08:58.0755 5972 BrFiltUp - ok
17:08:58.0927 5972 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
17:08:58.0958 5972 Browser - ok
17:08:59.0161 5972 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
17:08:59.0192 5972 Brserid - ok
17:08:59.0301 5972 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
17:08:59.0301 5972 BrSerWdm - ok
17:08:59.0379 5972 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
17:08:59.0395 5972 BrUsbMdm - ok
17:08:59.0504 5972 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
17:08:59.0504 5972 BrUsbSer - ok
17:08:59.0722 5972 BTATH_A2DP (227c8f308de4af4808e587465ceab838) C:\windows\system32\drivers\btath_a2dp.sys
17:08:59.0722 5972 BTATH_A2DP - ok
17:08:59.0832 5972 BTATH_BUS (a83a91d07d1fe6bbe7a9db46ca00434b) C:\windows\system32\DRIVERS\btath_bus.sys
17:08:59.0832 5972 BTATH_BUS - ok
17:08:59.0972 5972 BTATH_HCRP (c864ff85ee16d61c2bdd5ef76824625f) C:\windows\system32\DRIVERS\btath_hcrp.sys
17:08:59.0972 5972 BTATH_HCRP - ok
17:09:00.0237 5972 BTATH_LWFLT (0dea505efb5d771826d177ef8b8a208f) C:\windows\system32\DRIVERS\btath_lwflt.sys
17:09:00.0237 5972 BTATH_LWFLT - ok
17:09:00.0331 5972 BTATH_RCP (724c8088c96efe7a3e63fec21d4681c0) C:\windows\system32\DRIVERS\btath_rcp.sys
17:09:00.0331 5972 BTATH_RCP - ok
17:09:00.0596 5972 BtFilter (ff8b065f96e4d9525aa7227299fbd05c) C:\windows\system32\DRIVERS\btfilter.sys
17:09:00.0596 5972 BtFilter - ok
17:09:00.0768 5972 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\windows\system32\DRIVERS\BthEnum.sys
17:09:00.0768 5972 BthEnum - ok
17:09:00.0924 5972 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
17:09:00.0970 5972 BTHMODEM - ok
17:09:01.0236 5972 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\windows\system32\DRIVERS\bthpan.sys
17:09:01.0267 5972 BthPan - ok
17:09:01.0501 5972 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\windows\system32\Drivers\BTHport.sys
17:09:01.0532 5972 BTHPORT - ok
17:09:01.0782 5972 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
17:09:01.0782 5972 bthserv - ok
17:09:01.0891 5972 BTHUSB (f188b7394d81010767b6df3178519a37) C:\windows\system32\Drivers\BTHUSB.sys
17:09:01.0906 5972 BTHUSB - ok
17:09:01.0969 5972 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
17:09:01.0969 5972 cdfs - ok
17:09:02.0296 5972 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\DRIVERS\cdrom.sys
17:09:02.0328 5972 cdrom - ok
17:09:03.0201 5972 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
17:09:03.0420 5972 CertPropSvc - ok
17:09:03.0513 5972 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
17:09:03.0513 5972 circlass - ok
17:09:03.0763 5972 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
17:09:03.0763 5972 CLFS - ok
17:09:03.0950 5972 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:09:03.0966 5972 clr_optimization_v2.0.50727_32 - ok
17:09:04.0215 5972 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:09:04.0215 5972 clr_optimization_v2.0.50727_64 - ok
17:09:04.0574 5972 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:09:05.0120 5972 clr_optimization_v4.0.30319_32 - ok
17:09:05.0370 5972 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:09:05.0604 5972 clr_optimization_v4.0.30319_64 - ok
17:09:05.0806 5972 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
17:09:05.0806 5972 CmBatt - ok
17:09:05.0916 5972 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
17:09:05.0916 5972 cmdide - ok
17:09:06.0072 5972 CNG (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys
17:09:06.0072 5972 CNG - ok
17:09:06.0165 5972 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
17:09:06.0165 5972 Compbatt - ok
17:09:06.0384 5972 CompositeBus (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
17:09:06.0415 5972 CompositeBus - ok
17:09:06.0430 5972 COMSysApp - ok
17:09:06.0477 5972 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
17:09:06.0477 5972 crcdisk - ok
17:09:06.0555 5972 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\windows\system32\cryptsvc.dll
17:09:06.0555 5972 CryptSvc - ok
17:09:06.0930 5972 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
17:09:06.0976 5972 DcomLaunch - ok
17:09:07.0070 5972 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
17:09:07.0086 5972 defragsvc - ok
17:09:07.0288 5972 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
17:09:07.0288 5972 DfsC - ok
17:09:07.0522 5972 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
17:09:07.0585 5972 Dhcp - ok
17:09:07.0638 5972 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
17:09:07.0639 5972 discache - ok
17:09:07.0759 5972 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
17:09:07.0763 5972 Disk - ok
17:09:07.0829 5972 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
17:09:07.0833 5972 Dnscache - ok
17:09:07.0903 5972 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
17:09:07.0933 5972 dot3svc - ok
17:09:08.0082 5972 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
17:09:08.0100 5972 DPS - ok
17:09:08.0159 5972 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
17:09:08.0159 5972 drmkaud - ok
17:09:08.0268 5972 dtsoftbus01 (d3d64cf7b2bceaa34a270f45a3fffb36) C:\windows\system32\DRIVERS\dtsoftbus01.sys
17:09:08.0268 5972 dtsoftbus01 - ok
17:09:08.0487 5972 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
17:09:08.0502 5972 DXGKrnl - ok
17:09:08.0643 5972 eamonm (13533557d01b88c83110d5cf749f14d7) C:\windows\system32\DRIVERS\eamonm.sys
17:09:08.0643 5972 eamonm - ok
17:09:08.0705 5972 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
17:09:08.0705 5972 EapHost - ok
17:09:09.0080 5972 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
17:09:09.0220 5972 ebdrv - ok
17:09:09.0704 5972 EFS (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
17:09:09.0704 5972 EFS - ok
17:09:10.0000 5972 ehdrv (e097728129e7b79bf1089d7aef42332b) C:\windows\system32\DRIVERS\ehdrv.sys
17:09:10.0016 5972 ehdrv - ok
17:09:10.0203 5972 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
17:09:10.0203 5972 ehRecvr - ok
17:09:10.0343 5972 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
17:09:10.0359 5972 ehSched - ok
17:09:10.0702 5972 ekrn (c7bb95cf9631aa401e4aded1648f6af7) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
17:09:10.0718 5972 ekrn - ok
17:09:10.0889 5972 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
17:09:10.0936 5972 elxstor - ok
17:09:11.0061 5972 epfwwfpr (2380976cf8a4a56611f35633acd2a74f) C:\windows\system32\DRIVERS\epfwwfpr.sys
17:09:11.0061 5972 epfwwfpr - ok
17:09:11.0092 5972 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
17:09:11.0092 5972 ErrDev - ok
17:09:11.0279 5972 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
17:09:11.0295 5972 EventSystem - ok
17:09:11.0373 5972 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
17:09:11.0373 5972 exfat - ok
17:09:11.0420 5972 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
17:09:11.0451 5972 fastfat - ok
17:09:11.0591 5972 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
17:09:11.0622 5972 Fax - ok
17:09:11.0700 5972 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
17:09:11.0700 5972 fdc - ok
17:09:11.0746 5972 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
17:09:11.0747 5972 fdPHost - ok
17:09:11.0760 5972 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
17:09:11.0762 5972 FDResPub - ok
17:09:11.0803 5972 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
17:09:11.0804 5972 FileInfo - ok
17:09:11.0822 5972 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
17:09:11.0823 5972 Filetrace - ok
17:09:11.0851 5972 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
17:09:11.0852 5972 flpydisk - ok
17:09:11.0913 5972 FltMgr (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
17:09:11.0917 5972 FltMgr - ok
17:09:12.0037 5972 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
17:09:12.0055 5972 FontCache - ok
17:09:12.0178 5972 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:09:12.0180 5972 FontCache3.0.0.0 - ok
17:09:12.0312 5972 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
17:09:12.0315 5972 FsDepends - ok
17:09:12.0356 5972 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys
17:09:12.0358 5972 Fs_Rec - ok
17:09:12.0533 5972 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
17:09:12.0538 5972 fvevol - ok
17:09:12.0646 5972 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
17:09:12.0651 5972 gagp30kx - ok
17:09:12.0825 5972 ghsdiagMDM (35c8434a4c8a689cde4723fd61d286e1) C:\windows\system32\DRIVERS\ghsdiagMDM.sys
17:09:12.0828 5972 ghsdiagMDM - ok
17:09:13.0019 5972 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
17:09:13.0139 5972 gpsvc - ok
17:09:13.0300 5972 GRemoteBus (5bd454f0e896150e92dba95b4e23289a) C:\windows\system32\DRIVERS\GRemoteBus64.sys
17:09:13.0303 5972 GRemoteBus - ok
17:09:13.0440 5972 GRemoteJoy (82fe5756a0a71458b778b50325aa8bc7) C:\windows\system32\DRIVERS\GRemoteJoy64.sys
17:09:13.0444 5972 GRemoteJoy - ok
17:09:13.0574 5972 hamachi (f8f0851d336c3b88dbd7232b6348e09a) C:\windows\system32\DRIVERS\hamachi.sys
17:09:13.0577 5972 hamachi - ok
17:09:13.0602 5972 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
17:09:13.0617 5972 hcw85cir - ok
17:09:14.0491 5972 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
17:09:14.0569 5972 HdAudAddService - ok
17:09:14.0896 5972 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
17:09:14.0912 5972 HDAudBus - ok
17:09:15.0006 5972 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
17:09:15.0333 5972 HidBatt - ok
17:09:15.0427 5972 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
17:09:15.0427 5972 HidBth - ok
17:09:15.0536 5972 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
17:09:15.0552 5972 HidIr - ok
17:09:15.0598 5972 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
17:09:15.0598 5972 hidserv - ok
17:09:15.0739 5972 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\DRIVERS\hidusb.sys
17:09:15.0739 5972 HidUsb - ok
17:09:15.0832 5972 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
17:09:15.0942 5972 hkmsvc - ok
17:09:16.0051 5972 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
17:09:16.0066 5972 HomeGroupListener - ok
17:09:16.0144 5972 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
17:09:16.0144 5972 HomeGroupProvider - ok
17:09:16.0378 5972 HP Health Check Service - ok
17:09:16.0893 5972 HP Power Assistant Service (02c2108111d9656a9729995d2219fb99) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
17:09:16.0909 5972 HP Power Assistant Service - ok
17:09:17.0049 5972 hpdskflt (4e0bec0f78096ffd6d3314b497fc49d3) C:\windows\system32\DRIVERS\hpdskflt.sys
17:09:17.0049 5972 hpdskflt - ok
17:09:17.0205 5972 HpqKbFiltr (b98ee5d4535a685634b90f7e04de0df7) C:\windows\system32\DRIVERS\HpqKbFiltr.sys
17:09:17.0236 5972 HpqKbFiltr - ok
17:09:17.0439 5972 hpqwmiex (ec9739a46f1f83c6e52a7a4697f44a65) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
17:09:17.0457 5972 hpqwmiex - ok
17:09:17.0566 5972 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
17:09:17.0566 5972 HpSAMD - ok
17:09:17.0691 5972 hpsrv (fc7c13b5a9e9be23b7ae72bbc7fdb278) C:\windows\system32\Hpservice.exe
17:09:17.0706 5972 hpsrv - ok
17:09:17.0816 5972 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
17:09:17.0878 5972 HTTP - ok
17:09:17.0972 5972 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
17:09:17.0972 5972 hwpolicy - ok
17:09:18.0065 5972 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys
17:09:18.0065 5972 i8042prt - ok
17:09:18.0112 5972 iaStor (d469b77687e12fe43e344806740b624d) C:\windows\system32\DRIVERS\iaStor.sys
17:09:18.0128 5972 iaStor - ok
17:09:18.0611 5972 IAStorDataMgrSvc (117ff657e0d9bbd61b5c3e71e63d3919) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
17:09:18.0611 5972 IAStorDataMgrSvc - ok
17:09:18.0705 5972 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
17:09:18.0736 5972 iaStorV - ok
17:09:18.0939 5972 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:09:18.0954 5972 IDriverT - ok
17:09:19.0126 5972 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:09:19.0173 5972 idsvc - ok
17:09:19.0391 5972 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
17:09:19.0391 5972 iirsp - ok
17:09:19.0547 5972 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
17:09:19.0563 5972 IKEEXT - ok
17:09:19.0672 5972 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\windows\system32\DRIVERS\IntcDAud.sys
17:09:19.0688 5972 IntcDAud - ok
17:09:19.0734 5972 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
17:09:19.0734 5972 intelide - ok
17:09:20.0358 5972 intelkmd (efe5a0af39a8e179624117c521f1e012) C:\windows\system32\DRIVERS\igdpmd64.sys
17:09:20.0608 5972 intelkmd - ok
17:09:20.0780 5972 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
17:09:20.0780 5972 intelppm - ok
17:09:20.0826 5972 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
17:09:20.0858 5972 IPBusEnum - ok
17:09:20.0904 5972 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
17:09:20.0920 5972 IpFilterDriver - ok
17:09:20.0998 5972 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll
17:09:21.0014 5972 iphlpsvc - ok
17:09:21.0045 5972 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
17:09:21.0060 5972 IPMIDRV - ok
17:09:21.0107 5972 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
17:09:21.0123 5972 IPNAT - ok
17:09:21.0154 5972 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
17:09:21.0154 5972 IRENUM - ok
17:09:21.0170 5972 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
17:09:21.0170 5972 isapnp - ok
17:09:21.0232 5972 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
17:09:21.0294 5972 iScsiPrt - ok
17:09:21.0419 5972 jhi_service (3b794ca0de73790420deba3c759f1502) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
17:09:21.0419 5972 jhi_service - ok
17:09:21.0497 5972 JMCR (0b44199365a69696109ab9a5855e0841) C:\windows\system32\DRIVERS\jmcr.sys
17:09:21.0497 5972 JMCR - ok
17:09:21.0544 5972 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys
17:09:21.0544 5972 kbdclass - ok
17:09:21.0591 5972 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\DRIVERS\kbdhid.sys
17:09:21.0591 5972 kbdhid - ok
17:09:21.0653 5972 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
17:09:21.0669 5972 KeyIso - ok
17:09:21.0684 5972 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys
17:09:21.0684 5972 KSecDD - ok
17:09:21.0716 5972 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys
17:09:21.0716 5972 KSecPkg - ok
17:09:21.0762 5972 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
17:09:21.0762 5972 ksthunk - ok
17:09:21.0809 5972 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
17:09:21.0856 5972 KtmRm - ok
17:09:21.0950 5972 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll
17:09:21.0965 5972 LanmanServer - ok
17:09:22.0028 5972 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
17:09:22.0043 5972 LanmanWorkstation - ok
17:09:22.0106 5972 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
17:09:22.0106 5972 lltdio - ok
17:09:22.0168 5972 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
17:09:22.0168 5972 lltdsvc - ok
17:09:22.0199 5972 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
17:09:22.0199 5972 lmhosts - ok
17:09:22.0402 5972 LMS (97f9eaac985a663394cd8f54dcd3e73a) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:09:22.0402 5972 LMS - ok
17:09:22.0449 5972 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
17:09:22.0464 5972 LSI_FC - ok
17:09:22.0511 5972 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
17:09:22.0542 5972 LSI_SAS - ok
17:09:22.0574 5972 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
17:09:22.0574 5972 LSI_SAS2 - ok
17:09:22.0589 5972 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
17:09:22.0605 5972 LSI_SCSI - ok
17:09:22.0652 5972 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
17:09:22.0652 5972 luafv - ok
17:09:22.0698 5972 massfilter_hs (b422b3851e144fe6cac7ecacb2da6f7c) C:\windows\system32\drivers\massfilter_hs.sys
17:09:22.0714 5972 massfilter_hs - ok
17:09:22.0776 5972 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\windows\system32\drivers\mbam.sys
17:09:22.0776 5972 MBAMProtector - ok
17:09:22.0886 5972 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
17:09:22.0917 5972 MBAMService - ok
17:09:22.0964 5972 McAfee Endpoint Encryption Agent - ok
17:09:23.0057 5972 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
17:09:23.0073 5972 Mcx2Svc - ok
17:09:23.0135 5972 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
17:09:23.0166 5972 megasas - ok
17:09:23.0229 5972 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
17:09:23.0244 5972 MegaSR - ok
17:09:23.0307 5972 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\windows\system32\DRIVERS\HECIx64.sys
17:09:23.0307 5972 MEIx64 - ok
17:09:23.0369 5972 Microsoft SharePoint Workspace Audit Service - ok
17:09:23.0416 5972 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
17:09:23.0416 5972 MMCSS - ok
17:09:23.0510 5972 MobaSSH1 - ok
17:09:23.0556 5972 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
17:09:23.0556 5972 Modem - ok
17:09:23.0572 5972 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
17:09:23.0572 5972 monitor - ok
17:09:23.0634 5972 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys
17:09:23.0634 5972 mouclass - ok
17:09:23.0681 5972 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
17:09:23.0681 5972 mouhid - ok
17:09:23.0744 5972 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
17:09:23.0744 5972 mountmgr - ok
17:09:23.0806 5972 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
17:09:23.0822 5972 mpio - ok
17:09:23.0868 5972 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
17:09:23.0868 5972 mpsdrv - ok
17:09:23.0978 5972 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll
17:09:23.0993 5972 MpsSvc - ok
17:09:24.0040 5972 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
17:09:24.0056 5972 MRxDAV - ok
17:09:24.0118 5972 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
17:09:24.0134 5972 mrxsmb - ok
17:09:24.0165 5972 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
17:09:24.0180 5972 mrxsmb10 - ok
17:09:24.0212 5972 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
17:09:24.0227 5972 mrxsmb20 - ok
17:09:24.0274 5972 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
17:09:24.0274 5972 msahci - ok
17:09:24.0321 5972 msdsm (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
17:09:24.0336 5972 msdsm - ok
17:09:24.0383 5972 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
17:09:24.0399 5972 MSDTC - ok
17:09:24.0461 5972 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
17:09:24.0461 5972 Msfs - ok
17:09:24.0477 5972 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
17:09:24.0477 5972 mshidkmdf - ok
17:09:24.0492 5972 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
17:09:24.0492 5972 msisadrv - ok
17:09:24.0570 5972 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
17:09:24.0586 5972 MSiSCSI - ok
17:09:24.0602 5972 msiserver - ok
17:09:24.0633 5972 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
17:09:24.0633 5972 MSKSSRV - ok
17:09:24.0648 5972 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
17:09:24.0648 5972 MSPCLOCK - ok
17:09:24.0648 5972 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
17:09:24.0648 5972 MSPQM - ok
17:09:24.0726 5972 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
17:09:24.0742 5972 MsRPC - ok
17:09:24.0773 5972 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
17:09:24.0773 5972 mssmbios - ok
17:09:24.0914 5972 MSSQL$SQLEXPRESS - ok
17:09:25.0257 5972 MSSQLServerADHelper100 (7a2a8c975356858eb38466a6b1592e8d) c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
17:09:25.0304 5972 MSSQLServerADHelper100 - ok
17:09:25.0350 5972 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
17:09:25.0350 5972 MSTEE - ok
17:09:25.0382 5972 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
17:09:25.0382 5972 MTConfig - ok
17:09:25.0413 5972 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
17:09:25.0413 5972 Mup - ok
17:09:25.0506 5972 napagent (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
17:09:25.0522 5972 napagent - ok
17:09:25.0600 5972 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
17:09:25.0647 5972 NativeWifiP - ok
17:09:25.0740 5972 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
17:09:25.0772 5972 NDIS - ok
17:09:25.0803 5972 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
17:09:25.0803 5972 NdisCap - ok
17:09:25.0834 5972 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
17:09:25.0834 5972 NdisTapi - ok
17:09:25.0943 5972 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
17:09:25.0943 5972 Ndisuio - ok
17:09:26.0006 5972 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
17:09:26.0021 5972 NdisWan - ok
17:09:26.0037 5972 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
17:09:26.0037 5972 NDProxy - ok
17:09:26.0068 5972 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
17:09:26.0068 5972 NetBIOS - ok
17:09:26.0146 5972 NetBT (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
17:09:26.0162 5972 NetBT - ok
17:09:26.0208 5972 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
17:09:26.0208 5972 Netlogon - ok
17:09:26.0286 5972 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
17:09:26.0302 5972 Netman - ok
17:09:26.0396 5972 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:09:26.0458 5972 NetMsmqActivator - ok
17:09:26.0474 5972 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:09:26.0474 5972 NetPipeActivator - ok
17:09:26.0552 5972 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
17:09:26.0583 5972 netprofm - ok
17:09:26.0583 5972 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:09:26.0598 5972 NetTcpActivator - ok
17:09:26.0598 5972 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:09:26.0598 5972 NetTcpPortSharing - ok
17:09:26.0676 5972 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
17:09:26.0676 5972 nfrd960 - ok
17:09:26.0754 5972 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
17:09:26.0770 5972 NlaSvc - ok
17:09:26.0801 5972 nmwcd (907b5e1e4a592e5edc5e4ccbde4863c2) C:\windows\system32\drivers\ccdcmbx64.sys
17:09:26.0817 5972 nmwcd - ok
17:09:26.0864 5972 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
17:09:26.0895 5972 Npfs - ok
17:09:26.0957 5972 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
17:09:26.0988 5972 nsi - ok
17:09:27.0004 5972 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
17:09:27.0020 5972 nsiproxy - ok
17:09:27.0222 5972 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
17:09:27.0269 5972 Ntfs - ok
17:09:27.0690 5972 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
17:09:27.0690 5972 Null - ok
17:09:27.0737 5972 nusb3hub (158ad24745bd85ba9be3c51c38f48c32) C:\windows\system32\DRIVERS\nusb3hub.sys
17:09:27.0737 5972 nusb3hub - ok
17:09:27.0753 5972 nusb3xhc (d40a13b2c0891e218f9523b376955db6) C:\windows\system32\DRIVERS\nusb3xhc.sys
17:09:27.0753 5972 nusb3xhc - ok
17:09:27.0815 5972 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
17:09:27.0831 5972 nvraid - ok
17:09:27.0878 5972 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
17:09:27.0893 5972 nvstor - ok
17:09:27.0940 5972 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
17:09:27.0956 5972 nv_agp - ok
17:09:28.0002 5972 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
17:09:28.0002 5972 ohci1394 - ok
17:09:28.0112 5972 ose64 (4965b005492cba7719e82b71e3245495) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:09:28.0143 5972 ose64 - ok
17:09:28.0548 5972 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:09:28.0658 5972 osppsvc - ok
17:09:28.0814 5972 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
17:09:28.0814 5972 p2pimsvc - ok
17:09:28.0876 5972 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
17:09:28.0876 5972 p2psvc - ok
17:09:28.0954 5972 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
17:09:28.0954 5972 Parport - ok
17:09:29.0016 5972 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys
17:09:29.0016 5972 partmgr - ok
17:09:29.0048 5972 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
17:09:29.0048 5972 PcaSvc - ok
17:09:29.0110 5972 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
17:09:29.0110 5972 pci - ok
17:09:29.0141 5972 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
17:09:29.0172 5972 pciide - ok
17:09:29.0219 5972 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
17:09:29.0235 5972 pcmcia - ok
17:09:29.0282 5972 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
17:09:29.0282 5972 pcw - ok
17:09:29.0516 5972 PdiService (8f924f00f2f81422fd7c340fda0e00d8) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
17:09:29.0516 5972 PdiService - ok
17:09:29.0640 5972 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
17:09:29.0656 5972 PEAUTH - ok
17:09:29.0796 5972 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
17:09:29.0843 5972 PerfHost - ok
17:09:30.0358 5972 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
17:09:30.0514 5972 pla - ok
17:09:30.0779 5972 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
17:09:30.0795 5972 PlugPlay - ok
17:09:30.0857 5972 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
17:09:30.0888 5972 PNRPAutoReg - ok
17:09:30.0935 5972 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
17:09:30.0935 5972 PNRPsvc - ok
17:09:31.0107 5972 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
17:09:31.0154 5972 PolicyAgent - ok
17:09:31.0419 5972 postgresql-x64-9.1 - ok
17:09:31.0590 5972 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
17:09:31.0590 5972 Power - ok
17:09:31.0871 5972 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
17:09:31.0887 5972 PptpMiniport - ok
17:09:32.0027 5972 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
17:09:32.0027 5972 Processor - ok
17:09:32.0136 5972 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\windows\system32\profsvc.dll
17:09:32.0152 5972 ProfSvc - ok
17:09:32.0230 5972 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
17:09:32.0246 5972 ProtectedStorage - ok
17:09:32.0370 5972 Psched (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
17:09:32.0386 5972 Psched - ok
17:09:32.0729 5972 QipGuard (887090539d5f8843d6da09adf5692629) C:\Program Files (x86)\QipGuard\QipGuard.exe
17:09:32.0760 5972 QipGuard - ok
17:09:33.0088 5972 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
17:09:33.0166 5972 ql2300 - ok
17:09:33.0494 5972 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
17:09:33.0494 5972 ql40xx - ok
17:09:33.0743 5972 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
17:09:33.0821 5972 QWAVE - ok
17:09:33.0993 5972 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
17:09:33.0993 5972 QWAVEdrv - ok
17:09:34.0071 5972 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
17:09:34.0086 5972 RasAcd - ok
17:09:34.0164 5972 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
17:09:34.0164 5972 RasAgileVpn - ok
17:09:34.0352 5972 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
17:09:34.0367 5972 RasAuto - ok
17:09:34.0539 5972 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
17:09:34.0539 5972 Rasl2tp - ok
17:09:34.0664 5972 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
17:09:34.0679 5972 RasMan - ok
17:09:34.0695 5972 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
17:09:34.0695 5972 RasPppoe - ok
17:09:34.0726 5972 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
17:09:34.0726 5972 RasSstp - ok
17:09:34.0804 5972 rdbss (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
17:09:34.0820 5972 rdbss - ok
17:09:34.0866 5972 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
17:09:34.0866 5972 rdpbus - ok
17:09:34.0913 5972 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
17:09:34.0913 5972 RDPCDD - ok
17:09:34.0929 5972 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
17:09:34.0929 5972 RDPENCDD - ok
17:09:35.0054 5972 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
17:09:35.0054 5972 RDPREFMP - ok
17:09:35.0116 5972 RDPWD (6d76e6433574b058adcb0c50df834492) C:\windows\system32\drivers\RDPWD.sys
17:09:35.0163 5972 RDPWD - ok
17:09:35.0241 5972 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
17:09:35.0241 5972 rdyboost - ok
17:09:35.0288 5972 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
17:09:35.0288 5972 RemoteAccess - ok
17:09:35.0319 5972 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
17:09:35.0319 5972 RemoteRegistry - ok
17:09:35.0366 5972 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\windows\system32\DRIVERS\rfcomm.sys
17:09:35.0366 5972 RFCOMM - ok
17:09:35.0397 5972 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
17:09:35.0397 5972 RpcEptMapper - ok
17:09:35.0428 5972 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
17:09:35.0428 5972 RpcLocator - ok
17:09:35.0490 5972 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
17:09:35.0490 5972 RpcSs - ok
17:09:35.0584 5972 RsFx0105 (c9fe05a63c500abe3afa5786504c4d36) C:\windows\system32\DRIVERS\RsFx0105.sys
17:09:35.0631 5972 RsFx0105 - ok
17:09:35.0693 5972 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
17:09:35.0693 5972 rspndr - ok
17:09:35.0771 5972 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\windows\system32\DRIVERS\Rt64win7.sys
17:09:35.0771 5972 RTL8167 - ok
17:09:35.0834 5972 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
17:09:35.0834 5972 SamSs - ok
17:09:35.0990 5972 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
17:09:36.0021 5972 sbp2port - ok
17:09:36.0099 5972 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
17:09:36.0130 5972 SCardSvr - ok
17:09:36.0192 5972 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
17:09:36.0192 5972 scfilter - ok
17:09:36.0411 5972 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
17:09:36.0442 5972 Schedule - ok
17:09:36.0489 5972 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
17:09:36.0489 5972 SCPolicySvc - ok
17:09:36.0551 5972 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\windows\system32\drivers\sdbus.sys
17:09:36.0551 5972 sdbus - ok
17:09:36.0598 5972 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
17:09:36.0629 5972 SDRSVC - ok
17:09:36.0660 5972 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
17:09:36.0660 5972 secdrv - ok
17:09:36.0692 5972 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
17:09:36.0692 5972 seclogon - ok
17:09:36.0738 5972 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
17:09:36.0738 5972 SENS - ok
17:09:36.0785 5972 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
17:09:36.0801 5972 SensrSvc - ok
17:09:36.0832 5972 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
17:09:36.0832 5972 Serenum - ok
17:09:36.0879 5972 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
17:09:36.0879 5972 Serial - ok
17:09:36.0926 5972 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
17:09:36.0926 5972 sermouse - ok
17:09:37.0113 5972 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
17:09:37.0175 5972 SessionEnv - ok
17:09:37.0206 5972 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
17:09:37.0206 5972 sffdisk - ok
17:09:37.0222 5972 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
17:09:37.0222 5972 sffp_mmc - ok
17:09:37.0238 5972 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
17:09:37.0238 5972 sffp_sd - ok
17:09:37.0269 5972 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
17:09:37.0269 5972 sfloppy - ok
17:09:37.0347 5972 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
17:09:37.0378 5972 SharedAccess - ok
17:09:37.0534 5972 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
17:09:37.0550 5972 ShellHWDetection - ok
17:09:37.0596 5972 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
17:09:37.0612 5972 SiSRaid2 - ok
17:09:37.0628 5972 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
17:09:37.0643 5972 SiSRaid4 - ok
17:09:37.0846 5972 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe
17:09:37.0862 5972 SkypeUpdate - ok
17:09:37.0955 5972 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
17:09:37.0955 5972 Smb - ok
17:09:38.0174 5972 snapman (427c2b34bf4dd4f813da4c0df154cc94) C:\windows\system32\DRIVERS\snapman.sys
17:09:38.0205 5972 snapman - ok
17:09:38.0252 5972 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
17:09:38.0252 5972 SNMPTRAP - ok
17:09:38.0283 5972 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
17:09:38.0283 5972 spldr - ok
17:09:38.0454 5972 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
17:09:38.0486 5972 Spooler - ok
17:09:38.0954 5972 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
17:09:39.0063 5972 sppsvc - ok
17:09:39.0406 5972 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
17:09:39.0422 5972 sppuinotify - ok
17:09:39.0437 5972 MBR (0x1B8) (433e3f0eed2656282111d5fefdf9511a) \Device\Harddisk0\DR0
17:09:39.0500 5972 \Device\Harddisk0\DR0 - ok
17:09:39.0531 5972 Boot (0x1200) (d448f9d9bed801d6385dde79873a6fe5) \Device\Harddisk0\DR0\Partition0
17:09:39.0531 5972 \Device\Harddisk0\DR0\Partition0 - ok
17:09:39.0546 5972 Boot (0x1200) (97bb782acfe6d03e61e4c065ff70b0cf) \Device\Harddisk0\DR0\Partition1
17:09:39.0546 5972 \Device\Harddisk0\DR0\Partition1 - ok
17:09:39.0546 5972 ============================================================
17:09:39.0546 5972 Scan finished
17:09:39.0546 5972 ============================================================
17:09:39.0578 5964 Detected object count: 0
17:09:39.0578 5964 Actual detected object count: 0

[StressCZ]

ComboFix (by sUBs)


ComboFix 12-06-01.02 - Jakub 01.06.2012 17:17:23.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4030.2273 [GMT 2:00]
Spuštěný z: c:\users\Jakub\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 5.0 *Enabled/Outdated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 5.0 *Enabled/Outdated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\94.dll
C:\install.exe
c:\program files (x86)\BasicScan
c:\program files (x86)\BasicScan\uninstall.exe
c:\programdata\940c33b92f336491e5f73642029c07b1_c
c:\programdata\BasicScan
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-05-01 do 2012-06-01 )))))))))))))))))))))))))))))))
.
.
2012-06-01 15:28 . 2012-06-01 15:28 -------- d-----w- c:\users\sshdsvc\AppData\Local\temp
2012-06-01 15:06 . 2012-06-01 15:06 -------- d-----w- c:\users\Jakub\AppData\Local\BMExplorer
2012-06-01 15:02 . 2012-06-01 15:08 78848 ----a-w- c:\windows\KMSEmulator.exe
2012-06-01 13:57 . 2012-06-01 13:57 -------- d-----w- c:\users\Jakub\AppData\Roaming\Malwarebytes
2012-06-01 13:57 . 2012-06-01 13:57 -------- d-----w- c:\users\Jakub\AppData\Local\ATI
2012-06-01 13:57 . 2012-06-01 13:57 -------- d-----w- c:\programdata\Malwarebytes
2012-06-01 13:57 . 2012-06-01 13:57 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-06-01 13:57 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-01 12:02 . 2012-06-01 15:10 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{35CE2E62-0F00-4A6A-A717-627A651304BA}\offreg.dll
2012-06-01 06:57 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{35CE2E62-0F00-4A6A-A717-627A651304BA}\mpengine.dll
2012-05-29 19:24 . 2012-06-01 06:54 -------- d-----w- c:\program files (x86)\Diablo III
2012-05-21 15:14 . 2012-05-21 15:17 -------- d-----w- c:\users\Jakub\AppData\Roaming\Mumble
2012-05-21 15:09 . 2012-05-21 15:09 -------- d-----w- c:\program files (x86)\Mumble
2012-05-05 20:40 . 2012-05-05 20:40 8769696 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-05-03 02:55 . 2012-05-03 02:55 42392 ----a-w- c:\windows\SysWow64\xfcodec.dll
2012-05-03 02:55 . 2012-05-03 02:55 28056 ----a-w- c:\windows\system32\xfcodec64.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-28 10:34 . 2012-02-17 19:51 65536 ----a-w- c:\windows\SysWow64\Encrypt.dll
2012-05-05 20:41 . 2012-04-17 22:04 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-05 20:41 . 2012-04-17 22:04 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-04-24 11:18 . 2012-04-24 07:56 43520 ----a-w- c:\windows\SysWow64\CmdLineExt03.dll
2012-04-24 11:10 . 2012-04-24 11:10 94208 ----a-w- c:\windows\DIIUnin.exe
2012-04-24 11:10 . 2012-04-24 11:10 2829 ----a-w- c:\windows\DIIUnin.pif
2012-04-24 07:49 . 2012-04-24 07:49 249856 ------w- c:\windows\Setup1.exe
2012-04-24 07:49 . 2012-04-24 07:49 73216 ----a-w- c:\windows\ST6UNST.EXE
2012-03-14 08:41 . 2012-02-01 15:54 2379552 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 94208 ----a-w- c:\users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 94208 ----a-w- c:\users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 94208 ----a-w- c:\users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 94208 ----a-w- c:\users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-08-02 4910912]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2011-07-21 910208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-26 283160]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"HP HD Webcam [Fixed]_Monitor"="c:\program files (x86)\HP HD Webcam [Fixed]\monitor.exe" [2010-11-26 11:31 267128]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-03-28 336384]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
c:\users\Jakub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Jakub\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-15 24246216]
Xfire.lnk - c:\program files (x86)\Xfire\Xfire.exe [2012-5-3 3553176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\SEARCH~1\SEARCH~1\datamngr.dll c:\progra~2\SEARCH~1\SEARCH~1\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"midi3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
R2 XobniService;XobniService;c:\program files (x86)\Xobni\XobniService.exe [2011-03-07 62184]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys [2010-10-18 38424]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys [x]
R3 athrusb;Atheros Wireless LAN USB device driver;c:\windows\system32\DRIVERS\athrxusb.sys [x]
R3 ghsdiagMDM;Handset Diagnostic Port;c:\windows\system32\DRIVERS\ghsdiagMDM.sys [x]
R3 GRemoteBus;GRemote virtual joystick Bus Enumerator;c:\windows\system32\DRIVERS\GRemoteBus64.sys [x]
R3 GRemoteJoy;GRemote virtual joystick Device Driver;c:\windows\system32\DRIVERS\GRemoteJoy64.sys [x]
R3 massfilter_hs;ZTE HandSet Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys [2010-10-20 11776]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R3 ZDCNDIS6a64;ZDCNDIS Protocol Driver;c:\windows\system32\ZDCNDIS6a64.sys [2009-04-24 41280]
R3 zghsdiag;ZTE General Handset Diagnostic Port;c:\windows\system32\DRIVERS\zghsdiag.sys [2011-01-13 122624]
R3 zghsmdm;ZTE General Handset USB Modem Proprietary;c:\windows\system32\DRIVERS\zghsmdm.sys [2011-01-13 122624]
R3 zghsnmea;ZTE General Handset NMEA Port;c:\windows\system32\DRIVERS\zghsnmea.sys [2011-01-13 122624]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-22 61976]
R4 RsFx0105;RsFx0105 Driver;c:\windows\system32\DRIVERS\RsFx0105.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-09-22 431464]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-01-07 138400]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-01-07 53920]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-09-22 974944]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [x]
S2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-01-27 131128]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-26 13336]
S2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [2010-11-29 210896]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 MobaSSH1;MobaSSH;c:\windows\SysWOW64\MobaSSH.exe [2011-11-03 23181824]
S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-01-18 113264]
S2 postgresql-x64-9.1;postgresql-x64-9.1 - PostgreSQL Server 9.1;C:/Program Files/PostgreSQL/9.1/bin/pg_ctl.exe runservice -N postgresql-x64-9.1 -D C:/Program Files/PostgreSQL/9.1/data -w [x]
S2 QipGuard;QipGuard;c:\program files (x86)\QipGuard\QipGuard.exe [2012-03-23 191440]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-01-17 2656280]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2011-01-22 3154224]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 SPUVCbv;SPUVCb Driver Service;c:\windows\system32\Drivers\SPUVCbv_x64.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 79247008
*Deregistered* - 79247008
.
Obsah adresáře 'Naplánované úlohy'
.
2012-06-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-17 20:41]
.
2012-06-01 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS.exe [2011-09-23 13:44]
.
2012-06-01 c:\windows\Tasks\AutoKMSDaily.job
- c:\windows\AutoKMS.exe [2011-09-23 13:44]
.
2012-06-01 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-695818009-2212152024-3822427678-1001Core.job
- c:\users\Jakub\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-23 07:40]
.
2012-06-01 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-695818009-2212152024-3822427678-1001UA.job
- c:\users\Jakub\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-23 07:40]
.
2012-06-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-695818009-2212152024-3822427678-1001Core.job
- c:\users\Jakub\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-29 05:49]
.
2012-06-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-695818009-2212152024-3822427678-1001UA.job
- c:\users\Jakub\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-29 05:49]
.
2012-05-23 c:\windows\Tasks\HPCeeScheduleForJAKUB-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 97792 ----a-w- c:\users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 97792 ----a-w- c:\users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 97792 ----a-w- c:\users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49 97792 ----a-w- c:\users\Jakub\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe" [2011-01-27 13880]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-01-07 615584]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-01-07 379040]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-27 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-27 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-27 418328]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-01-27 835072]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-09-22 4035152]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\progra~2\SEARCH~1\SEARCH~1\x64\datamngr.dll c:\progra~2\SEARCH~1\SEARCH~1\x64\IEBHO.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: {{B723B1B8-9788-4684-ADA7-D1DB02E1D516} - c:\poker\Noble Poker\casino.exe
TCP: DhcpNameServer = 77.236.211.129 77.236.211.130
TCP: Interfaces\{0CB70230-5270-41D0-8271-1AE13B8C7C3F}: NameServer = 89.203.192.1,89.203.192.2
TCP: Interfaces\{0CB70230-5270-41D0-8271-1AE13B8C7C3F}\2557A79636F524162696: NameServer = 89.203.192.1,89.203.192.2
TCP: Interfaces\{0CB70230-5270-41D0-8271-1AE13B8C7C3F}\2557A79636F5E4F66797: NameServer = 89.203.192.1,89.203.192.2
TCP: Interfaces\{45F7E510-DD1F-44A6-8BA9-CB1EBE8E8854}: NameServer = 8.8.8.8,8.8.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-10 - (no file)
Wow6432Node-HKLM-Run-File Sanitizer - c:\program files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
Wow6432Node-HKLM-Run-DTRun - c:\program files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
Toolbar-10 - (no file)
Toolbar-{EFEED92A-A33D-4873-BA8F-32BAA631E54D} - c:\program files (x86)\Astroburn Toolbar\ABToolbar64.dll
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\postgresql-x64-9.1]
"ImagePath"="C:/Program Files/PostgreSQL/9.1/bin/pg_ctl.exe runservice -N \"postgresql-x64-9.1\" -D \"C:/Program Files/PostgreSQL/9.1/data\" -w"
Binary file temp00 matches
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\postgresql-x64-9.1]
"ImagePath"="C:/Program Files/PostgreSQL/9.1/bin/pg_ctl.exe runservice -N \"postgresql-x64-9.1\" -D \"C:/Program Files/PostgreSQL/9.1/data\" -w"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-695818009-2212152024-3822427678-1001\Software\SecuROM\License information*]
"datasecu"=hex:c1,43,2a,90,86,34,9a,2d,7e,2e,34,05,b0,37,1a,87,03,78,2c,d1,45,
01,51,5f,49,da,f6,b0,c4,be,58,2b,ee,ee,29,7a,c2,1c,c0,27,0c,73,35,8d,9c,05,\
"rkeysecu"=hex:5e,76,46,7e,12,10,95,79,a4,09,dd,4a,76,0c,aa,9e
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-06-01 17:32:04
ComboFix-quarantined-files.txt 2012-06-01 15:32
.
Před spuštěním: Volných bajtů: 51 542 896 640
Po spuštění: Volných bajtů: 52 336 345 088
.
- - End Of File - - 1799824D347D474F46EE81C1A1BD8BB1

Děkuji předem za další rady.

[hroch123]

Je to noťas? Pokud ano už jsem se s tím setkal, hledej přepnutí klávesnice.

[StressCZ]

Já se obávám, že to tím nebude, jelikož nějaká klávesa mi píše například 3 písmena, další žádné a nějaká píše normálně. Bojím se spíš jestli to není HW.

[StressCZ]

mám takovej poslední nápád, reinstal windows by to měl opravit, ne?

[hroch123]

Pokud máš přeplou klávesnici, nebo pokud to je vir a dáš formát tak to opravíš.

[ClearSky]

Hlavně zatím OS nepřeinstalovávej! Ještě vydrž, jestli je to virem, kluci tě ho zbavěj.

[guest]

Omlouvám se ale nedá mě to.
Už nad tímto jsem celkem dlouho přemýšlel a stejně nevím jak to pisatel myslel

předem dík alespoň za nějakou radu

Když už se řeši logy je třeba to dokončit. Samozřejmě že čistá instalace s výjimkou HW chyby vše vyřeší, ale to je třeba si rozmyslet. Přijde mě hloupé zatěžovat někoho kontrolou logů a pak to řešit takto. Ostatně instalace je až opravdu ta poslední štace.