Prosím o kontrolu logu. Vyřešeno

[Gizzer2]

Prosím o kontrolu logu.
Velice děkuji.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:52:36, on 3.9.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe
C:\Program Files (x86)\ICQ7M\ICQ.exe
C:\Program Files (x86)\Common Files\DivX Shared\DesktopService\DDMService.exe
C:\Users\Michal\Downloads\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2790392
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - (no file)
R3 - URLSearchHook: (no name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SMSender.E.ToolbarsHelper - {24BCDA96-8FCB-4D3B-0500-000000000004} - mscoree.dll (file missing)
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: O2 SMSender - {24BCDA96-8FCB-4D3B-0500-000000000003} - mscoree.dll (file missing)
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [DesktopIconToy] C:\Program Files (x86)\Desktop Icon Toy\DesktopIconToy.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [RGSC] C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Poslat jako MMS - res://C:\Program Files (x86)\O2\SMSender\SMSender.E.185.dll/1003
O8 - Extra context menu item: Poslat jako SMS - res://C:\Program Files (x86)\O2\SMSender\SMSender.E.185.dll/1001
O8 - Extra context menu item: Poslat MMS na - res://C:\Program Files (x86)\O2\SMSender\SMSender.E.185.dll/1002
O8 - Extra context menu item: Poslat SMS na - res://C:\Program Files (x86)\O2\SMSender\SMSender.E.185.dll/1000
O8 - Extra context menu item: Stáhnout pomocí &BitSpiritu - C:\Program Files (x86)\BitSpirit\bsurl.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: TomTomHOMEService - Unknown owner - F:\TomTom HOME 2\TomTomHOMEService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13212 bytes

[Reklama]

[jaro3]

Logy nedávej do code!

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2790392
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - (no file)
R3 - URLSearchHook: (no name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SMSender.E.ToolbarsHelper - {24BCDA96-8FCB-4D3B-0500-000000000004} - mscoree.dll (file missing)
O3 - Toolbar: O2 SMSender - {24BCDA96-8FCB-4D3B-0500-000000000003} - mscoree.dll (file missing)
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab


Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.


Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

[Gizzer2]

Malwarebytes Anti-Malware 1.62.0.1300
http://www.malwarebytes.org

Verze databáze: v2012.09.03.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Michal :: MICHAL-PC [administrátor]

Ochrana: Povolena

4.9.2012 15:57:53
mbam-log-2012-09-04 (15-57-53).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 223290
Uplynulý čas: 2 minut, 53 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

Ale můj problém přetrvává.
Nainstaloval jsem webkameru a po odzkoušení ve skypu stále jen dokola nabíhála ale bez obrazu. Po restartu už skype kameru nevidí jakoby nebyla nainstalována.

[memphisto]

Ještě sem můžeš dát Combofix, ale myslím si, že tohle není viry...

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.

[Gizzer2]

Jelikož je to mnoho řádků tak nevím jak jinak to přiložit než že jsem to hodil na svůj server.

http://michales.eu/TDSSKiller.2.8.8.0_0 ... 16_log.txt
http://michales.eu/ComboFix.txt

[jaro3]

Vlož to sem , do několika příspěvků.

[Gizzer2]

17:17:16.0478 4784 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
17:17:17.0665 4784 ============================================================
17:17:17.0665 4784 Current date / time: 2012/09/04 17:17:17.0665
17:17:17.0665 4784 SystemInfo:
17:17:17.0665 4784
17:17:17.0665 4784 OS Version: 6.1.7601 ServicePack: 1.0
17:17:17.0665 4784 Product type: Workstation
17:17:17.0665 4784 ComputerName: MICHAL-PC
17:17:17.0665 4784 UserName: Michal
17:17:17.0665 4784 Windows directory: C:\Windows
17:17:17.0665 4784 System windows directory: C:\Windows
17:17:17.0665 4784 Running under WOW64
17:17:17.0665 4784 Processor architecture: Intel x64
17:17:17.0665 4784 Number of processors: 2
17:17:17.0665 4784 Page size: 0x1000
17:17:17.0665 4784 Boot type: Normal boot
17:17:17.0665 4784 ============================================================
17:17:22.0169 4784 Drive \Device\Harddisk0\DR0 - Size: 0x12A1E0DE00 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:17:22.0175 4784 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:17:22.0183 4784 ============================================================
17:17:22.0183 4784 \Device\Harddisk0\DR0:
17:17:22.0183 4784 MBR partitions:
17:17:22.0183 4784 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950E482
17:17:22.0183 4784 \Device\Harddisk1\DR1:
17:17:22.0183 4784 MBR partitions:
17:17:22.0183 4784 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
17:17:22.0183 4784 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x3A321000
17:17:22.0183 4784 ============================================================
17:17:22.0203 4784 C: <-> \Device\Harddisk1\DR1\Partition2
17:17:22.0222 4784 D: <-> \Device\Harddisk0\DR0\Partition1
17:17:22.0222 4784 ============================================================
17:17:22.0222 4784 Initialize success
17:17:22.0222 4784 ============================================================
17:17:24.0163 4772 ============================================================
17:17:24.0163 4772 Scan started
17:17:24.0163 4772 Mode: Manual;
17:17:24.0163 4772 ============================================================
17:17:24.0924 4772 ================ Scan system memory ========================
17:17:24.0924 4772 System memory - ok
17:17:24.0924 4772 ================ Scan services =============================
17:17:25.0055 4772 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:17:25.0059 4772 1394ohci - ok
17:17:25.0085 4772 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:17:25.0087 4772 ACPI - ok
17:17:25.0110 4772 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:17:25.0111 4772 AcpiPmi - ok
17:17:25.0228 4772 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:17:25.0228 4772 AdobeARMservice - ok
17:17:25.0332 4772 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:17:25.0334 4772 AdobeFlashPlayerUpdateSvc - ok
17:17:25.0360 4772 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:17:25.0365 4772 adp94xx - ok
17:17:25.0383 4772 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:17:25.0387 4772 adpahci - ok
17:17:25.0401 4772 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:17:25.0403 4772 adpu320 - ok
17:17:25.0437 4772 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:17:25.0437 4772 AeLookupSvc - ok
17:17:25.0481 4772 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
17:17:25.0486 4772 AFD - ok
17:17:25.0511 4772 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:17:25.0512 4772 agp440 - ok
17:17:25.0524 4772 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:17:25.0526 4772 ALG - ok
17:17:25.0548 4772 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
17:17:25.0549 4772 aliide - ok
17:17:25.0600 4772 ALSysIO - ok
17:17:25.0630 4772 [ B3B263B419FC9E7B1D41E61FDAE45BD9 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:17:25.0632 4772 AMD External Events Utility - ok
17:17:25.0700 4772 AMD FUEL Service - ok
17:17:25.0714 4772 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
17:17:25.0715 4772 amdide - ok
17:17:25.0741 4772 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
17:17:25.0741 4772 amdiox64 - ok
17:17:25.0765 4772 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:17:25.0766 4772 AmdK8 - ok
17:17:25.0923 4772 [ 9A6E9363F7A5E5A06629D9DDC76EE6B5 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:17:26.0057 4772 amdkmdag - ok
17:17:26.0079 4772 [ 957A4C13E1981B1701E600EF1E823C68 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
17:17:26.0083 4772 amdkmdap - ok
17:17:26.0108 4772 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:17:26.0108 4772 AmdPPM - ok
17:17:26.0127 4772 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:17:26.0129 4772 amdsata - ok
17:17:26.0144 4772 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:17:26.0147 4772 amdsbs - ok
17:17:26.0176 4772 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:17:26.0177 4772 amdxata - ok
17:17:26.0193 4772 [ 5B25D1A753CC3A3EDB909BB759AC1098 ] AODDriver4.01 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
17:17:26.0195 4772 AODDriver4.01 - ok
17:17:26.0222 4772 [ 5B25D1A753CC3A3EDB909BB759AC1098 ] AODDriver4.1 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
17:17:26.0222 4772 AODDriver4.1 - ok
17:17:26.0256 4772 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
17:17:26.0257 4772 AppID - ok
17:17:26.0280 4772 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:17:26.0281 4772 AppIDSvc - ok
17:17:26.0300 4772 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
17:17:26.0301 4772 Appinfo - ok
17:17:26.0315 4772 appliandMP - ok
17:17:26.0363 4772 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
17:17:26.0366 4772 AppMgmt - ok
17:17:26.0380 4772 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
17:17:26.0381 4772 arc - ok
17:17:26.0393 4772 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:17:26.0394 4772 arcsas - ok
17:17:26.0464 4772 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:17:26.0465 4772 aspnet_state - ok
17:17:26.0484 4772 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:17:26.0485 4772 AsyncMac - ok
17:17:26.0501 4772 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
17:17:26.0501 4772 atapi - ok
17:17:26.0551 4772 [ DBB487D09F56C674430AC454FD8BCAB9 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
17:17:26.0553 4772 AtiHDAudioService - ok
17:17:26.0586 4772 [ E82E61F46D1336447F4DEFF8C074F13E ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie64.sys
17:17:26.0587 4772 AtiPcie - ok
17:17:26.0645 4772 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:17:26.0649 4772 AudioEndpointBuilder - ok
17:17:26.0658 4772 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:17:26.0662 4772 AudioSrv - ok
17:17:26.0687 4772 [ 96B4456F1DCA4EDA506ED31C7D2D6B05 ] Avgfwfd C:\Windows\system32\DRIVERS\avgfwd6a.sys
17:17:26.0688 4772 Avgfwfd - ok
17:17:26.0762 4772 [ BD5D11CEDBCDE4FA97D2387E7069B1FF ] avgfws C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
17:17:26.0788 4772 avgfws - ok
17:17:26.0892 4772 [ D67719BCFDE5798F5C30D14EFED3BCAF ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
17:17:26.0916 4772 AVGIDSAgent - ok
17:17:26.0951 4772 [ 1B2E9FCDC26DC7C81D4131430E2DC936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
17:17:26.0952 4772 AVGIDSDriver - ok
17:17:26.0977 4772 [ 0F293406F64B48D5D2F0D3A1117F3A83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys
17:17:26.0978 4772 AVGIDSFilter - ok
17:17:27.0000 4772 [ CFFC3A4A638F462E0561CB368B9A7A3A ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
17:17:27.0000 4772 AVGIDSHA - ok
17:17:27.0032 4772 [ 59955B4C288DD2A8B9FD2CD5158355C5 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
17:17:27.0035 4772 Avgldx64 - ok
17:17:27.0045 4772 [ A6AEC362AAE5E2DDA7445E7690CB0F33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
17:17:27.0046 4772 Avgmfx64 - ok
17:17:27.0068 4772 [ 645C7F0A0E39758A0024A9B1748273C0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
17:17:27.0069 4772 Avgrkx64 - ok
17:17:27.0083 4772 [ 1BEE674AD792B1C63BB0DAC5FA724B23 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
17:17:27.0087 4772 Avgtdia - ok
17:17:27.0095 4772 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
17:17:27.0097 4772 avgwd - ok
17:17:27.0121 4772 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:17:27.0123 4772 AxInstSV - ok
17:17:27.0149 4772 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
17:17:27.0154 4772 b06bdrv - ok
17:17:27.0177 4772 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:17:27.0180 4772 b57nd60a - ok
17:17:27.0214 4772 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:17:27.0215 4772 BDESVC - ok
17:17:27.0232 4772 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:17:27.0233 4772 Beep - ok
17:17:27.0278 4772 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
17:17:27.0285 4772 BFE - ok
17:17:27.0309 4772 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
17:17:27.0318 4772 BITS - ok
17:17:27.0338 4772 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:17:27.0339 4772 blbdrive - ok
17:17:27.0359 4772 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:17:27.0359 4772 bowser - ok
17:17:27.0377 4772 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:17:27.0378 4772 BrFiltLo - ok
17:17:27.0391 4772 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:17:27.0392 4772 BrFiltUp - ok
17:17:27.0426 4772 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
17:17:27.0428 4772 Browser - ok
17:17:27.0441 4772 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:17:27.0444 4772 Brserid - ok
17:17:27.0453 4772 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:17:27.0455 4772 BrSerWdm - ok
17:17:27.0467 4772 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:17:27.0468 4772 BrUsbMdm - ok
17:17:27.0483 4772 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:17:27.0483 4772 BrUsbSer - ok
17:17:27.0501 4772 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:17:27.0502 4772 BTHMODEM - ok
17:17:27.0523 4772 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:17:27.0524 4772 bthserv - ok
17:17:27.0538 4772 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:17:27.0540 4772 cdfs - ok
17:17:27.0560 4772 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:17:27.0562 4772 cdrom - ok
17:17:27.0587 4772 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
17:17:27.0588 4772 CertPropSvc - ok
17:17:27.0615 4772 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:17:27.0616 4772 circlass - ok
17:17:27.0631 4772 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:17:27.0633 4772 CLFS - ok
17:17:27.0681 4772 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:17:27.0683 4772 clr_optimization_v2.0.50727_32 - ok
17:17:27.0710 4772 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:17:27.0712 4772 clr_optimization_v2.0.50727_64 - ok
17:17:27.0780 4772 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:17:27.0808 4772 clr_optimization_v4.0.30319_32 - ok
17:17:27.0858 4772 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:17:27.0860 4772 clr_optimization_v4.0.30319_64 - ok
17:17:27.0874 4772 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:17:27.0875 4772 CmBatt - ok
17:17:27.0895 4772 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:17:27.0895 4772 cmdide - ok
17:17:27.0924 4772 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
17:17:27.0926 4772 CNG - ok
17:17:27.0942 4772 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:17:27.0943 4772 Compbatt - ok
17:17:27.0968 4772 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:17:27.0969 4772 CompositeBus - ok
17:17:27.0982 4772 COMSysApp - ok
17:17:27.0997 4772 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:17:27.0998 4772 crcdisk - ok
17:17:28.0036 4772 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:17:28.0038 4772 CryptSvc - ok
17:17:28.0065 4772 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
17:17:28.0070 4772 CSC - ok
17:17:28.0089 4772 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
17:17:28.0093 4772 CscService - ok
17:17:28.0107 4772 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:17:28.0110 4772 DcomLaunch - ok
17:17:28.0137 4772 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:17:28.0140 4772 defragsvc - ok
17:17:28.0157 4772 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:17:28.0159 4772 DfsC - ok
17:17:28.0188 4772 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
17:17:28.0190 4772 Dhcp - ok
17:17:28.0197 4772 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:17:28.0198 4772 discache - ok
17:17:28.0242 4772 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:17:28.0243 4772 Disk - ok
17:17:28.0265 4772 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:17:28.0266 4772 Dnscache - ok
17:17:28.0293 4772 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:17:28.0296 4772 dot3svc - ok
17:17:28.0313 4772 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
17:17:28.0314 4772 DPS - ok
17:17:28.0346 4772 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:17:28.0347 4772 drmkaud - ok
17:17:28.0393 4772 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
17:17:28.0396 4772 dtsoftbus01 - ok
17:17:28.0416 4772 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:17:28.0425 4772 DXGKrnl - ok
17:17:28.0438 4772 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:17:28.0440 4772 EapHost - ok
17:17:28.0494 4772 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
17:17:28.0546 4772 ebdrv - ok
17:17:28.0602 4772 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
17:17:28.0603 4772 EFS - ok
17:17:28.0635 4772 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:17:28.0643 4772 ehRecvr - ok
17:17:28.0659 4772 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:17:28.0660 4772 ehSched - ok
17:17:28.0688 4772 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:17:28.0694 4772 elxstor - ok
17:17:28.0736 4772 [ 78D6694F98009400BCACCB5342848A67 ] emAudio C:\Windows\system32\drivers\emAudio64.sys
17:17:28.0737 4772 emAudio - ok
17:17:28.0762 4772 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:17:28.0763 4772 ErrDev - ok
17:17:28.0791 4772 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:17:28.0794 4772 EventSystem - ok
17:17:28.0810 4772 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:17:28.0812 4772 exfat - ok
17:17:28.0823 4772 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:17:28.0915 4772 fastfat - ok
17:17:28.0961 4772 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
17:17:28.0985 4772 Fax - ok
17:17:29.0011 4772 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:17:29.0016 4772 fdc - ok
17:17:29.0072 4772 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:17:29.0093 4772 fdPHost - ok
17:17:29.0105 4772 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:17:29.0106 4772 FDResPub - ok
17:17:29.0115 4772 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:17:29.0116 4772 FileInfo - ok
17:17:29.0129 4772 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:17:29.0129 4772 Filetrace - ok
17:17:29.0144 4772 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:17:29.0145 4772 flpydisk - ok
17:17:29.0167 4772 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:17:29.0169 4772 FltMgr - ok
17:17:29.0211 4772 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
17:17:29.0223 4772 FontCache - ok
17:17:29.0253 4772 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:17:29.0253 4772 FontCache3.0.0.0 - ok
17:17:29.0257 4772 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:17:29.0258 4772 FsDepends - ok
17:17:29.0282 4772 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:17:29.0283 4772 Fs_Rec - ok
17:17:29.0304 4772 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:17:29.0305 4772 fvevol - ok
17:17:29.0318 4772 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:17:29.0320 4772 gagp30kx - ok
17:17:29.0356 4772 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
17:17:29.0360 4772 gpsvc - ok
17:17:29.0409 4772 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:17:29.0410 4772 gupdate - ok
17:17:29.0421 4772 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:17:29.0422 4772 gupdatem - ok
17:17:29.0451 4772 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
17:17:29.0453 4772 hamachi - ok
17:17:29.0545 4772 [ F10C3F2E002100BF8B797DCF283FEA7D ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
17:17:29.0578 4772 Hamachi2Svc - ok
17:17:29.0593 4772 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:17:29.0594 4772 hcw85cir - ok
17:17:29.0637 4772 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:17:29.0641 4772 HdAudAddService - ok
17:17:29.0658 4772 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
17:17:29.0659 4772 HDAudBus - ok
17:17:29.0673 4772 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:17:29.0674 4772 HidBatt - ok
17:17:29.0688 4772 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:17:29.0690 4772 HidBth - ok
17:17:29.0719 4772 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:17:29.0720 4772 HidIr - ok
17:17:29.0742 4772 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
17:17:29.0744 4772 hidserv - ok
17:17:29.0776 4772 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:17:29.0777 4772 HidUsb - ok
17:17:29.0798 4772 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:17:29.0800 4772 hkmsvc - ok
17:17:29.0823 4772 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:17:29.0826 4772 HomeGroupListener - ok
17:17:29.0853 4772 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:17:29.0855 4772 HomeGroupProvider - ok
17:17:29.0878 4772 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:17:29.0880 4772 HpSAMD - ok
17:17:29.0915 4772 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:17:29.0919 4772 HTTP - ok
17:17:29.0934 4772 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:17:29.0935 4772 hwpolicy - ok
17:17:29.0958 4772 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:17:29.0959 4772 i8042prt - ok
17:17:29.0989 4772 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:17:29.0994 4772 iaStorV - ok
17:17:30.0027 4772 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:17:30.0036 4772 idsvc - ok
17:17:30.0051 4772 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:17:30.0053 4772 iirsp - ok
17:17:30.0131 4772 [ 78DF31CDD3A380E7F9CFCC8B4E24813C ] IJPLMSVC C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
17:17:30.0132 4772 IJPLMSVC - ok
17:17:30.0156 4772 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
17:17:30.0165 4772 IKEEXT - ok
17:17:30.0250 4772 [ 47E33B715F7A1723C3536E48FDFD0E21 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:17:30.0302 4772 IntcAzAudAddService - ok
17:17:30.0351 4772 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
17:17:30.0352 4772 intelide - ok
17:17:30.0368 4772 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:17:30.0370 4772 intelppm - ok
17:17:30.0393 4772 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:17:30.0395 4772 IPBusEnum - ok
17:17:30.0415 4772 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:17:30.0417 4772 IpFilterDriver - ok
17:17:30.0448 4772 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:17:30.0454 4772 iphlpsvc - ok
17:17:30.0477 4772 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:17:30.0479 4772 IPMIDRV - ok
17:17:30.0493 4772 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:17:30.0494 4772 IPNAT - ok
17:17:30.0514 4772 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:17:30.0515 4772 IRENUM - ok
17:17:30.0528 4772 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:17:30.0529 4772 isapnp - ok
17:17:30.0542 4772 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:17:30.0546 4772 iScsiPrt - ok
17:17:30.0581 4772 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:17:30.0582 4772 kbdclass - ok
17:17:30.0597 4772 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:17:30.0597 4772 kbdhid - ok
17:17:30.0611 4772 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
17:17:30.0625 4772 KeyIso - ok
17:17:30.0662 4772 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:17:30.0663 4772 KSecDD - ok
17:17:30.0697 4772 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:17:30.0698 4772 KSecPkg - ok
17:17:30.0708 4772 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:17:30.0708 4772 ksthunk - ok
17:17:30.0729 4772 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:17:30.0734 4772 KtmRm - ok
17:17:30.0752 4772 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:17:30.0755 4772 LanmanServer - ok
17:17:30.0773 4772 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:17:30.0776 4772 LanmanWorkstation - ok
17:17:30.0800 4772 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:17:30.0801 4772 lltdio - ok
17:17:30.0817 4772 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:17:30.0821 4772 lltdsvc - ok
17:17:30.0845 4772 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:17:30.0846 4772 lmhosts - ok
17:17:30.0869 4772 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:17:30.0871 4772 LSI_FC - ok
17:17:30.0881 4772 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:17:30.0883 4772 LSI_SAS - ok
17:17:30.0897 4772 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:17:30.0898 4772 LSI_SAS2 - ok
17:17:30.0910 4772 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:17:30.0912 4772 LSI_SCSI - ok
17:17:30.0927 4772 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:17:30.0927 4772 luafv - ok
17:17:30.0965 4772 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
17:17:30.0965 4772 MBAMProtector - ok
17:17:31.0026 4772 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
17:17:31.0033 4772 MBAMService - ok
17:17:31.0057 4772 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:17:31.0059 4772 Mcx2Svc - ok
17:17:31.0071 4772 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:17:31.0072 4772 megasas - ok
17:17:31.0086 4772 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:17:31.0089 4772 MegaSR - ok
17:17:31.0145 4772 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
17:17:31.0147 4772 Microsoft Office Groove Audit Service - ok

[Gizzer2]

17:17:31.0170 4772 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:17:31.0171 4772 MMCSS - ok
17:17:31.0189 4772 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:17:31.0190 4772 Modem - ok
17:17:31.0218 4772 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:17:31.0218 4772 monitor - ok
17:17:31.0247 4772 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:17:31.0248 4772 mouclass - ok
17:17:31.0257 4772 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:17:31.0258 4772 mouhid - ok
17:17:31.0286 4772 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:17:31.0287 4772 mountmgr - ok
17:17:31.0307 4772 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
17:17:31.0309 4772 mpio - ok
17:17:31.0314 4772 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:17:31.0315 4772 mpsdrv - ok
17:17:31.0342 4772 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:17:31.0347 4772 MpsSvc - ok
17:17:31.0374 4772 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:17:31.0376 4772 MRxDAV - ok
17:17:31.0405 4772 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:17:31.0406 4772 mrxsmb - ok
17:17:31.0416 4772 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:17:31.0417 4772 mrxsmb10 - ok
17:17:31.0436 4772 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:17:31.0437 4772 mrxsmb20 - ok
17:17:31.0461 4772 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
17:17:31.0462 4772 msahci - ok
17:17:31.0476 4772 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:17:31.0478 4772 msdsm - ok
17:17:31.0493 4772 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:17:31.0496 4772 MSDTC - ok
17:17:31.0521 4772 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:17:31.0522 4772 Msfs - ok
17:17:31.0528 4772 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:17:31.0529 4772 mshidkmdf - ok
17:17:31.0548 4772 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:17:31.0548 4772 msisadrv - ok
17:17:31.0571 4772 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:17:31.0574 4772 MSiSCSI - ok
17:17:31.0577 4772 msiserver - ok
17:17:31.0595 4772 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:17:31.0596 4772 MSKSSRV - ok
17:17:31.0609 4772 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:17:31.0610 4772 MSPCLOCK - ok
17:17:31.0676 4772 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:17:31.0677 4772 MSPQM - ok
17:17:31.0705 4772 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:17:31.0707 4772 MsRPC - ok
17:17:31.0721 4772 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:17:31.0721 4772 mssmbios - ok
17:17:31.0737 4772 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:17:31.0738 4772 MSTEE - ok
17:17:31.0750 4772 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:17:31.0751 4772 MTConfig - ok
17:17:31.0769 4772 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:17:31.0770 4772 Mup - ok
17:17:31.0784 4772 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
17:17:31.0790 4772 napagent - ok
17:17:31.0828 4772 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:17:31.0832 4772 NativeWifiP - ok
17:17:31.0861 4772 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
17:17:31.0866 4772 NDIS - ok
17:17:31.0878 4772 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:17:31.0879 4772 NdisCap - ok
17:17:31.0896 4772 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:17:31.0896 4772 NdisTapi - ok
17:17:31.0912 4772 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:17:31.0914 4772 Ndisuio - ok
17:17:31.0933 4772 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:17:31.0936 4772 NdisWan - ok
17:17:31.0955 4772 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:17:31.0956 4772 NDProxy - ok
17:17:31.0963 4772 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:17:31.0964 4772 NetBIOS - ok
17:17:31.0973 4772 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:17:31.0976 4772 NetBT - ok
17:17:31.0986 4772 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
17:17:31.0987 4772 Netlogon - ok
17:17:32.0018 4772 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:17:32.0023 4772 Netman - ok
17:17:32.0058 4772 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:17:32.0070 4772 NetMsmqActivator - ok
17:17:32.0074 4772 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:17:32.0075 4772 NetPipeActivator - ok
17:17:32.0114 4772 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:17:32.0117 4772 netprofm - ok
17:17:32.0130 4772 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:17:32.0131 4772 NetTcpActivator - ok
17:17:32.0136 4772 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:17:32.0137 4772 NetTcpPortSharing - ok
17:17:32.0179 4772 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:17:32.0180 4772 nfrd960 - ok
17:17:32.0193 4772 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:17:32.0196 4772 NlaSvc - ok
17:17:32.0202 4772 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:17:32.0204 4772 Npfs - ok
17:17:32.0217 4772 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:17:32.0218 4772 nsi - ok
17:17:32.0227 4772 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:17:32.0228 4772 nsiproxy - ok
17:17:32.0280 4772 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:17:32.0302 4772 Ntfs - ok
17:17:32.0310 4772 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:17:32.0311 4772 Null - ok
17:17:32.0329 4772 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:17:32.0331 4772 nvraid - ok
17:17:32.0339 4772 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:17:32.0342 4772 nvstor - ok
17:17:32.0376 4772 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:17:32.0378 4772 nv_agp - ok
17:17:32.0446 4772 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:17:32.0450 4772 odserv - ok
17:17:32.0479 4772 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:17:32.0481 4772 ohci1394 - ok
17:17:32.0503 4772 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:17:32.0505 4772 ose - ok
17:17:32.0526 4772 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:17:32.0531 4772 p2pimsvc - ok
17:17:32.0543 4772 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:17:32.0548 4772 p2psvc - ok
17:17:32.0593 4772 [ 20BD38241EDD66D8FDC9E3496A1762A3 ] PanService C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
17:17:32.0596 4772 PanService - ok
17:17:32.0619 4772 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:17:32.0621 4772 Parport - ok
17:17:32.0638 4772 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:17:32.0639 4772 partmgr - ok
17:17:32.0649 4772 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:17:32.0650 4772 PcaSvc - ok
17:17:32.0668 4772 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
17:17:32.0669 4772 pci - ok
17:17:32.0690 4772 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
17:17:32.0690 4772 pciide - ok
17:17:32.0703 4772 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:17:32.0706 4772 pcmcia - ok
17:17:32.0723 4772 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:17:32.0724 4772 pcw - ok
17:17:32.0747 4772 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:17:32.0751 4772 PEAUTH - ok
17:17:32.0788 4772 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
17:17:32.0802 4772 PeerDistSvc - ok
17:17:32.0889 4772 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:17:32.0890 4772 PerfHost - ok
17:17:32.0947 4772 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
17:17:32.0972 4772 pla - ok
17:17:33.0005 4772 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:17:33.0008 4772 PlugPlay - ok
17:17:33.0027 4772 PnkBstrA - ok
17:17:33.0032 4772 PnkBstrB - ok
17:17:33.0044 4772 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:17:33.0046 4772 PNRPAutoReg - ok
17:17:33.0068 4772 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:17:33.0071 4772 PNRPsvc - ok
17:17:33.0090 4772 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:17:33.0096 4772 PolicyAgent - ok
17:17:33.0133 4772 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:17:33.0135 4772 Power - ok
17:17:33.0160 4772 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:17:33.0162 4772 PptpMiniport - ok
17:17:33.0176 4772 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:17:33.0177 4772 Processor - ok
17:17:33.0212 4772 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
17:17:33.0214 4772 ProfSvc - ok
17:17:33.0228 4772 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:17:33.0229 4772 ProtectedStorage - ok
17:17:33.0267 4772 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:17:33.0269 4772 Psched - ok
17:17:33.0312 4772 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:17:33.0336 4772 ql2300 - ok
17:17:33.0351 4772 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:17:33.0353 4772 ql40xx - ok
17:17:33.0370 4772 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:17:33.0374 4772 QWAVE - ok
17:17:33.0394 4772 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:17:33.0396 4772 QWAVEdrv - ok
17:17:33.0440 4772 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
17:17:33.0442 4772 RapiMgr - ok
17:17:33.0454 4772 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:17:33.0454 4772 RasAcd - ok
17:17:33.0481 4772 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:17:33.0482 4772 RasAgileVpn - ok
17:17:33.0492 4772 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:17:33.0494 4772 RasAuto - ok
17:17:33.0515 4772 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:17:33.0516 4772 Rasl2tp - ok
17:17:33.0540 4772 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
17:17:33.0545 4772 RasMan - ok
17:17:33.0564 4772 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:17:33.0565 4772 RasPppoe - ok
17:17:33.0573 4772 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:17:33.0574 4772 RasSstp - ok
17:17:33.0591 4772 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:17:33.0594 4772 rdbss - ok
17:17:33.0609 4772 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:17:33.0610 4772 rdpbus - ok
17:17:33.0625 4772 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:17:33.0626 4772 RDPCDD - ok
17:17:33.0646 4772 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:17:33.0648 4772 RDPDR - ok
17:17:33.0661 4772 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:17:33.0662 4772 RDPENCDD - ok
17:17:33.0671 4772 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:17:33.0672 4772 RDPREFMP - ok
17:17:33.0715 4772 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:17:33.0716 4772 RdpVideoMiniport - ok
17:17:33.0749 4772 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:17:33.0752 4772 RDPWD - ok
17:17:33.0774 4772 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:17:33.0776 4772 rdyboost - ok
17:17:33.0799 4772 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:17:33.0801 4772 RemoteAccess - ok
17:17:33.0812 4772 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:17:33.0815 4772 RemoteRegistry - ok
17:17:33.0836 4772 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:17:33.0837 4772 RpcEptMapper - ok
17:17:33.0859 4772 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:17:33.0860 4772 RpcLocator - ok
17:17:33.0882 4772 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
17:17:33.0886 4772 RpcSs - ok
17:17:33.0897 4772 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:17:33.0898 4772 rspndr - ok
17:17:33.0936 4772 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:17:33.0942 4772 RTL8167 - ok
17:17:33.0958 4772 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
17:17:33.0959 4772 s3cap - ok
17:17:33.0989 4772 [ 83926D62EE621CCD4992E6E76948A7D9 ] s916bus C:\Windows\system32\DRIVERS\s916bus.sys
17:17:33.0991 4772 s916bus - ok
17:17:34.0003 4772 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
17:17:34.0004 4772 SamSs - ok
17:17:34.0025 4772 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:17:34.0026 4772 sbp2port - ok
17:17:34.0039 4772 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:17:34.0042 4772 SCardSvr - ok
17:17:34.0069 4772 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:17:34.0070 4772 scfilter - ok
17:17:34.0096 4772 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
17:17:34.0132 4772 Schedule - ok
17:17:34.0154 4772 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:17:34.0155 4772 SCPolicySvc - ok
17:17:34.0171 4772 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:17:34.0174 4772 SDRSVC - ok
17:17:34.0205 4772 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:17:34.0206 4772 secdrv - ok
17:17:34.0226 4772 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
17:17:34.0228 4772 seclogon - ok
17:17:34.0235 4772 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
17:17:34.0237 4772 SENS - ok
17:17:34.0248 4772 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:17:34.0250 4772 SensrSvc - ok
17:17:34.0255 4772 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:17:34.0256 4772 Serenum - ok
17:17:34.0269 4772 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:17:34.0271 4772 Serial - ok
17:17:34.0294 4772 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:17:34.0295 4772 sermouse - ok
17:17:34.0324 4772 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
17:17:34.0326 4772 SessionEnv - ok
17:17:34.0356 4772 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:17:34.0357 4772 sffdisk - ok
17:17:34.0371 4772 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:17:34.0373 4772 sffp_mmc - ok
17:17:34.0385 4772 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:17:34.0386 4772 sffp_sd - ok
17:17:34.0400 4772 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:17:34.0401 4772 sfloppy - ok
17:17:34.0430 4772 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:17:34.0435 4772 SharedAccess - ok
17:17:34.0462 4772 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:17:34.0465 4772 ShellHWDetection - ok
17:17:34.0489 4772 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:17:34.0490 4772 SiSRaid2 - ok
17:17:34.0500 4772 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:17:34.0502 4772 SiSRaid4 - ok
17:17:34.0554 4772 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:17:34.0555 4772 SkypeUpdate - ok
17:17:34.0579 4772 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:17:34.0581 4772 Smb - ok
17:17:34.0616 4772 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:17:34.0617 4772 SNMPTRAP - ok
17:17:34.0705 4772 [ 56794FAF924344155944851409D163C9 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
17:17:34.0758 4772 SNP2UVC - ok
17:17:34.0775 4772 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:17:34.0776 4772 spldr - ok
17:17:34.0811 4772 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
17:17:34.0815 4772 Spooler - ok
17:17:34.0877 4772 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
17:17:34.0930 4772 sppsvc - ok
17:17:34.0939 4772 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:17:34.0941 4772 sppuinotify - ok
17:17:34.0964 4772 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:17:34.0969 4772 srv - ok
17:17:34.0983 4772 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:17:34.0988 4772 srv2 - ok
17:17:34.0997 4772 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:17:34.0998 4772 srvnet - ok
17:17:35.0014 4772 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:17:35.0018 4772 SSDPSRV - ok
17:17:35.0027 4772 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:17:35.0029 4772 SstpSvc - ok
17:17:35.0066 4772 [ EF806D212D34B0E173BAEB3564D53E37 ] ss_bbus C:\Windows\system32\DRIVERS\ss_bbus.sys
17:17:35.0068 4772 ss_bbus - ok
17:17:35.0086 4772 [ 08B1B34ABEBEB6AC2DEA06900C56411E ] ss_bmdfl C:\Windows\system32\DRIVERS\ss_bmdfl.sys
17:17:35.0087 4772 ss_bmdfl - ok
17:17:35.0115 4772 [ 71A9DA6BEAA4CB54DFB827FB78600A5D ] ss_bmdm C:\Windows\system32\DRIVERS\ss_bmdm.sys
17:17:35.0117 4772 ss_bmdm - ok
17:17:35.0148 4772 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:17:35.0150 4772 stexstor - ok
17:17:35.0177 4772 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
17:17:35.0182 4772 stisvc - ok
17:17:35.0196 4772 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
17:17:35.0197 4772 storflt - ok
17:17:35.0212 4772 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
17:17:35.0213 4772 storvsc - ok
17:17:35.0243 4772 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
17:17:35.0244 4772 swenum - ok
17:17:35.0354 4772 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
17:17:35.0360 4772 SwitchBoard - ok
17:17:35.0375 4772 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:17:35.0381 4772 swprv - ok
17:17:35.0390 4772 Synth3dVsc - ok
17:17:35.0435 4772 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
17:17:35.0456 4772 SysMain - ok
17:17:35.0480 4772 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:17:35.0483 4772 TabletInputService - ok
17:17:35.0504 4772 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:17:35.0509 4772 TapiSrv - ok
17:17:35.0528 4772 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:17:35.0530 4772 TBS - ok
17:17:35.0572 4772 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:17:35.0592 4772 Tcpip - ok
17:17:35.0625 4772 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:17:35.0634 4772 TCPIP6 - ok
17:17:35.0658 4772 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:17:35.0659 4772 tcpipreg - ok
17:17:35.0682 4772 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:17:35.0683 4772 TDPIPE - ok
17:17:35.0718 4772 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:17:35.0718 4772 TDTCP - ok
17:17:35.0753 4772 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:17:35.0754 4772 tdx - ok
17:17:35.0852 4772 [ 01A402D34732CA3DA91786ADCC765069 ] TeamViewer6 C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
17:17:35.0864 4772 TeamViewer6 - ok
17:17:35.0949 4772 [ 74FC70AE64A7B7DABEC9697CE0A1F4FA ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
17:17:35.0974 4772 TeamViewer7 - ok
17:17:36.0002 4772 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
17:17:36.0003 4772 TermDD - ok
17:17:36.0022 4772 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
17:17:36.0030 4772 TermService - ok
17:17:36.0069 4772 [ 48D9D00C2E0E72C3D4F52772C80355F6 ] TFsExDisk C:\Windows\System32\Drivers\TFsExDisk.sys
17:17:36.0070 4772 TFsExDisk - ok
17:17:36.0079 4772 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:17:36.0080 4772 Themes - ok
17:17:36.0096 4772 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:17:36.0097 4772 THREADORDER - ok
17:17:36.0112 4772 TomTomHOMEService - ok
17:17:36.0147 4772 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:17:36.0150 4772 TrkWks - ok
17:17:36.0176 4772 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:17:36.0177 4772 TrustedInstaller - ok
17:17:36.0203 4772 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:17:36.0204 4772 tssecsrv - ok
17:17:36.0224 4772 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:17:36.0225 4772 TsUsbFlt - ok
17:17:36.0228 4772 tsusbhub - ok
17:17:36.0254 4772 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:17:36.0255 4772 tunnel - ok
17:17:36.0272 4772 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:17:36.0274 4772 uagp35 - ok
17:17:36.0302 4772 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:17:36.0306 4772 udfs - ok
17:17:36.0328 4772 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:17:36.0331 4772 UI0Detect - ok
17:17:36.0358 4772 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:17:36.0360 4772 uliagpkx - ok
17:17:36.0400 4772 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
17:17:36.0401 4772 umbus - ok
17:17:36.0414 4772 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:17:36.0414 4772 UmPass - ok
17:17:36.0435 4772 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
17:17:36.0439 4772 UmRdpService - ok
17:17:36.0457 4772 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:17:36.0462 4772 upnphost - ok
17:17:36.0511 4772 [ E68ADC602CD39B28AE844131A3D3762C ] USB28xxBGA C:\Windows\system32\DRIVERS\emBDA64.sys
17:17:36.0517 4772 USB28xxBGA - ok
17:17:36.0546 4772 [ 859A05F09F7D5CAD8B77D4563CE53E51 ] USB28xxOEM C:\Windows\system32\DRIVERS\emOEM64.sys
17:17:36.0547 4772 USB28xxOEM - ok
17:17:36.0561 4772 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:17:36.0562 4772 usbccgp - ok
17:17:36.0589 4772 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:17:36.0590 4772 usbcir - ok
17:17:36.0603 4772 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:17:36.0604 4772 usbehci - ok
17:17:36.0648 4772 [ 76E2FFAD301490BA27B947C6507752FB ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
17:17:36.0649 4772 usbfilter - ok
17:17:36.0673 4772 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:17:36.0677 4772 usbhub - ok
17:17:36.0694 4772 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
17:17:36.0695 4772 usbohci - ok
17:17:36.0705 4772 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:17:36.0706 4772 usbprint - ok
17:17:36.0739 4772 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:17:36.0740 4772 usbscan - ok
17:17:36.0753 4772 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:17:36.0755 4772 USBSTOR - ok
17:17:36.0763 4772 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:17:36.0764 4772 usbuhci - ok
17:17:36.0794 4772 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
17:17:36.0796 4772 usbvideo - ok
17:17:36.0822 4772 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
17:17:36.0823 4772 usb_rndisx - ok
17:17:36.0836 4772 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:17:36.0838 4772 UxSms - ok
17:17:36.0861 4772 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
17:17:36.0862 4772 VaultSvc - ok
17:17:36.0895 4772 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:17:36.0896 4772 vdrvroot - ok
17:17:36.0919 4772 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
17:17:36.0926 4772 vds - ok
17:17:36.0941 4772 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:17:36.0942 4772 vga - ok
17:17:36.0953 4772 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:17:36.0953 4772 VgaSave - ok
17:17:36.0957 4772 VGPU - ok
17:17:36.0975 4772 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:17:36.0978 4772 vhdmp - ok
17:17:37.0012 4772 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
17:17:37.0013 4772 viaide - ok
17:17:37.0033 4772 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
17:17:37.0034 4772 vmbus - ok
17:17:37.0054 4772 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
17:17:37.0055 4772 VMBusHID - ok
17:17:37.0065 4772 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:17:37.0066 4772 volmgr - ok
17:17:37.0083 4772 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:17:37.0085 4772 volmgrx - ok
17:17:37.0094 4772 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:17:37.0096 4772 volsnap - ok
17:17:37.0118 4772 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:17:37.0121 4772 vsmraid - ok
17:17:37.0162 4772 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
17:17:37.0188 4772 VSS - ok
17:17:37.0215 4772 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
17:17:37.0216 4772 vwifibus - ok
17:17:37.0252 4772 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:17:37.0258 4772 W32Time - ok
17:17:37.0270 4772 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:17:37.0271 4772 WacomPen - ok
17:17:37.0300 4772 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:17:37.0301 4772 WANARP - ok
17:17:37.0305 4772 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:17:37.0305 4772 Wanarpv6 - ok
17:17:37.0362 4772 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:17:37.0375 4772 WatAdminSvc - ok
17:17:37.0439 4772 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
17:17:37.0464 4772 wbengine - ok
17:17:37.0475 4772 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:17:37.0479 4772 WbioSrvc - ok
17:17:37.0513 4772 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
17:17:37.0517 4772 WcesComm - ok
17:17:37.0537 4772 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:17:37.0542 4772 wcncsvc - ok
17:17:37.0555 4772 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:17:37.0557 4772 WcsPlugInService - ok
17:17:37.0573 4772 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:17:37.0574 4772 Wd - ok
17:17:37.0596 4772 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:17:37.0599 4772 Wdf01000 - ok
17:17:37.0611 4772 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:17:37.0614 4772 WdiServiceHost - ok
17:17:37.0618 4772 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:17:37.0620 4772 WdiSystemHost - ok
17:17:37.0646 4772 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
17:17:37.0650 4772 WebClient - ok
17:17:37.0662 4772 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:17:37.0666 4772 Wecsvc - ok
17:17:37.0677 4772 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:17:37.0680 4772 wercplsupport - ok
17:17:37.0696 4772 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:17:37.0698 4772 WerSvc - ok
17:17:37.0712 4772 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:17:37.0713 4772 WfpLwf - ok
17:17:37.0725 4772 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:17:37.0726 4772 WIMMount - ok
17:17:37.0738 4772 WinDefend - ok
17:17:37.0756 4772 WinHttpAutoProxySvc - ok
17:17:37.0799 4772 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:17:37.0802 4772 Winmgmt - ok
17:17:37.0844 4772 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
17:17:37.0879 4772 WinRM - ok
17:17:37.0916 4772 [ FE88B288356E7B47B74B13372ADD906D ] WINUSB C:\Windows\system32\DRIVERS\WinUsb.sys
17:17:37.0917 4772 WINUSB - ok
17:17:37.0941 4772 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:17:37.0952 4772 Wlansvc - ok
17:17:38.0032 4772 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:17:38.0066 4772 wlidsvc - ok
17:17:38.0085 4772 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:17:38.0087 4772 WmiAcpi - ok
17:17:38.0103 4772 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:17:38.0106 4772 wmiApSrv - ok
17:17:38.0116 4772 WMPNetworkSvc - ok
17:17:38.0128 4772 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:17:38.0130 4772 WPCSvc - ok
17:17:38.0157 4772 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:17:38.0160 4772 WPDBusEnum - ok
17:17:38.0184 4772 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:17:38.0185 4772 ws2ifsl - ok
17:17:38.0194 4772 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
17:17:38.0197 4772 wscsvc - ok
17:17:38.0201 4772 WSearch - ok
17:17:38.0261 4772 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:17:38.0295 4772 wuauserv - ok
17:17:38.0307 4772 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:17:38.0308 4772 WudfPf - ok
17:17:38.0332 4772 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:17:38.0334 4772 WUDFRd - ok
17:17:38.0352 4772 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:17:38.0354 4772 wudfsvc - ok
17:17:38.0367 4772 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
17:17:38.0372 4772 WwanSvc - ok
17:17:38.0399 4772 ================ Scan global ===============================
17:17:38.0419 4772 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:17:38.0441 4772 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
17:17:38.0448 4772 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
17:17:38.0470 4772 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:17:38.0497 4772 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:17:38.0500 4772 [Global] - ok
17:17:38.0500 4772 ================ Scan MBR ==================================
17:17:38.0503 4772 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
17:17:38.0508 4772 \Device\Harddisk0\DR0 - ok
17:17:38.0517 4772 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
17:17:38.0884 4772 \Device\Harddisk1\DR1 - ok
17:17:38.0884 4772 ================ Scan VBR ==================================
17:17:38.0887 4772 [ EC44CD3E918D92B823E2D7F19F101902 ] \Device\Harddisk0\DR0\Partition1
17:17:38.0888 4772 \Device\Harddisk0\DR0\Partition1 - ok
17:17:38.0940 4772 [ 5FC3B2E3E935FCE044529E860806A766 ] \Device\Harddisk1\DR1\Partition1
17:17:38.0941 4772 \Device\Harddisk1\DR1\Partition1 - ok
17:17:38.0950 4772 [ 409E72E3D0A4ED3E8973EE1AEF91ECE1 ] \Device\Harddisk1\DR1\Partition2
17:17:38.0951 4772 \Device\Harddisk1\DR1\Partition2 - ok
17:17:38.0951 4772 ============================================================
17:17:38.0951 4772 Scan finished
17:17:38.0951 4772 ============================================================
17:17:38.0962 2268 Detected object count: 0
17:17:38.0962 2268 Actual detected object count: 0
17:17:44.0197 4432 Deinitialize success

[Gizzer2]

ComboFix 12-09-04.02 - Michal 04.09.2012 17:24:56.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4095.2546 [GMT 2:00]
Spuštìný z: c:\users\Michal\Desktop\ComboFix.exe
AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
FW: AVG Internet Security 2012 *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}
SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Michal\AppData\Local\TempDIR
c:\windows\iun6002.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SysWow64\restart.exe
.
.
((((((((((((((((((((((((( Soubory vytvoøené od 2012-08-04 do 2012-09-04 )))))))))))))))))))))))))))))))
.
.
2012-09-04 15:36 . 2012-09-04 15:36 -------- d-----w- c:\users\Dìtièky\AppData\Local\temp
2012-09-04 15:36 . 2012-09-04 15:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-04 14:04 . 2012-09-04 14:04 -------- d-----w- c:\users\Michal\AppData\Local\Adobe
2012-09-03 18:11 . 2012-09-03 18:11 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-09-03 18:11 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-03 15:49 . 2005-11-22 18:40 18944 ----a-w- c:\windows\system32\csnpstd3.dll
2012-09-02 11:52 . 2012-09-02 11:52 -------- d-----w- c:\users\Michal\AppData\Roaming\SmartFTP
2012-09-02 11:52 . 2012-09-02 11:52 -------- d-----w- c:\program files\SmartFTP Client
2012-09-02 11:51 . 2012-09-02 11:51 -------- d-----w- c:\program files (x86)\SmartFTP Client 4.0 (x64) Setup Files
2012-08-31 08:29 . 2012-08-31 08:29 -------- d-----w- c:\programdata\ATI
2012-08-31 08:29 . 2012-08-31 08:29 -------- d-----w- c:\program files (x86)\AMD APP
2012-08-30 07:09 . 2012-08-30 07:09 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2012-08-19 09:38 . 2012-08-19 09:38 -------- d-----w- c:\program files (x86)\SecurityXploded
2012-08-17 16:43 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll
2012-08-17 16:43 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2012-08-17 16:43 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll
2012-08-17 16:43 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll
2012-08-17 16:43 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll
2012-08-17 16:43 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll
2012-08-17 16:42 . 2012-06-16 05:15 911360 ----a-w- c:\windows\system32\jscript.dll
2012-08-17 16:42 . 2012-06-16 05:16 609792 ----a-w- c:\windows\system32\vbscript.dll
2012-08-17 16:42 . 2012-06-16 04:26 428032 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-08-17 16:42 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll
2012-08-17 16:42 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2012-08-17 16:42 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2012-08-17 16:42 . 2012-02-11 05:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2012-08-17 16:42 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-08-17 16:42 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-17 18:59 . 2011-10-06 19:39 62134624 ----a-w- c:\windows\system32\MRT.exe
2012-08-17 18:16 . 2012-04-02 05:04 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-17 18:16 . 2011-10-06 18:33 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-28 04:09 . 2011-09-08 17:05 5538984 ----a-w- c:\windows\SysWow64\atiumdag.dll
2012-07-28 04:07 . 2012-07-28 04:07 10278912 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-07-28 03:43 . 2012-07-28 03:43 70144 ----a-w- c:\windows\system32\coinst_8.982.dll
2012-07-28 03:19 . 2012-07-28 03:19 24935424 ----a-w- c:\windows\system32\atio6axx.dll
2012-07-28 02:50 . 2012-07-28 02:50 20546560 ----a-w- c:\windows\SysWow64\atioglxx.dll
2012-07-28 02:15 . 2012-07-28 02:15 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2012-07-28 02:15 . 2011-09-08 17:34 931328 ----a-w- c:\windows\SysWow64\aticfx32.dll
2012-07-28 02:13 . 2011-09-08 17:32 1100288 ----a-w- c:\windows\system32\aticfx64.dll
2012-07-28 02:10 . 2012-07-28 02:10 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-07-28 02:10 . 2012-07-28 02:10 534528 ----a-w- c:\windows\system32\atieclxx.exe
2012-07-28 02:09 . 2012-07-28 02:09 239616 ----a-w- c:\windows\system32\atiesrxx.exe
2012-07-28 02:08 . 2012-07-28 02:08 120320 ----a-w- c:\windows\system32\atitmm64.dll
2012-07-28 02:08 . 2012-07-28 02:08 21504 ----a-w- c:\windows\system32\atimuixx.dll
2012-07-28 02:07 . 2012-07-28 02:07 59392 ----a-w- c:\windows\system32\atiedu64.dll
2012-07-28 02:07 . 2012-07-28 02:07 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2012-07-28 02:07 . 2012-07-28 02:07 6430208 ----a-w- c:\windows\SysWow64\atidxx32.dll
2012-07-28 01:51 . 2011-09-08 17:16 7052288 ----a-w- c:\windows\system32\atidxx64.dll
2012-07-28 01:41 . 2012-07-28 01:41 4266496 ----a-w- c:\windows\system32\atiumd6a.dll
2012-07-28 01:35 . 2012-07-28 01:35 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2012-07-28 01:35 . 2012-07-28 01:35 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2012-07-28 01:35 . 2012-07-28 01:35 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2012-07-28 01:35 . 2012-07-28 01:35 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2012-07-28 01:34 . 2012-07-28 01:34 16034304 ----a-w- c:\windows\system32\aticaldd64.dll
2012-07-28 01:32 . 2011-09-08 17:08 4751872 ----a-w- c:\windows\SysWow64\atiumdva.dll
2012-07-28 01:30 . 2012-07-28 01:30 13605888 ----a-w- c:\windows\SysWow64\aticaldd.dll
2012-07-28 01:25 . 2012-07-28 01:25 6676480 ----a-w- c:\windows\system32\atiumd64.dll
2012-07-28 01:15 . 2012-07-28 01:15 540160 ----a-w- c:\windows\system32\atiadlxx.dll
2012-07-28 01:15 . 2012-07-28 01:15 368640 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2012-07-28 01:15 . 2012-07-28 01:15 17920 ----a-w- c:\windows\system32\atig6pxx.dll
2012-07-28 01:15 . 2012-07-28 01:15 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2012-07-28 01:15 . 2012-07-28 01:15 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-07-28 01:15 . 2012-07-28 01:15 41984 ----a-w- c:\windows\system32\atig6txx.dll
2012-07-28 01:14 . 2012-07-28 01:14 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2012-07-28 01:14 . 2012-07-28 01:14 368640 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-07-28 01:13 . 2011-09-08 16:52 129536 ----a-w- c:\windows\system32\atiuxp64.dll
2012-07-28 01:13 . 2012-07-28 01:13 109568 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2012-07-28 01:13 . 2012-04-06 01:09 103936 ----a-w- c:\windows\system32\atiu9p64.dll
2012-07-28 01:13 . 2011-09-08 16:51 83456 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2012-07-28 01:12 . 2012-07-28 01:12 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-07-28 01:08 . 2012-07-28 01:08 56320 ----a-w- c:\windows\system32\atimpc64.dll
2012-07-28 01:08 . 2012-07-28 01:08 56320 ----a-w- c:\windows\system32\amdpcom64.dll
2012-07-28 01:08 . 2012-07-28 01:08 56832 ----a-w- c:\windows\SysWow64\atimpc32.dll
2012-07-28 01:08 . 2012-07-28 01:08 56832 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2012-07-27 20:47 . 2012-07-27 20:47 187392 ----a-w- c:\windows\system32\clinfo.exe
2012-07-27 20:47 . 2012-07-27 20:47 75776 ----a-w- c:\windows\system32\OpenVideo64.dll
2012-07-27 20:47 . 2012-07-27 20:47 65024 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2012-07-27 20:47 . 2012-07-27 20:47 63488 ----a-w- c:\windows\system32\OVDecode64.dll
2012-07-27 20:47 . 2012-07-27 20:47 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
2012-07-27 20:46 . 2012-07-27 20:46 16464896 ----a-w- c:\windows\system32\amdocl64.dll
2012-07-27 20:46 . 2012-07-27 20:46 13013504 ----a-w- c:\windows\SysWow64\amdocl.dll
2012-06-09 05:43 . 2012-07-11 04:46 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-06-06 18:59 . 2012-06-06 18:59 1070152 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX
.
.
(((((((((((((((((((((((((((((((((( Spouštìcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
"BitTorrent"="c:\program files (x86)\BitTorrent\BitTorrent.exe" [2012-05-25 6380400]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-08-29 1996200]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-08-06 642216]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-06 136176]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
R2 TomTomHOMEService;TomTomHOMEService;f:\tomtom home 2\TomTomHOMEService.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-17 250056]
R3 ALSysIO;ALSysIO;c:\users\Michal\AppData\Local\Temp\ALSysIO64.sys [x]
R3 appliandMP;appliandMP;c:\windows\system32\DRIVERS\appliand.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-06 136176]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 s916bus;Sony Ericsson Device 916 driver (WDM);c:\windows\system32\DRIVERS\s916bus.sys [2007-11-02 108072]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 127488]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 18944]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 161280]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2010-06-14 16448]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-10-07 1255736]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys [2011-05-22 48992]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-02-22 289872]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-05-08 283200]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-07-28 239616]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-08-06 361984]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2012\avgfws.exe [2012-06-13 2321560]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-07-04 5160568]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-08-29 2369960]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [2011-12-21 578264]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-11-03 2358656]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-02-23 2886528]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-07-28 10278912]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-07-28 368640]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2011-06-06 231440]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2010-11-29 44672]
.
.
--- Ostatní služby/ovladaèe v pamìti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáøe 'Naplánované úlohy'
.
2012-09-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 18:16]
.
2012-08-24 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-293111937-1544317487-1749273810-1001Core.job
- c:\users\Michal\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-06 04:59]
.
2012-09-04 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-293111937-1544317487-1749273810-1001UA.job
- c:\users\Michal\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-06 04:59]
.
2012-09-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-06 18:01]
.
2012-09-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-06 18:01]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-05-07 12481128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplòkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Stáhnout pomocí &BitSpiritu - c:\program files (x86)\BitSpirit\bsurl.htm
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 10.255.255.10 10.255.255.20
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\shell32.dll
FF - ProfilePath - c:\users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\w3hx1gmi.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - prefs.js: network.proxy.gopher -
FF - prefs.js: network.proxy.gopher_port - 0
FF - prefs.js: network.proxy.type - 0
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - NEPLATNÉ POLOŽKY ODSTRANÌNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-DesktopIconToy - c:\program files (x86)\Desktop Icon Toy\DesktopIconToy.exe
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKCU-Run-RGSC - c:\program files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
Wow6432Node-HKLM-Run-NPSStartup - (no file)
HKLM-Run-snp2uvc - c:\windows\vsnp2uvc.exe
AddRemove-Mp3tag - c:\program files (x86)\Mp3tag\Mp3tagUninstall.EXE
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍÈE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-293111937-1544317487-1749273810-1001\Software\SecuROM\License information*]
"datasecu"=hex:02,81,92,33,41,a1,bd,db,7e,9b,8f,69,d4,f6,a3,fc,b3,b5,6b,22,66,
74,47,8c,de,c6,b8,f7,c5,0a,70,c7,b4,a6,ee,d1,e1,cd,09,c4,54,4b,40,06,92,cc,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\PnkBstrB.exe
.
**************************************************************************
.
Celkový èas: 2012-09-04 17:59:35 - poèítaè byl restartován
ComboFix-quarantined-files.txt 2012-09-04 15:59
.
Pøed spuštìním: Volných bajtù: 186 678 087 680
Po spuštìní: Volných bajtù: 186 507 194 368
.
- - End Of File - - FAB74A361E7EFAEC48ABFA14B33DF160

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
File::
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Skype\Updater\Updater.exe
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-293111937-1544317487-1749273810-1001Core.job
c:\users\Michal\AppData\Local\Facebook\Update\FacebookUpdate.exe
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-293111937-1544317487-1749273810-1001UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\program files (x86)\Google\Update
c:\program files (x86)\Skype\Updater
c:\users\Michal\AppData\Local\Facebook\Update

Driver::
gupdate
SkypeUpdate
gupdatem

Firefo::
FF - ProfilePath - c:\users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\w3hx1gmi.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}

RegNull::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

[Gizzer2]

ComboFix 12-09-04.02 - Michal 04.09.2012 21:11:09.2.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4095.2534 [GMT 2:00]
Spuštěný z: c:\users\Michal\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Michal\Desktop\CFScript.txt
AV: AVG Internet Security 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
FW: AVG Internet Security 2012 *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}
SP: AVG Internet Security 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\program files (x86)\Google\Update\GoogleUpdate.exe"
"c:\program files (x86)\Skype\Updater\Updater.exe"
"c:\users\Michal\AppData\Local\Facebook\Update\FacebookUpdate.exe"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-293111937-1544317487-1749273810-1001Core.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-293111937-1544317487-1749273810-1001UA.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.21.115\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.21.115\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.21.115\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.21.115\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.21.115\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.21.115\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.21.115\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.21.115\goopdate.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.21.115\psmachine.dll
c:\program files (x86)\Google\Update\1.3.21.115\psuser.dll
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.115\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\21.0.1180.89\21.0.1180.89_21.0.1180.83_chrome_updater.exe
c:\program files (x86)\Google\Update\Download\{B96567E4-1B48-49CF-92F1-9B94370D2C24}\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\users\Michal\AppData\Local\Facebook\Update
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\FacebookCrashHandler.exe
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdate.exe
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\FacebookUpdateHelper.msi
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ar.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bg.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_bn.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ca.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_cs.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_da.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_de.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_el.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en-GB.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_en.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es-419.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_es.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_et.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fa.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fi.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fil.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_fr.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_gu.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hi.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hr.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_hu.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_id.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_is.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_it.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_iw.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ja.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_kn.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ko.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lt.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_lv.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ml.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_mr.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ms.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_nl.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_no.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_or.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pl.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-BR.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_pt-PT.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ro.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ru.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sk.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sl.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sr.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_sv.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ta.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_te.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_th.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_tr.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_uk.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_ur.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_vi.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-CN.dll
c:\users\Michal\AppData\Local\Facebook\Update\1.2.205.0\goopdateres_zh-TW.dll
c:\users\Michal\AppData\Local\Facebook\Update\FacebookUpdate.exe
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-293111937-1544317487-1749273810-1001Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-293111937-1544317487-1749273810-1001UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-08-04 do 2012-09-04 )))))))))))))))))))))))))))))))
.
.
2012-09-04 19:24 . 2012-09-04 19:24 -------- d-----w- c:\users\Dětičky\AppData\Local\temp
2012-09-04 19:24 . 2012-09-04 19:24 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-04 14:04 . 2012-09-04 14:04 -------- d-----w- c:\users\Michal\AppData\Local\Adobe
2012-09-03 18:11 . 2012-09-03 18:11 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-09-03 18:11 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-03 15:49 . 2005-11-22 18:40 18944 ----a-w- c:\windows\system32\csnpstd3.dll
2012-09-02 11:52 . 2012-09-02 11:52 -------- d-----w- c:\users\Michal\AppData\Roaming\SmartFTP
2012-09-02 11:52 . 2012-09-02 11:52 -------- d-----w- c:\program files\SmartFTP Client
2012-09-02 11:51 . 2012-09-02 11:51 -------- d-----w- c:\program files (x86)\SmartFTP Client 4.0 (x64) Setup Files
2012-08-31 08:29 . 2012-08-31 08:29 -------- d-----w- c:\programdata\ATI
2012-08-31 08:29 . 2012-08-31 08:29 -------- d-----w- c:\program files (x86)\AMD APP
2012-08-30 07:09 . 2012-08-30 07:09 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2012-08-19 09:38 . 2012-08-19 09:38 -------- d-----w- c:\program files (x86)\SecurityXploded
2012-08-17 16:43 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll
2012-08-17 16:43 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2012-08-17 16:43 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll
2012-08-17 16:43 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll
2012-08-17 16:43 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll
2012-08-17 16:43 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll
2012-08-17 16:42 . 2012-06-16 05:15 911360 ----a-w- c:\windows\system32\jscript.dll
2012-08-17 16:42 . 2012-06-16 05:16 609792 ----a-w- c:\windows\system32\vbscript.dll
2012-08-17 16:42 . 2012-06-16 04:26 428032 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-08-17 16:42 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll
2012-08-17 16:42 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2012-08-17 16:42 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2012-08-17 16:42 . 2012-02-11 05:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2012-08-17 16:42 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-08-17 16:42 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-17 18:59 . 2011-10-06 19:39 62134624 ----a-w- c:\windows\system32\MRT.exe
2012-08-17 18:16 . 2012-04-02 05:04 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-17 18:16 . 2011-10-06 18:33 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-28 04:09 . 2011-09-08 17:05 5538984 ----a-w- c:\windows\SysWow64\atiumdag.dll
2012-07-28 04:07 . 2012-07-28 04:07 10278912 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-07-28 03:43 . 2012-07-28 03:43 70144 ----a-w- c:\windows\system32\coinst_8.982.dll
2012-07-28 03:19 . 2012-07-28 03:19 24935424 ----a-w- c:\windows\system32\atio6axx.dll
2012-07-28 02:50 . 2012-07-28 02:50 20546560 ----a-w- c:\windows\SysWow64\atioglxx.dll
2012-07-28 02:15 . 2012-07-28 02:15 163840 ----a-w- c:\windows\system32\atiapfxx.exe
2012-07-28 02:15 . 2011-09-08 17:34 931328 ----a-w- c:\windows\SysWow64\aticfx32.dll
2012-07-28 02:13 . 2011-09-08 17:32 1100288 ----a-w- c:\windows\system32\aticfx64.dll
2012-07-28 02:10 . 2012-07-28 02:10 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-07-28 02:10 . 2012-07-28 02:10 534528 ----a-w- c:\windows\system32\atieclxx.exe
2012-07-28 02:09 . 2012-07-28 02:09 239616 ----a-w- c:\windows\system32\atiesrxx.exe
2012-07-28 02:08 . 2012-07-28 02:08 120320 ----a-w- c:\windows\system32\atitmm64.dll
2012-07-28 02:08 . 2012-07-28 02:08 21504 ----a-w- c:\windows\system32\atimuixx.dll
2012-07-28 02:07 . 2012-07-28 02:07 59392 ----a-w- c:\windows\system32\atiedu64.dll
2012-07-28 02:07 . 2012-07-28 02:07 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2012-07-28 02:07 . 2012-07-28 02:07 6430208 ----a-w- c:\windows\SysWow64\atidxx32.dll
2012-07-28 01:51 . 2011-09-08 17:16 7052288 ----a-w- c:\windows\system32\atidxx64.dll
2012-07-28 01:41 . 2012-07-28 01:41 4266496 ----a-w- c:\windows\system32\atiumd6a.dll
2012-07-28 01:35 . 2012-07-28 01:35 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2012-07-28 01:35 . 2012-07-28 01:35 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2012-07-28 01:35 . 2012-07-28 01:35 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2012-07-28 01:35 . 2012-07-28 01:35 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2012-07-28 01:34 . 2012-07-28 01:34 16034304 ----a-w- c:\windows\system32\aticaldd64.dll
2012-07-28 01:32 . 2011-09-08 17:08 4751872 ----a-w- c:\windows\SysWow64\atiumdva.dll
2012-07-28 01:30 . 2012-07-28 01:30 13605888 ----a-w- c:\windows\SysWow64\aticaldd.dll
2012-07-28 01:25 . 2012-07-28 01:25 6676480 ----a-w- c:\windows\system32\atiumd64.dll
2012-07-28 01:15 . 2012-07-28 01:15 540160 ----a-w- c:\windows\system32\atiadlxx.dll
2012-07-28 01:15 . 2012-07-28 01:15 368640 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2012-07-28 01:15 . 2012-07-28 01:15 17920 ----a-w- c:\windows\system32\atig6pxx.dll
2012-07-28 01:15 . 2012-07-28 01:15 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2012-07-28 01:15 . 2012-07-28 01:15 14848 ----a-w- c:\windows\system32\atiglpxx.dll
2012-07-28 01:15 . 2012-07-28 01:15 41984 ----a-w- c:\windows\system32\atig6txx.dll
2012-07-28 01:14 . 2012-07-28 01:14 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2012-07-28 01:14 . 2012-07-28 01:14 368640 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-07-28 01:13 . 2011-09-08 16:52 129536 ----a-w- c:\windows\system32\atiuxp64.dll
2012-07-28 01:13 . 2012-07-28 01:13 109568 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2012-07-28 01:13 . 2012-04-06 01:09 103936 ----a-w- c:\windows\system32\atiu9p64.dll
2012-07-28 01:13 . 2011-09-08 16:51 83456 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2012-07-28 01:12 . 2012-07-28 01:12 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-07-28 01:08 . 2012-07-28 01:08 56320 ----a-w- c:\windows\system32\atimpc64.dll
2012-07-28 01:08 . 2012-07-28 01:08 56320 ----a-w- c:\windows\system32\amdpcom64.dll
2012-07-28 01:08 . 2012-07-28 01:08 56832 ----a-w- c:\windows\SysWow64\atimpc32.dll
2012-07-28 01:08 . 2012-07-28 01:08 56832 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2012-07-27 20:47 . 2012-07-27 20:47 187392 ----a-w- c:\windows\system32\clinfo.exe
2012-07-27 20:47 . 2012-07-27 20:47 75776 ----a-w- c:\windows\system32\OpenVideo64.dll
2012-07-27 20:47 . 2012-07-27 20:47 65024 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2012-07-27 20:47 . 2012-07-27 20:47 63488 ----a-w- c:\windows\system32\OVDecode64.dll
2012-07-27 20:47 . 2012-07-27 20:47 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll
2012-07-27 20:46 . 2012-07-27 20:46 16464896 ----a-w- c:\windows\system32\amdocl64.dll
2012-07-27 20:46 . 2012-07-27 20:46 13013504 ----a-w- c:\windows\SysWow64\amdocl.dll
2012-06-09 05:43 . 2012-07-11 04:46 14172672 ----a-w- c:\windows\system32\shell32.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-09-04_15.42.39 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-10-06 17:50 . 2012-09-04 19:09 59436 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-09-04 19:09 41404 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-10-06 17:50 . 2012-09-04 19:09 20582 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-293111937-1544317487-1749273810-1001_UserData.bin
+ 2011-10-06 17:44 . 2012-09-04 19:27 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-10-06 17:44 . 2012-09-04 15:40 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-10-06 17:44 . 2012-09-04 19:27 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-10-06 17:44 . 2012-09-04 15:40 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-09-04 15:40 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-09-04 19:27 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-10-06 17:50 . 2012-09-04 19:08 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-10-06 17:50 . 2012-09-04 15:43 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-10-06 17:50 . 2012-09-04 19:08 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-10-06 17:50 . 2012-09-04 15:43 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-10-06 17:50 . 2012-09-04 19:08 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-10-06 17:50 . 2012-09-04 15:43 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-10-06 17:50 . 2012-09-04 15:43 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-10-06 17:50 . 2012-09-04 19:08 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-10-06 17:50 . 2012-09-04 15:43 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-10-06 17:50 . 2012-09-04 19:08 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-10-27 03:01 . 2012-09-04 16:00 5078 c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2012-09-04 19:26 . 2012-09-04 19:26 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-09-04 15:39 . 2012-09-04 15:39 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-09-04 15:39 . 2012-09-04 15:39 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-09-04 19:26 . 2012-09-04 19:26 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 05:01 . 2012-09-04 15:38 480976 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-09-04 19:25 480976 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2011-10-06 18:02 . 2012-09-04 15:38 728872 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-293111937-1544317487-1749273810-1001-8192.dat
+ 2011-10-06 18:02 . 2012-09-04 19:06 728872 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-293111937-1544317487-1749273810-1001-8192.dat
- 2011-10-06 18:16 . 2012-09-04 15:38 4120592 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2011-10-06 18:16 . 2012-09-04 19:25 4120592 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2011-09-14 393216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-08-06 642216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-07-04 5160568]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 TomTomHOMEService;TomTomHOMEService;f:\tomtom home 2\TomTomHOMEService.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-17 250056]
R3 ALSysIO;ALSysIO;c:\users\Michal\AppData\Local\Temp\ALSysIO64.sys [x]
R3 appliandMP;appliandMP;c:\windows\system32\DRIVERS\appliand.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 s916bus;Sony Ericsson Device 916 driver (WDM);c:\windows\system32\DRIVERS\s916bus.sys [2007-11-02 108072]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 127488]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 18944]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 161280]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2010-06-14 16448]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-10-07 1255736]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys [2011-05-22 48992]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-02-22 289872]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-05-08 283200]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-07-28 239616]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-08-06 361984]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2012\avgfws.exe [2012-06-13 2321560]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-08-29 2369960]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [2011-12-21 578264]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-11-03 2358656]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-02-23 2886528]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-07-28 10278912]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-07-28 368640]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2011-06-06 231440]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2010-11-29 44672]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-09-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 18:16]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-05-07 12481128]
"snp2uvc"="c:\windows\vsnp2uvc.exe" [BU]
"combofix"="c:\combofix\CF12920.3XE" [2010-11-20 345088]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Spustit klienta k monitoru &1 - c:\windows\web\AOpenClient.htm
IE: Spustit klienta k monitoru &2 - c:\windows\web\AOpenClient.htm
IE: Stáhnout pomocí &BitSpiritu - c:\program files (x86)\BitSpirit\bsurl.htm
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 10.255.255.10 10.255.255.20
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\shell32.dll
FF - ProfilePath - c:\users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\w3hx1gmi.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - seznam.cz
FF - prefs.js: network.proxy.gopher -
FF - prefs.js: network.proxy.gopher_port - 0
FF - prefs.js: network.proxy.type - 0
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-293111937-1544317487-1749273810-1001\Software\SecuROM\License information*]
"datasecu"=hex:02,81,92,33,41,a1,bd,db,7e,9b,8f,69,d4,f6,a3,fc,b3,b5,6b,22,66,
74,47,8c,de,c6,b8,f7,c5,0a,70,c7,b4,a6,ee,d1,e1,cd,09,c4,54,4b,40,06,92,cc,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\PnkBstrB.exe
.
**************************************************************************
.
Celkový čas: 2012-09-04 21:42:24 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-09-04 19:42
ComboFix2.txt 2012-09-04 15:59
.
Před spuštěním: Volných bajtů: 186 239 176 704
Po spuštění: Volných bajtů: 185 954 263 040
.
- - End Of File - - 4915A605546F1219FB63C2DB4FE357BD

[Gizzer2]

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-04 21:47:41
-----------------------------
21:47:41.466 OS Version: Windows x64 6.1.7601 Service Pack 1
21:47:41.466 Number of processors: 2 586 0x602
21:47:41.467 ComputerName: MICHAL-PC UserName: Michal
21:47:42.874 Initialize success
21:48:29.442 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T1L0-4
21:48:29.445 Disk 0 Vendor: WDC_WD800AAJS-00PSA0 05.06H05 Size: 76318MB BusType: 3
21:48:29.447 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T0L0-1
21:48:29.449 Disk 1 Vendor: WDC_WD5000AAKS-00V1A0 05.01D05 Size: 476940MB BusType: 3
21:48:29.494 Disk 1 MBR read successfully
21:48:29.496 Disk 1 MBR scan
21:48:29.499 Disk 1 Windows 7 default MBR code
21:48:29.501 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 200 MB offset 2048
21:48:29.511 Disk 1 Partition 2 00 07 HPFS/NTFS NTFS 476738 MB offset 411648
21:48:29.533 Disk 1 scanning C:\Windows\system32\drivers
21:48:37.001 Service scanning
21:48:48.831 Modules scanning
21:48:48.837 Disk 1 trace - called modules:
21:48:48.869 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
21:48:49.205 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa8004915060]
21:48:49.209 3 CLASSPNP.SYS[fffff8800196743f] -> nt!IofCallDriver -> [0xfffffa8004693520]
21:48:49.213 5 ACPI.sys[fffff88000ed57a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0xfffffa8004695060]
21:48:49.217 Scan finished successfully
21:48:55.570 Disk 1 MBR has been saved successfully to "C:\Users\Michal\Desktop\MBR.dat"
21:48:55.575 The log file has been saved successfully to "C:\Users\Michal\Desktop\aswMBR.txt"