Prevence + opět stažení kravin z e-mailu

HAFcool · Příspěvekod **HAFcool** » 16 lis 2012 01:08

Zdravím,

mohl by mi někdo prosím zkontrolovat log? V e-mailu byly nějaké nečistoty a myslím si, že se mi i něco stáhlo do počítače a nechci nic riskovat.

Děkuji za kontrolu.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:04:20, on 16.11.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.7930.16406)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHELP.exe
I:\ITUNES\iTunesHelper.exe
I:\AVAST\AvastUI.exe
I:\HIJACKTHIS\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://webtv.starnet.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.my-tools-app.com/?babsrc= ... &isid=9848
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - I:\CHEAT ENGINE\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - I:\CHEAT ENGINE\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "I:\ITUNES\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast] "I:\AVAST\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\HAF\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: &NeoTrace It! - I:\DOWNLO~1\NEOTRA~1\NTXcontext.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://I:\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: S&end to OneNote - res://I:\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\Microsoft Office\Office12\REFIEBAR.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - I:\CHEAT ENGINE\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - I:\AVAST\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 9906 bytes

Reklama

Příspěvekod **memphisto** » 16 lis 2012 09:14

fixni:
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.my-tools-app.com/?babsrc= ... &isid=9848
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "I:\ITUNES\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\HAF\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.

HAFcool · Příspěvekod **HAFcool** » 16 lis 2012 18:38

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Verze databáze: v2012.11.16.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.7930.16406
HAF :: HAF-PC [administrátor]

16.11.2012 18:32:17
mbam-log-2012-11-16 (18-32-17).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 233719
Uplynulý čas: 5 minut, 1 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

Tady to je. Zatím děkuju.

Příspěvekod **Žbeky** » 17 lis 2012 10:21

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.

HAFcool · Příspěvekod **HAFcool** » 17 lis 2012 12:30

ComboFix 12-11-16.02 - HAF 17.11.2012 12:16:33.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4094.2836 [GMT 1:00]
Spuštěný z: c:\users\HAF\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\100
c:\users\HAF\AppData\Local\Temp\7zS464E\HPSLPSVC64.DLL
c:\users\HAF\AppData\Roaming\edxLabs
c:\users\HAF\AppData\Roaming\edxLabs\edxSilkroadLoader\edxSilkroadLoader.ini
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SysWow64\ijl11.dll
c:\windows\SysWow64\muzapp.exe
c:\windows\SysWow64\tmp18B6.tmp
c:\windows\SysWow64\tmp18B7.tmp
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
c:\windows\SysWow64\vbpng1.dll
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_HPSLPSVC
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-10-17 do 2012-11-17 )))))))))))))))))))))))))))))))
.
.
2012-11-17 00:58 . 2012-11-17 11:13 -------- d-----w- c:\users\HAF\AppData\Local\CrashDumps
2012-11-16 10:01 . 2012-10-12 07:19 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F661BC9D-499F-4496-9C11-1BC8EA5D0188}\mpengine.dll
2012-11-14 22:51 . 2012-07-26 07:40 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2012-11-14 22:51 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-14 22:51 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-14 22:51 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-14 22:42 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-14 22:42 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-14 22:42 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-14 22:42 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-14 22:42 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-14 22:42 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-14 22:42 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-14 13:11 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2012-11-14 13:11 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll
2012-11-12 23:52 . 2012-11-12 23:52 -------- d-----w- c:\program files\Microsoft SQL Server
2012-11-12 23:52 . 2012-11-12 23:57 -------- d-----w- c:\program files (x86)\Microsoft SQL Server
2012-11-12 23:48 . 2012-11-12 23:48 -------- d-----w- c:\users\HAF\AppData\Roaming\SpeedyPC Software
2012-11-12 23:48 . 2012-11-12 23:48 -------- d-----w- c:\users\HAF\AppData\Roaming\DriverCure
2012-11-12 23:48 . 2012-11-12 23:59 -------- d-----w- c:\programdata\SpeedyPC Software
2012-10-31 19:14 . 2012-10-31 19:14 -------- d-----w- c:\users\HAF\AppData\Roaming\GameRanger
2012-10-25 16:41 . 2008-07-12 06:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll
2012-10-25 16:41 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll
2012-10-25 16:41 . 2008-07-12 06:18 540688 ----a-w- c:\windows\system32\d3dx10_39.dll
2012-10-25 16:41 . 2008-07-12 06:18 1942552 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2012-10-25 16:41 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2012-10-25 16:41 . 2008-07-12 06:18 4992520 ----a-w- c:\windows\system32\D3DX9_39.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-14 22:42 . 2009-12-19 00:02 66395536 ----a-w- c:\windows\system32\MRT.exe
2012-11-14 13:05 . 2012-04-10 13:11 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-11-14 13:05 . 2011-05-21 06:38 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-28 23:12 . 2009-10-29 18:37 281520 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-10-28 23:12 . 2009-10-25 20:38 281520 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-10-28 23:12 . 2009-10-25 20:38 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-09-29 18:54 . 2010-09-14 07:32 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-14 19:19 . 2012-10-10 12:00 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-10 12:00 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-08-31 18:19 . 2012-10-10 12:00 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-08-30 18:03 . 2012-10-10 12:00 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-30 17:12 . 2012-10-10 12:00 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12 . 2012-10-10 12:00 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-08-24 18:05 . 2012-10-10 12:00 220160 ----a-w- c:\windows\system32\wintrust.dll
2012-08-24 16:57 . 2012-10-10 12:00 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-08-22 18:12 . 2012-09-12 11:50 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-12 11:50 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 11:50 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 21:01 . 2012-09-26 12:04 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-08-21 11:01 . 2012-09-22 10:14 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-08-21 11:01 . 2012-01-02 03:17 125872 ----a-w- c:\windows\system32\GEARAspi64.dll
2012-08-21 11:01 . 2012-01-02 03:17 106928 ----a-w- c:\windows\SysWow64\GEARAspi.dll
2012-08-21 09:13 . 2012-10-04 00:28 359464 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-21 09:13 . 2012-10-04 00:27 969200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:13 . 2012-10-04 00:27 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-08-21 09:13 . 2012-10-04 00:28 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-08-21 09:13 . 2012-10-04 00:27 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-08-21 09:13 . 2012-10-04 00:28 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-21 09:12 . 2012-10-04 00:27 41224 ----a-w- c:\windows\avastSS.scr
2012-08-21 09:12 . 2012-10-04 00:27 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-08-21 09:12 . 2011-01-18 14:27 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-08-20 18:48 . 2012-10-10 12:00 243200 ----a-w- c:\windows\system32\wow64.dll
2012-08-20 18:48 . 2012-10-10 12:00 362496 ----a-w- c:\windows\system32\wow64win.dll
2012-08-20 18:48 . 2012-10-10 12:00 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2012-08-20 18:48 . 2012-10-10 12:00 215040 ----a-w- c:\windows\system32\winsrv.dll
2012-08-20 18:48 . 2012-10-10 12:00 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2012-08-20 18:48 . 2012-10-10 12:00 424448 ----a-w- c:\windows\system32\KernelBase.dll
2012-08-20 18:48 . 2012-10-10 12:00 1162240 ----a-w- c:\windows\system32\kernel32.dll
2012-08-20 18:46 . 2012-10-10 12:00 338432 ----a-w- c:\windows\system32\conhost.exe
2012-08-20 18:38 . 2012-10-10 12:00 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-08-20 17:40 . 2012-10-10 12:00 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2012-08-20 17:38 . 2012-10-10 12:00 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-08-20 17:38 . 2012-10-10 12:00 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2012-08-20 17:37 . 2012-10-10 12:00 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2012-08-20 17:37 . 2012-10-10 12:00 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2012-08-20 17:32 . 2012-10-10 12:00 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2012-08-20 15:38 . 2012-10-10 12:00 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2012-08-20 15:38 . 2012-10-10 12:00 2048 ----a-w- c:\windows\SysWow64\user.exe
2012-08-20 15:33 . 2012-10-10 12:00 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 15:33 . 2012-10-10 12:00 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"avast"="i:\avast\avastUI.exe" [2012-08-21 4282728]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_SZ
.
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-12-03 834544]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2010-12-21 36328]
R3 dump_wmimmc;dump_wmimmc;i:\download chrom\EliteSRO\GameGuard\dump_wmimmc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;i:\gerena\Garena\safedrv.sys [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2009-11-23 16008]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [2011-11-01 12800]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [2011-11-01 171008]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2010-01-22 82816]
R3 Pcouffin64;Low level access layer for CD devices;c:\windows\system32\Drivers\pcouffin64a.sys [2010-11-04 55136]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-06-02 157672]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 177640]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-06-02 146920]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-03 1255736]
R4 UltiDev Cassini Web Server for ASP.NET 2.0;UltiDev Cassini Web Server for ASP.NET 2.0;c:\program files (x86)\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe [2010-08-09 49152]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [2012-03-09 23816]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-05-15 382272]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-11-23 22408]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2010-01-11 1290752]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2012-11-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-10 19:33]
.
2012-11-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-10 19:33]
.
2012-11-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3796291009-1635198926-3344980590-1000Core.job
- c:\users\HAF\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-09 19:33]
.
2012-11-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3796291009-1635198926-3344980590-1000UA.job
- c:\users\HAF\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-09 19:33]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:11 133400 ----a-w- i:\avast\ashShA64.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://webtv.starnet.cz/
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: &NeoTrace It! - i:\downlo~1\NEOTRA~1\NTXcontext.htm
IE: E&xport to Microsoft Excel - i:\micros~1\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: S&end to OneNote - i:\micros~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.2.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
AddRemove-{281F705E-597F-4514-9D0C-76ADC560F5C2}_is1 - k:\hry\L2\system\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_110.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
i:\avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\ezSharedSvcHost.exe
i:\hijackthis\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\ASUS\TurboV EVO\TurboVHELP.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Celkový čas: 2012-11-17 12:27:07 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-11-17 11:27
.
Před spuštěním: Volných bajtů: 226 072 018 944
Po spuštění: Volných bajtů: 225 270 398 976
.
- - End Of File - - F6B68C651336856056B6176AE030CD4E

HAFcool · Příspěvekod **HAFcool** » 17 lis 2012 12:31

12:05:02.0187 3168 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
12:05:02.0267 3168 ============================================================
12:05:02.0267 3168 Current date / time: 2012/11/17 12:05:02.0267
12:05:02.0267 3168 SystemInfo:
12:05:02.0267 3168
12:05:02.0267 3168 OS Version: 6.1.7601 ServicePack: 1.0
12:05:02.0267 3168 Product type: Workstation
12:05:02.0267 3168 ComputerName: HAF-PC
12:05:02.0267 3168 UserName: HAF
12:05:02.0267 3168 Windows directory: C:\Windows
12:05:02.0267 3168 System windows directory: C:\Windows
12:05:02.0267 3168 Running under WOW64
12:05:02.0267 3168 Processor architecture: Intel x64
12:05:02.0267 3168 Number of processors: 4
12:05:02.0267 3168 Page size: 0x1000
12:05:02.0267 3168 Boot type: Normal boot
12:05:02.0267 3168 ============================================================
12:05:03.0178 3168 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:05:03.0188 3168 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:05:03.0213 3168 ============================================================
12:05:03.0213 3168 \Device\Harddisk0\DR0:
12:05:03.0213 3168 MBR partitions:
12:05:03.0213 3168 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2542D800
12:05:03.0213 3168 \Device\Harddisk1\DR1:
12:05:03.0213 3168 MBR partitions:
12:05:03.0213 3168 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
12:05:03.0213 3168 ============================================================
12:05:03.0218 3168 C: <-> \Device\Harddisk0\DR0\Partition1
12:05:03.0263 3168 I: <-> \Device\Harddisk1\DR1\Partition1
12:05:03.0263 3168 ============================================================
12:05:03.0263 3168 Initialize success
12:05:03.0263 3168 ============================================================
12:05:09.0109 3272 ============================================================
12:05:09.0109 3272 Scan started
12:05:09.0109 3272 Mode: Manual;
12:05:09.0109 3272 ============================================================
12:05:09.0594 3272 ================ Scan system memory ========================
12:05:09.0594 3272 System memory - ok
12:05:09.0594 3272 ================ Scan services =============================
12:05:09.0699 3272 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:05:09.0699 3272 1394ohci - ok
12:05:09.0719 3272 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:05:09.0724 3272 ACPI - ok
12:05:09.0734 3272 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:05:09.0739 3272 AcpiPmi - ok
12:05:09.0829 3272 [ B1EA9681502EE57F87DB71D726288A5B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:05:09.0834 3272 AdobeARMservice - ok
12:05:09.0869 3272 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
12:05:09.0879 3272 adp94xx - ok
12:05:09.0899 3272 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
12:05:09.0904 3272 adpahci - ok
12:05:09.0924 3272 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
12:05:09.0929 3272 adpu320 - ok
12:05:09.0954 3272 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:05:09.0959 3272 AeLookupSvc - ok
12:05:10.0009 3272 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
12:05:10.0014 3272 AFD - ok
12:05:10.0034 3272 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:05:10.0034 3272 agp440 - ok
12:05:10.0049 3272 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
12:05:10.0054 3272 ALG - ok
12:05:10.0064 3272 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
12:05:10.0064 3272 aliide - ok
12:05:10.0079 3272 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
12:05:10.0084 3272 amdide - ok
12:05:10.0094 3272 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:05:10.0099 3272 AmdK8 - ok
12:05:10.0109 3272 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:05:10.0109 3272 AmdPPM - ok
12:05:10.0149 3272 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:05:10.0154 3272 amdsata - ok
12:05:10.0174 3272 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
12:05:10.0179 3272 amdsbs - ok
12:05:10.0204 3272 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:05:10.0204 3272 amdxata - ok
12:05:10.0239 3272 [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
12:05:10.0249 3272 androidusb - ok
12:05:10.0304 3272 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
12:05:10.0324 3272 AppID - ok
12:05:10.0379 3272 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:05:10.0399 3272 AppIDSvc - ok
12:05:10.0414 3272 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
12:05:10.0424 3272 Appinfo - ok
12:05:10.0549 3272 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:05:10.0569 3272 Apple Mobile Device - ok
12:05:10.0579 3272 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
12:05:10.0599 3272 arc - ok
12:05:10.0614 3272 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
12:05:10.0634 3272 arcsas - ok
12:05:10.0824 3272 [ 68726474C69B738EAC3A62E06B33ADDC ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
12:05:10.0829 3272 AsIO - ok
12:05:10.0934 3272 [ 55142B4F7A7E4C9C151C6000A6BF7809 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
12:05:10.0934 3272 aswFsBlk - ok
12:05:11.0029 3272 [ AA9FDE3D630160B47DAB21BF8250111C ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
12:05:11.0029 3272 aswMonFlt - ok
12:05:11.0074 3272 [ 2A6675C24DF5159A9506CD13ECE5ABE9 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
12:05:11.0074 3272 aswRdr - ok
12:05:11.0164 3272 [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
12:05:11.0174 3272 aswSnx - ok
12:05:11.0219 3272 [ 9A49D80D65451AF22913AEF772CC3DA9 ] aswSP C:\Windows\system32\drivers\aswSP.sys
12:05:11.0224 3272 aswSP - ok
12:05:11.0249 3272 [ C3EC420451AC5300A22190AE38418FBA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
12:05:11.0249 3272 aswTdi - ok
12:05:11.0279 3272 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:05:11.0299 3272 AsyncMac - ok
12:05:11.0354 3272 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
12:05:11.0354 3272 atapi - ok
12:05:11.0484 3272 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:05:11.0504 3272 AudioEndpointBuilder - ok
12:05:11.0514 3272 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:05:11.0524 3272 AudioSrv - ok
12:05:11.0589 3272 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus I:\AVAST\AvastSvc.exe
12:05:11.0589 3272 avast! Antivirus - ok
12:05:11.0614 3272 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:05:11.0619 3272 AxInstSV - ok
12:05:11.0659 3272 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
12:05:11.0679 3272 b06bdrv - ok
12:05:11.0734 3272 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:05:11.0739 3272 b57nd60a - ok
12:05:11.0784 3272 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
12:05:11.0784 3272 BDESVC - ok
12:05:11.0799 3272 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
12:05:11.0799 3272 Beep - ok
12:05:11.0859 3272 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
12:05:11.0869 3272 BFE - ok
12:05:11.0909 3272 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
12:05:11.0924 3272 BITS - ok
12:05:11.0944 3272 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:05:11.0949 3272 blbdrive - ok
12:05:12.0044 3272 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:05:12.0049 3272 Bonjour Service - ok
12:05:12.0084 3272 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:05:12.0089 3272 bowser - ok
12:05:12.0114 3272 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:05:12.0114 3272 BrFiltLo - ok
12:05:12.0124 3272 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:05:12.0124 3272 BrFiltUp - ok
12:05:12.0169 3272 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
12:05:12.0169 3272 Browser - ok
12:05:12.0189 3272 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:05:12.0194 3272 Brserid - ok
12:05:12.0214 3272 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:05:12.0214 3272 BrSerWdm - ok
12:05:12.0229 3272 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:05:12.0229 3272 BrUsbMdm - ok
12:05:12.0244 3272 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:05:12.0249 3272 BrUsbSer - ok
12:05:12.0254 3272 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:05:12.0259 3272 BTHMODEM - ok
12:05:12.0304 3272 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
12:05:12.0304 3272 bthserv - ok
12:05:12.0314 3272 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:05:12.0319 3272 cdfs - ok
12:05:12.0359 3272 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:05:12.0359 3272 cdrom - ok
12:05:12.0399 3272 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
12:05:12.0399 3272 CertPropSvc - ok
12:05:12.0429 3272 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:05:12.0429 3272 circlass - ok
12:05:12.0464 3272 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
12:05:12.0479 3272 CLFS - ok
12:05:12.0529 3272 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:05:12.0544 3272 clr_optimization_v2.0.50727_32 - ok
12:05:12.0614 3272 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:05:12.0624 3272 clr_optimization_v2.0.50727_64 - ok
12:05:12.0729 3272 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:05:12.0734 3272 clr_optimization_v4.0.30319_32 - ok
12:05:12.0764 3272 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:05:12.0769 3272 clr_optimization_v4.0.30319_64 - ok
12:05:12.0789 3272 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:05:12.0789 3272 CmBatt - ok
12:05:12.0804 3272 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:05:12.0804 3272 cmdide - ok
12:05:12.0839 3272 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
12:05:12.0844 3272 CNG - ok
12:05:12.0854 3272 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:05:12.0854 3272 Compbatt - ok
12:05:12.0889 3272 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:05:12.0889 3272 CompositeBus - ok
12:05:12.0894 3272 COMSysApp - ok
12:05:12.0944 3272 [ C9C25778EFE890BAA4087E32937016A0 ] cpuz132 C:\Windows\system32\drivers\cpuz132_x64.sys
12:05:12.0944 3272 cpuz132 - ok
12:05:12.0984 3272 [ 75DBD5DB9892D7451D0429BEC1AABE1A ] cpuz135 C:\Windows\system32\drivers\cpuz135_x64.sys
12:05:12.0984 3272 cpuz135 - ok
12:05:12.0999 3272 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
12:05:12.0999 3272 crcdisk - ok
12:05:13.0029 3272 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:05:13.0034 3272 CryptSvc - ok
12:05:13.0044 3272 CrystalSysInfo - ok
12:05:13.0094 3272 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:05:13.0114 3272 DcomLaunch - ok
12:05:13.0149 3272 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
12:05:13.0154 3272 defragsvc - ok
12:05:13.0189 3272 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:05:13.0189 3272 DfsC - ok
12:05:13.0234 3272 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
12:05:13.0239 3272 Dhcp - ok
12:05:13.0259 3272 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
12:05:13.0259 3272 discache - ok
12:05:13.0274 3272 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
12:05:13.0274 3272 Disk - ok
12:05:13.0334 3272 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:05:13.0339 3272 Dnscache - ok
12:05:13.0484 3272 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
12:05:13.0494 3272 dot3svc - ok
12:05:13.0524 3272 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
12:05:13.0529 3272 Dot4 - ok
12:05:13.0564 3272 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
12:05:13.0564 3272 Dot4Print - ok
12:05:13.0599 3272 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
12:05:13.0599 3272 dot4usb - ok
12:05:13.0629 3272 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
12:05:13.0634 3272 DPS - ok
12:05:13.0659 3272 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:05:13.0664 3272 drmkaud - ok
12:05:13.0749 3272 dump_wmimmc - ok
12:05:13.0954 3272 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:05:13.0959 3272 DXGKrnl - ok
12:05:13.0984 3272 EagleX64 - ok
12:05:14.0014 3272 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
12:05:14.0024 3272 EapHost - ok
12:05:14.0109 3272 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
12:05:14.0174 3272 ebdrv - ok
12:05:14.0204 3272 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
12:05:14.0204 3272 EFS - ok
12:05:14.0284 3272 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:05:14.0294 3272 ehRecvr - ok
12:05:14.0324 3272 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
12:05:14.0329 3272 ehSched - ok
12:05:14.0374 3272 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
12:05:14.0379 3272 elxstor - ok
12:05:14.0404 3272 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:05:14.0409 3272 ErrDev - ok
12:05:14.0444 3272 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
12:05:14.0449 3272 EventSystem - ok
12:05:14.0489 3272 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
12:05:14.0494 3272 exfat - ok
12:05:14.0509 3272 ezSharedSvc - ok
12:05:14.0529 3272 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:05:14.0534 3272 fastfat - ok
12:05:14.0579 3272 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
12:05:14.0589 3272 Fax - ok
12:05:14.0604 3272 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:05:14.0609 3272 fdc - ok
12:05:14.0624 3272 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
12:05:14.0624 3272 fdPHost - ok
12:05:14.0629 3272 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
12:05:14.0634 3272 FDResPub - ok
12:05:14.0644 3272 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:05:14.0644 3272 FileInfo - ok
12:05:14.0654 3272 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:05:14.0654 3272 Filetrace - ok
12:05:14.0679 3272 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:05:14.0679 3272 flpydisk - ok
12:05:14.0709 3272 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:05:14.0719 3272 FltMgr - ok
12:05:14.0794 3272 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
12:05:14.0804 3272 FontCache - ok
12:05:14.0859 3272 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:05:14.0869 3272 FontCache3.0.0.0 - ok
12:05:14.0884 3272 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:05:14.0889 3272 FsDepends - ok
12:05:14.0919 3272 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
12:05:14.0919 3272 fssfltr - ok
12:05:15.0149 3272 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
12:05:15.0169 3272 fsssvc - ok
12:05:15.0214 3272 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:05:15.0214 3272 Fs_Rec - ok
12:05:15.0254 3272 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:05:15.0259 3272 fvevol - ok
12:05:15.0289 3272 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:05:15.0289 3272 gagp30kx - ok
12:05:15.0334 3272 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:05:15.0334 3272 GEARAspiWDM - ok
12:05:15.0344 3272 GGSAFERDriver - ok
12:05:15.0389 3272 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
12:05:15.0404 3272 gpsvc - ok
12:05:15.0494 3272 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:05:15.0499 3272 gupdate - ok
12:05:15.0519 3272 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:05:15.0524 3272 gupdatem - ok
12:05:15.0539 3272 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:05:15.0544 3272 hcw85cir - ok
12:05:15.0584 3272 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:05:15.0589 3272 HdAudAddService - ok
12:05:15.0609 3272 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:05:15.0609 3272 HDAudBus - ok
12:05:15.0619 3272 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:05:15.0624 3272 HidBatt - ok
12:05:15.0639 3272 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:05:15.0639 3272 HidBth - ok
12:05:15.0664 3272 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:05:15.0664 3272 HidIr - ok
12:05:15.0694 3272 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
12:05:15.0704 3272 hidserv - ok
12:05:15.0719 3272 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:05:15.0719 3272 HidUsb - ok
12:05:15.0754 3272 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:05:15.0764 3272 hkmsvc - ok
12:05:15.0804 3272 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:05:15.0809 3272 HomeGroupListener - ok
12:05:15.0849 3272 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:05:15.0854 3272 HomeGroupProvider - ok
12:05:15.0994 3272 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 I:\CHEAT ENGINE\Digital Imaging\bin\hpqcxs08.dll
12:05:15.0999 3272 hpqcxs08 - ok
12:05:16.0009 3272 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc I:\CHEAT ENGINE\Digital Imaging\bin\hpqddsvc.dll
12:05:16.0014 3272 hpqddsvc - ok
12:05:16.0049 3272 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:05:16.0049 3272 HpSAMD - ok
12:05:16.0304 3272 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Users\HAF\AppData\Local\Temp\7zS464E\hpslpsvc64.dll
12:05:16.0319 3272 HPSLPSVC - ok
12:05:16.0354 3272 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:05:16.0374 3272 HTTP - ok
12:05:16.0414 3272 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:05:16.0414 3272 hwpolicy - ok
12:05:16.0444 3272 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:05:16.0449 3272 i8042prt - ok
12:05:16.0474 3272 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:05:16.0484 3272 iaStorV - ok
12:05:16.0539 3272 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:05:16.0549 3272 idsvc - ok
12:05:16.0579 3272 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:05:16.0579 3272 iirsp - ok
12:05:16.0604 3272 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
12:05:16.0619 3272 IKEEXT - ok
12:05:16.0644 3272 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
12:05:16.0649 3272 intelide - ok
12:05:16.0684 3272 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:05:16.0684 3272 intelppm - ok
12:05:16.0714 3272 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:05:16.0729 3272 IPBusEnum - ok
12:05:16.0769 3272 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:05:16.0769 3272 IpFilterDriver - ok
12:05:16.0804 3272 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:05:16.0819 3272 iphlpsvc - ok
12:05:16.0844 3272 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:05:16.0849 3272 IPMIDRV - ok
12:05:16.0864 3272 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:05:16.0869 3272 IPNAT - ok
12:05:16.0949 3272 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:05:16.0969 3272 iPod Service - ok
12:05:16.0994 3272 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:05:16.0999 3272 IRENUM - ok
12:05:17.0014 3272 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:05:17.0014 3272 isapnp - ok
12:05:17.0049 3272 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:05:17.0054 3272 iScsiPrt - ok
12:05:17.0114 3272 [ 9C6F3F69163133FB8E56AC4A6E163452 ] ISODrive I:\ULTRA ISO\UltraISO\drivers\ISODrv64.sys
12:05:17.0114 3272 ISODrive - ok
12:05:17.0139 3272 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:05:17.0144 3272 kbdclass - ok
12:05:17.0174 3272 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:05:17.0174 3272 kbdhid - ok
12:05:17.0189 3272 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
12:05:17.0189 3272 KeyIso - ok
12:05:17.0219 3272 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:05:17.0224 3272 KSecDD - ok
12:05:17.0254 3272 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:05:17.0259 3272 KSecPkg - ok
12:05:17.0269 3272 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:05:17.0269 3272 ksthunk - ok
12:05:17.0304 3272 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
12:05:17.0309 3272 KtmRm - ok
12:05:17.0339 3272 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:05:17.0349 3272 LanmanServer - ok
12:05:17.0379 3272 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:05:17.0384 3272 LanmanWorkstation - ok
12:05:17.0414 3272 [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
12:05:17.0414 3272 LGBusEnum - ok
12:05:17.0439 3272 [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
12:05:17.0444 3272 LGVirHid - ok
12:05:17.0464 3272 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:05:17.0469 3272 lltdio - ok
12:05:17.0519 3272 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:05:17.0524 3272 lltdsvc - ok
12:05:17.0544 3272 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:05:17.0549 3272 lmhosts - ok
12:05:17.0579 3272 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
12:05:17.0579 3272 LSI_FC - ok
12:05:17.0599 3272 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
12:05:17.0604 3272 LSI_SAS - ok
12:05:17.0619 3272 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:05:17.0624 3272 LSI_SAS2 - ok
12:05:17.0634 3272 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:05:17.0639 3272 LSI_SCSI - ok
12:05:17.0654 3272 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
12:05:17.0654 3272 luafv - ok
12:05:17.0704 3272 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
12:05:17.0704 3272 MBAMProtector - ok
12:05:17.0774 3272 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler I:\HIJACKTHIS\Malwarebytes' Anti-Malware\mbamscheduler.exe
12:05:17.0779 3272 MBAMScheduler - ok
12:05:17.0924 3272 [ 056B19651BD7B7CE5F89A3AC46DBDC08 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
12:05:17.0934 3272 MBAMService - ok
12:05:17.0969 3272 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:05:17.0974 3272 Mcx2Svc - ok
12:05:17.0994 3272 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
12:05:17.0999 3272 megasas - ok
12:05:18.0019 3272 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
12:05:18.0024 3272 MegaSR - ok
12:05:18.0114 3272 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
12:05:18.0114 3272 Microsoft Office Groove Audit Service - ok
12:05:18.0149 3272 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
12:05:18.0154 3272 MMCSS - ok
12:05:18.0164 3272 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
12:05:18.0169 3272 Modem - ok
12:05:18.0214 3272 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:05:18.0214 3272 monitor - ok
12:05:18.0234 3272 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:05:18.0234 3272 mouclass - ok
12:05:18.0244 3272 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:05:18.0244 3272 mouhid - ok
12:05:18.0284 3272 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:05:18.0294 3272 mountmgr - ok
12:05:18.0324 3272 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
12:05:18.0324 3272 mpio - ok
12:05:18.0354 3272 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:05:18.0354 3272 mpsdrv - ok
12:05:18.0415 3272 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:05:18.0430 3272 MpsSvc - ok
12:05:18.0455 3272 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:05:18.0460 3272 MRxDAV - ok
12:05:18.0490 3272 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:05:18.0490 3272 mrxsmb - ok
12:05:18.0540 3272 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:05:18.0545 3272 mrxsmb10 - ok
12:05:18.0575 3272 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:05:18.0575 3272 mrxsmb20 - ok
12:05:18.0605 3272 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
12:05:18.0610 3272 msahci - ok
12:05:18.0620 3272 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:05:18.0625 3272 msdsm - ok
12:05:18.0650 3272 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
12:05:18.0655 3272 MSDTC - ok
12:05:18.0680 3272 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:05:18.0680 3272 Msfs - ok
12:05:18.0705 3272 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:05:18.0705 3272 mshidkmdf - ok
12:05:18.0735 3272 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:05:18.0735 3272 msisadrv - ok
12:05:18.0760 3272 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:05:18.0765 3272 MSiSCSI - ok
12:05:18.0770 3272 msiserver - ok
12:05:18.0795 3272 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:05:18.0795 3272 MSKSSRV - ok
12:05:18.0820 3272 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:05:18.0825 3272 MSPCLOCK - ok
12:05:18.0825 3272 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:05:18.0830 3272 MSPQM - ok
12:05:18.0895 3272 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:05:18.0900 3272 MsRPC - ok
12:05:18.0925 3272 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:05:18.0930 3272 mssmbios - ok
12:05:18.0940 3272 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:05:18.0940 3272 MSTEE - ok
12:05:18.0955 3272 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
12:05:18.0955 3272 MTConfig - ok
12:05:18.0970 3272 [ 2219A3D695405E7BA2186BA6B9EDE14A ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
12:05:18.0970 3272 MTsensor - ok
12:05:18.0985 3272 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
12:05:18.0990 3272 Mup - ok
12:05:19.0055 3272 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
12:05:19.0075 3272 napagent - ok
12:05:19.0130 3272 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:05:19.0135 3272 NativeWifiP - ok
12:05:19.0190 3272 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:05:19.0205 3272 NDIS - ok
12:05:19.0220 3272 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:05:19.0225 3272 NdisCap - ok
12:05:19.0235 3272 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:05:19.0235 3272 NdisTapi - ok
12:05:19.0270 3272 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:05:19.0270 3272 Ndisuio - ok
12:05:19.0330 3272 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:05:19.0335 3272 NdisWan - ok
12:05:19.0370 3272 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:05:19.0375 3272 NDProxy - ok
12:05:19.0415 3272 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
12:05:19.0420 3272 Net Driver HPZ12 - ok
12:05:19.0425 3272 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:05:19.0430 3272 NetBIOS - ok
12:05:19.0460 3272 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:05:19.0465 3272 NetBT - ok
12:05:19.0470 3272 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
12:05:19.0470 3272 Netlogon - ok
12:05:19.0510 3272 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
12:05:19.0525 3272 Netman - ok
12:05:19.0555 3272 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
12:05:19.0565 3272 netprofm - ok
12:05:19.0615 3272 [ 26672F93749AC9FD28DA1B0F94EFA78D ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
12:05:19.0625 3272 netr28ux - ok
12:05:19.0660 3272 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:05:19.0665 3272 NetTcpPortSharing - ok
12:05:19.0695 3272 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
12:05:19.0695 3272 nfrd960 - ok
12:05:19.0740 3272 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:05:19.0750 3272 NlaSvc - ok
12:05:19.0785 3272 [ 5FE6F8C05F0769BBB74AFAC11453B182 ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys
12:05:19.0785 3272 nmwcd - ok
12:05:19.0820 3272 [ 73C929945C0850B8D1FE2FEA05FDF05D ] nmwcdc C:\Windows\system32\drivers\ccdcmbox64.sys
12:05:19.0825 3272 nmwcdc - ok
12:05:19.0850 3272 [ 697CA586209E022D15DD0C838B235D6A ] nmwcdnsucx64 C:\Windows\system32\drivers\nmwcdnsucx64.sys
12:05:19.0850 3272 nmwcdnsucx64 - ok
12:05:19.0875 3272 [ 292DDF13F91F2CB2482B57AACD6AEB9B ] nmwcdnsux64 C:\Windows\system32\drivers\nmwcdnsux64.sys
12:05:19.0880 3272 nmwcdnsux64 - ok
12:05:19.0890 3272 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:05:19.0895 3272 Npfs - ok
12:05:19.0905 3272 npggsvc - ok
12:05:19.0920 3272 NPPTNT2 - ok
12:05:19.0960 3272 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
12:05:19.0965 3272 nsi - ok
12:05:19.0975 3272 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:05:19.0975 3272 nsiproxy - ok
12:05:20.0155 3272 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:05:20.0180 3272 Ntfs - ok
12:05:20.0215 3272 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
12:05:20.0220 3272 Null - ok
12:05:20.0255 3272 [ 102806B360D0E6BC6E55BF47EF655D43 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
12:05:20.0255 3272 NVHDA - ok
12:05:20.0630 3272 [ BA0B4889C40380A01ECDF84C227A89C9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:05:20.0685 3272 nvlddmkm - ok
12:05:20.0740 3272 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:05:20.0745 3272 nvraid - ok
12:05:20.0780 3272 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:05:20.0780 3272 nvstor - ok
12:05:20.0835 3272 [ 06633CF95BEA62164C3BFCA24BCE6B11 ] nvsvc C:\Windows\system32\nvvsvc.exe
12:05:20.0850 3272 nvsvc - ok
12:05:20.0930 3272 [ 53B629CE436B110C5689C2F6439E567B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
12:05:20.0950 3272 nvUpdatusService - ok
12:05:20.0995 3272 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:05:21.0000 3272 nv_agp - ok
12:05:21.0095 3272 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:05:21.0100 3272 odserv - ok
12:05:21.0135 3272 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:05:21.0135 3272 ohci1394 - ok
12:05:21.0185 3272 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:05:21.0185 3272 ose - ok
12:05:21.0225 3272 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:05:21.0235 3272 p2pimsvc - ok
12:05:21.0265 3272 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
12:05:21.0275 3272 p2psvc - ok
12:05:21.0305 3272 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:05:21.0310 3272 Parport - ok
12:05:21.0345 3272 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:05:21.0345 3272 partmgr - ok
12:05:21.0355 3272 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:05:21.0365 3272 PcaSvc - ok
12:05:21.0405 3272 [ BC0018C2D29F655188A0ED3FA94FDB24 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
12:05:21.0405 3272 pccsmcfd - ok
12:05:21.0460 3272 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
12:05:21.0465 3272 pci - ok
12:05:21.0500 3272 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
12:05:21.0500 3272 pciide - ok
12:05:21.0520 3272 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:05:21.0525 3272 pcmcia - ok
12:05:21.0565 3272 [ AF7CE12C4F3DC8CB2B07685C916BBCFE ] pcouffin C:\Windows\system32\Drivers\pcouffin.sys
12:05:21.0565 3272 pcouffin - ok
12:05:21.0600 3272 [ 8B45FC1EB90119D9EF46B46A89864189 ] Pcouffin64 C:\Windows\system32\Drivers\pcouffin64a.sys
12:05:21.0600 3272 Pcouffin64 - ok
12:05:21.0615 3272 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
12:05:21.0615 3272 pcw - ok
12:05:21.0635 3272 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:05:21.0645 3272 PEAUTH - ok
12:05:21.0745 3272 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:05:21.0750 3272 PerfHost - ok
12:05:21.0815 3272 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
12:05:21.0850 3272 pla - ok
12:05:21.0900 3272 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:05:21.0925 3272 PlugPlay - ok
12:05:21.0965 3272 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
12:05:21.0980 3272 Pml Driver HPZ12 - ok
12:05:22.0000 3272 PnkBstrA - ok
12:05:22.0025 3272 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:05:22.0030 3272 PNRPAutoReg - ok
12:05:22.0050 3272 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:05:22.0055 3272 PNRPsvc - ok
12:05:22.0105 3272 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:05:22.0110 3272 PolicyAgent - ok
12:05:22.0145 3272 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
12:05:22.0155 3272 Power - ok
12:05:22.0180 3272 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:05:22.0185 3272 PptpMiniport - ok
12:05:22.0195 3272 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
12:05:22.0200 3272 Processor - ok
12:05:22.0230 3272 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
12:05:22.0235 3272 ProfSvc - ok
12:05:22.0245 3272 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:05:22.0250 3272 ProtectedStorage - ok
12:05:22.0285 3272 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:05:22.0290 3272 Psched - ok
12:05:22.0375 3272 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
12:05:22.0425 3272 ql2300 - ok
12:05:22.0440 3272 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
12:05:22.0445 3272 ql40xx - ok
12:05:22.0470 3272 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
12:05:22.0480 3272 QWAVE - ok
12:05:22.0490 3272 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:05:22.0495 3272 QWAVEdrv - ok
12:05:22.0505 3272 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:05:22.0505 3272 RasAcd - ok
12:05:22.0535 3272 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:05:22.0540 3272 RasAgileVpn - ok
12:05:22.0545 3272 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
12:05:22.0550 3272 RasAuto - ok
12:05:22.0585 3272 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:05:22.0600 3272 Rasl2tp - ok
12:05:22.0640 3272 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
12:05:22.0645 3272 RasMan - ok
12:05:22.0660 3272 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:05:22.0670 3272 RasPppoe - ok
12:05:22.0675 3272 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:05:22.0680 3272 RasSstp - ok
12:05:22.0715 3272 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

HAFcool · Příspěvekod **HAFcool** » 17 lis 2012 12:31

12:05:22.0720 3272 rdbss - ok
12:05:22.0735 3272 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:05:22.0735 3272 rdpbus - ok
12:05:22.0745 3272 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:05:22.0750 3272 RDPCDD - ok
12:05:22.0765 3272 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:05:22.0765 3272 RDPENCDD - ok
12:05:22.0795 3272 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:05:22.0800 3272 RDPREFMP - ok
12:05:22.0830 3272 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:05:22.0830 3272 RDPWD - ok
12:05:22.0875 3272 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:05:22.0880 3272 rdyboost - ok
12:05:22.0910 3272 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:05:22.0920 3272 RemoteAccess - ok
12:05:22.0930 3272 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:05:22.0940 3272 RemoteRegistry - ok
12:05:22.0970 3272 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:05:22.0975 3272 RpcEptMapper - ok
12:05:23.0005 3272 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
12:05:23.0005 3272 RpcLocator - ok
12:05:23.0050 3272 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
12:05:23.0060 3272 RpcSs - ok
12:05:23.0075 3272 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:05:23.0075 3272 rspndr - ok
12:05:23.0125 3272 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
12:05:23.0130 3272 RTL8167 - ok
12:05:23.0135 3272 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
12:05:23.0140 3272 SamSs - ok
12:05:23.0170 3272 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:05:23.0180 3272 sbp2port - ok
12:05:23.0195 3272 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:05:23.0205 3272 SCardSvr - ok
12:05:23.0240 3272 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:05:23.0240 3272 scfilter - ok
12:05:23.0300 3272 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
12:05:23.0320 3272 Schedule - ok
12:05:23.0355 3272 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
12:05:23.0355 3272 SCPolicySvc - ok
12:05:23.0400 3272 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:05:23.0420 3272 SDRSVC - ok
12:05:23.0440 3272 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:05:23.0440 3272 secdrv - ok
12:05:23.0460 3272 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
12:05:23.0465 3272 seclogon - ok
12:05:23.0505 3272 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
12:05:23.0510 3272 SENS - ok
12:05:23.0520 3272 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:05:23.0525 3272 SensrSvc - ok
12:05:23.0545 3272 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:05:23.0545 3272 Serenum - ok
12:05:23.0560 3272 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:05:23.0565 3272 Serial - ok
12:05:23.0605 3272 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
12:05:23.0605 3272 sermouse - ok
12:05:23.0760 3272 [ F31E9531AF225CA25350D5E87E999B31 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
12:05:23.0770 3272 ServiceLayer - ok
12:05:23.0810 3272 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
12:05:23.0815 3272 SessionEnv - ok
12:05:23.0845 3272 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:05:23.0850 3272 sffdisk - ok
12:05:23.0860 3272 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:05:23.0860 3272 sffp_mmc - ok
12:05:23.0875 3272 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:05:23.0875 3272 sffp_sd - ok
12:05:23.0890 3272 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:05:23.0890 3272 sfloppy - ok
12:05:23.0925 3272 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:05:23.0930 3272 SharedAccess - ok
12:05:23.0960 3272 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:05:23.0975 3272 ShellHWDetection - ok
12:05:23.0995 3272 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:05:23.0995 3272 SiSRaid2 - ok
12:05:24.0010 3272 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
12:05:24.0015 3272 SiSRaid4 - ok
12:05:24.0050 3272 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:05:24.0050 3272 SkypeUpdate - ok
12:05:24.0075 3272 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:05:24.0075 3272 Smb - ok
12:05:24.0105 3272 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:05:24.0110 3272 SNMPTRAP - ok
12:05:24.0120 3272 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
12:05:24.0125 3272 spldr - ok
12:05:24.0220 3272 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
12:05:24.0235 3272 Spooler - ok
12:05:24.0325 3272 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
12:05:24.0415 3272 sppsvc - ok
12:05:24.0430 3272 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:05:24.0430 3272 sppuinotify - ok
12:05:24.0495 3272 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\system32\Drivers\sptd.sys
12:05:24.0505 3272 sptd - ok
12:05:24.0540 3272 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
12:05:24.0545 3272 srv - ok
12:05:24.0570 3272 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:05:24.0580 3272 srv2 - ok
12:05:24.0590 3272 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:05:24.0595 3272 srvnet - ok
12:05:24.0645 3272 [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
12:05:24.0650 3272 ssadbus - ok
12:05:24.0705 3272 [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
12:05:24.0705 3272 ssadmdfl - ok
12:05:24.0735 3272 [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
12:05:24.0740 3272 ssadmdm - ok
12:05:24.0770 3272 [ D33D1BD3EC0E766211A234F56A12726D ] ssadserd C:\Windows\system32\DRIVERS\ssadserd.sys
12:05:24.0775 3272 ssadserd - ok
12:05:24.0800 3272 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:05:24.0810 3272 SSDPSRV - ok
12:05:24.0820 3272 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:05:24.0825 3272 SstpSvc - ok
12:05:24.0855 3272 Steam Client Service - ok
12:05:24.0935 3272 [ C354621B6B94E10AE7F5CDBE745FEB86 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
12:05:24.0940 3272 Stereo Service - ok
12:05:24.0975 3272 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
12:05:24.0985 3272 stexstor - ok
12:05:25.0045 3272 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
12:05:25.0060 3272 stisvc - ok
12:05:25.0090 3272 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
12:05:25.0090 3272 swenum - ok
12:05:25.0110 3272 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
12:05:25.0120 3272 swprv - ok
12:05:25.0215 3272 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
12:05:25.0250 3272 SysMain - ok
12:05:25.0285 3272 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:05:25.0290 3272 TabletInputService - ok
12:05:25.0330 3272 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
12:05:25.0340 3272 TapiSrv - ok
12:05:25.0370 3272 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
12:05:25.0375 3272 TBS - ok
12:05:25.0455 3272 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:05:25.0500 3272 Tcpip - ok
12:05:25.0535 3272 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:05:25.0545 3272 TCPIP6 - ok
12:05:25.0575 3272 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:05:25.0575 3272 tcpipreg - ok
12:05:25.0585 3272 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:05:25.0585 3272 TDPIPE - ok
12:05:25.0615 3272 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:05:25.0615 3272 TDTCP - ok
12:05:25.0650 3272 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:05:25.0655 3272 tdx - ok
12:05:25.0675 3272 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
12:05:25.0680 3272 TermDD - ok
12:05:25.0720 3272 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
12:05:25.0730 3272 TermService - ok
12:05:25.0740 3272 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
12:05:25.0745 3272 Themes - ok
12:05:25.0775 3272 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
12:05:25.0775 3272 THREADORDER - ok
12:05:25.0785 3272 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
12:05:25.0795 3272 TrkWks - ok
12:05:25.0855 3272 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:05:25.0855 3272 TrustedInstaller - ok
12:05:25.0890 3272 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:05:25.0905 3272 tssecsrv - ok
12:05:25.0950 3272 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:05:25.0955 3272 TsUsbFlt - ok
12:05:25.0995 3272 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:05:26.0000 3272 tunnel - ok
12:05:26.0015 3272 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
12:05:26.0020 3272 uagp35 - ok
12:05:26.0035 3272 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:05:26.0045 3272 udfs - ok
12:05:26.0070 3272 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:05:26.0075 3272 UI0Detect - ok
12:05:26.0105 3272 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:05:26.0105 3272 uliagpkx - ok
12:05:26.0165 3272 [ 3B7E264485F361EA5A65FEEF89F2352F ] UltiDev Cassini Web Server for ASP.NET 2.0 C:\Program Files (x86)\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe
12:05:26.0165 3272 UltiDev Cassini Web Server for ASP.NET 2.0 - ok
12:05:26.0195 3272 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
12:05:26.0195 3272 umbus - ok
12:05:26.0215 3272 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:05:26.0215 3272 UmPass - ok
12:05:26.0235 3272 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
12:05:26.0245 3272 upnphost - ok
12:05:26.0275 3272 [ 34AFB83C7BBA370E404E52CC2290350C ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
12:05:26.0290 3272 upperdev - ok
12:05:26.0325 3272 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
12:05:26.0330 3272 USBAAPL64 - ok
12:05:26.0370 3272 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
12:05:26.0370 3272 usbaudio - ok
12:05:26.0410 3272 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:05:26.0410 3272 usbccgp - ok
12:05:26.0440 3272 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:05:26.0450 3272 usbcir - ok
12:05:26.0485 3272 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:05:26.0485 3272 usbehci - ok
12:05:26.0525 3272 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:05:26.0540 3272 usbhub - ok
12:05:26.0560 3272 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
12:05:26.0560 3272 usbohci - ok
12:05:26.0580 3272 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:05:26.0580 3272 usbprint - ok
12:05:26.0610 3272 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:05:26.0625 3272 usbscan - ok
12:05:26.0650 3272 [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser C:\Windows\system32\drivers\usbser.sys
12:05:26.0655 3272 usbser - ok
12:05:26.0710 3272 [ AA75E1EFBEE7186B4CBAAACF1F15E6CA ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
12:05:26.0710 3272 UsbserFilt - ok
12:05:26.0735 3272 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:05:26.0735 3272 USBSTOR - ok
12:05:26.0770 3272 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
12:05:26.0770 3272 usbuhci - ok
12:05:26.0825 3272 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
12:05:26.0825 3272 usb_rndisx - ok
12:05:26.0835 3272 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
12:05:26.0845 3272 UxSms - ok
12:05:26.0855 3272 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
12:05:26.0855 3272 VaultSvc - ok
12:05:26.0860 3272 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:05:26.0865 3272 vdrvroot - ok
12:05:26.0900 3272 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
12:05:26.0915 3272 vds - ok
12:05:26.0925 3272 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:05:26.0925 3272 vga - ok
12:05:26.0940 3272 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
12:05:26.0945 3272 VgaSave - ok
12:05:26.0965 3272 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:05:26.0970 3272 vhdmp - ok
12:05:27.0030 3272 [ 712BFD5DAC2668FBA4A2435FB06C3D00 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
12:05:27.0055 3272 VIAHdAudAddService - ok
12:05:27.0080 3272 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
12:05:27.0085 3272 viaide - ok
12:05:27.0110 3272 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:05:27.0110 3272 volmgr - ok
12:05:27.0175 3272 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:05:27.0180 3272 volmgrx - ok
12:05:27.0215 3272 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:05:27.0220 3272 volsnap - ok
12:05:27.0245 3272 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:05:27.0250 3272 vsmraid - ok
12:05:27.0300 3272 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
12:05:27.0335 3272 VSS - ok
12:05:27.0375 3272 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:05:27.0385 3272 vwifibus - ok
12:05:27.0400 3272 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:05:27.0400 3272 vwififlt - ok
12:05:27.0445 3272 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
12:05:27.0460 3272 W32Time - ok
12:05:27.0475 3272 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:05:27.0480 3272 WacomPen - ok
12:05:27.0510 3272 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:05:27.0515 3272 WANARP - ok
12:05:27.0515 3272 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:05:27.0520 3272 Wanarpv6 - ok
12:05:27.0590 3272 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:05:27.0615 3272 WatAdminSvc - ok
12:05:27.0685 3272 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
12:05:27.0720 3272 wbengine - ok
12:05:27.0730 3272 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:05:27.0735 3272 WbioSrvc - ok
12:05:27.0765 3272 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:05:27.0775 3272 wcncsvc - ok
12:05:27.0780 3272 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:05:27.0785 3272 WcsPlugInService - ok
12:05:27.0800 3272 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:05:27.0805 3272 Wd - ok
12:05:27.0845 3272 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:05:27.0855 3272 Wdf01000 - ok
12:05:27.0875 3272 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:05:27.0895 3272 WdiServiceHost - ok
12:05:27.0900 3272 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:05:27.0900 3272 WdiSystemHost - ok
12:05:27.0930 3272 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
12:05:27.0935 3272 WebClient - ok
12:05:27.0950 3272 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:05:27.0960 3272 Wecsvc - ok
12:05:27.0965 3272 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:05:27.0970 3272 wercplsupport - ok
12:05:27.0995 3272 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
12:05:28.0000 3272 WerSvc - ok
12:05:28.0010 3272 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:05:28.0015 3272 WfpLwf - ok
12:05:28.0025 3272 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:05:28.0025 3272 WIMMount - ok
12:05:28.0035 3272 WinDefend - ok
12:05:28.0040 3272 WinHttpAutoProxySvc - ok
12:05:28.0105 3272 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:05:28.0120 3272 Winmgmt - ok
12:05:28.0170 3272 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
12:05:28.0210 3272 WinRM - ok
12:05:28.0250 3272 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:05:28.0255 3272 WinUsb - ok
12:05:28.0290 3272 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
12:05:28.0305 3272 Wlansvc - ok
12:05:28.0410 3272 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:05:28.0415 3272 wlcrasvc - ok
12:05:28.0590 3272 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:05:28.0625 3272 wlidsvc - ok
12:05:28.0665 3272 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:05:28.0670 3272 WmiAcpi - ok
12:05:28.0730 3272 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:05:28.0735 3272 wmiApSrv - ok
12:05:28.0750 3272 WMPNetworkSvc - ok
12:05:28.0775 3272 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:05:28.0780 3272 WPCSvc - ok
12:05:28.0805 3272 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:05:28.0810 3272 WPDBusEnum - ok
12:05:28.0845 3272 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:05:28.0850 3272 ws2ifsl - ok
12:05:28.0865 3272 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
12:05:28.0870 3272 wscsvc - ok
12:05:28.0875 3272 WSearch - ok
12:05:28.0950 3272 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
12:05:28.0965 3272 wuauserv - ok
12:05:29.0005 3272 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:05:29.0010 3272 WudfPf - ok
12:05:29.0035 3272 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:05:29.0040 3272 WUDFRd - ok
12:05:29.0070 3272 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:05:29.0075 3272 wudfsvc - ok
12:05:29.0105 3272 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
12:05:29.0115 3272 WwanSvc - ok
12:05:29.0145 3272 ================ Scan global ===============================
12:05:29.0170 3272 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
12:05:29.0205 3272 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
12:05:29.0215 3272 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
12:05:29.0250 3272 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
12:05:29.0285 3272 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
12:05:29.0295 3272 [Global] - ok
12:05:29.0295 3272 ================ Scan MBR ==================================
12:05:29.0300 3272 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:05:29.0950 3272 \Device\Harddisk0\DR0 - ok
12:05:29.0960 3272 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk1\DR1
12:05:29.0965 3272 \Device\Harddisk1\DR1 - ok
12:05:29.0965 3272 ================ Scan VBR ==================================
12:05:29.0985 3272 [ 2EC918D78019893510777D3E77DD89C2 ] \Device\Harddisk0\DR0\Partition1
12:05:29.0985 3272 \Device\Harddisk0\DR0\Partition1 - ok
12:05:29.0990 3272 [ BF4CCC966F693C57F8CA9EAA18062AA4 ] \Device\Harddisk1\DR1\Partition1
12:05:29.0990 3272 \Device\Harddisk1\DR1\Partition1 - ok
12:05:29.0995 3272 ============================================================
12:05:29.0995 3272 Scan finished
12:05:29.0995 3272 ============================================================
12:05:30.0005 3576 Detected object count: 0
12:05:30.0005 3576 Actual detected object count: 0
12:09:30.0299 4028 Deinitialize success

Příspěvekod **Žbeky** » 18 lis 2012 14:09

Používáš Garenu? Jestli ne, tak ji odinstaluj

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::

Folder::
c:\users\HAF\AppData\Roaming\SpeedyPC Software
c:\users\HAF\AppData\Roaming\DriverCure
c:\programdata\SpeedyPC Software
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Google\Update
c:\users\HAF\AppData\Local\Google\Update

File::
c:\windows\system32\drivers\EagleX64.sys
c:\windows\system32\GameMon.des
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3796291009-1635198926-3344980590-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3796291009-1635198926-3344980590-1000UA.job

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"=-
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]

Driver::
SkypeUpdate
EagleX64
npggsvc

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

RegNull::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

Toto otestuj na Virustotal
c:\windows\SysWow64\instnm.exe
c:\windows\SysWow64\user.exe

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/40 , nebo 1/40. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

HAFcool · Příspěvekod **HAFcool** » 18 lis 2012 15:51

ComboFix 12-11-16.02 - HAF 18.11.2012 15:34:57.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4094.2835 [GMT 1:00]
Spuštěný z: c:\users\HAF\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\HAF\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\drivers\EagleX64.sys"
"c:\windows\system32\GameMon.des"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3796291009-1635198926-3344980590-1000Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3796291009-1635198926-3344980590-1000UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.21.123\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.21.123\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.21.123\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.21.123\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.21.123\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.21.123\goopdate.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.21.123\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.21.123\psmachine.dll
c:\program files (x86)\Google\Update\1.3.21.123\psuser.dll
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.125\GoogleUpdateB6998767.exe
c:\program files (x86)\Google\Update\Download\{EF0763A4-C240-4CED-BB3A-58E6BCAF6181}\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\programdata\SpeedyPC Software
c:\users\HAF\AppData\Local\Google\Update
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\GoogleUpdate.exe
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\GoogleUpdateBroker.exe
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\GoogleUpdateHelper.msi
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\GoogleUpdateOnDemand.exe
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\GoogleUpdateSetup.exe
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdate.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_am.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_ar.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_bg.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_bn.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_ca.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_cs.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_da.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_de.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_el.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_en-GB.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_en.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_es-419.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_es.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_et.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_fa.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_fi.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_fil.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_fr.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_gu.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_hi.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_hr.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_hu.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_id.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_is.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_it.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_iw.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_ja.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_kn.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_ko.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_lt.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_lv.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_ml.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_mr.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_ms.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_nl.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_no.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_pl.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_pt-BR.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_pt-PT.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_ro.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_ru.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_sk.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_sl.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_sr.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_sv.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_sw.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_ta.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_te.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_th.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_tr.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_uk.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_ur.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_vi.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_zh-CN.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\goopdateres_zh-TW.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\psmachine.dll
c:\users\HAF\AppData\Local\Google\Update\1.3.21.123\psuser.dll
c:\users\HAF\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.125\GoogleUpdateB6998767.exe
c:\users\HAF\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\23.0.1271.64\23.0.1271.64_22.0.1229.94_chrome_updater.exe
c:\users\HAF\AppData\Local\Google\Update\Download\{D054AD20-81A3-4B89-9701-FFFC7A1CBEDE}\GoogleUpdateSetup.exe
c:\users\HAF\AppData\Local\Google\Update\GoogleUpdate.exe
c:\users\HAF\AppData\Roaming\DriverCure
c:\users\HAF\AppData\Roaming\DriverCure\LogFile.txt
c:\users\HAF\AppData\Roaming\SpeedyPC Software
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3796291009-1635198926-3344980590-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3796291009-1635198926-3344980590-1000UA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_EAGLEX64
-------\Service_EagleX64
-------\Service_npggsvc
-------\Service_SkypeUpdate
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-10-18 do 2012-11-18 )))))))))))))))))))))))))))))))
.
.
2012-11-18 14:40 . 2012-11-18 14:40 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-11-18 14:40 . 2012-11-18 14:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-18 13:51 . 2012-11-18 13:51 -------- d-----w- c:\users\HAF\AppData\Local\Adobe
2012-11-17 16:33 . 2012-11-17 16:33 -------- d-----w- c:\users\HAF\AppData\Local\Activision
2012-11-17 00:58 . 2012-11-17 14:32 -------- d-----w- c:\users\HAF\AppData\Local\CrashDumps
2012-11-16 10:01 . 2012-10-12 07:19 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{F661BC9D-499F-4496-9C11-1BC8EA5D0188}\mpengine.dll
2012-11-14 22:51 . 2012-07-26 07:40 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2012-11-14 22:51 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-14 22:51 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-14 22:51 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-14 22:42 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-14 22:42 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-14 22:42 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-14 22:42 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-14 22:42 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-14 22:42 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-14 22:42 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-14 13:11 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2012-11-14 13:11 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll
2012-11-12 23:52 . 2012-11-12 23:52 -------- d-----w- c:\program files\Microsoft SQL Server
2012-11-12 23:52 . 2012-11-12 23:57 -------- d-----w- c:\program files (x86)\Microsoft SQL Server
2012-10-31 19:14 . 2012-10-31 19:14 -------- d-----w- c:\users\HAF\AppData\Roaming\GameRanger
2012-10-25 16:41 . 2008-07-12 06:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll
2012-10-25 16:41 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll
2012-10-25 16:41 . 2008-07-12 06:18 540688 ----a-w- c:\windows\system32\d3dx10_39.dll
2012-10-25 16:41 . 2008-07-12 06:18 1942552 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2012-10-25 16:41 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2012-10-25 16:41 . 2008-07-12 06:18 4992520 ----a-w- c:\windows\system32\D3DX9_39.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-17 14:58 . 2009-10-29 18:37 281520 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-11-17 14:58 . 2009-10-25 20:38 281520 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-11-17 14:58 . 2009-10-25 20:38 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-11-14 22:42 . 2009-12-19 00:02 66395536 ----a-w- c:\windows\system32\MRT.exe
2012-11-14 13:05 . 2012-04-10 13:11 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-11-14 13:05 . 2011-05-21 06:38 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-29 18:54 . 2010-09-14 07:32 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-14 19:19 . 2012-10-10 12:00 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-10 12:00 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-08-31 18:19 . 2012-10-10 12:00 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-08-30 18:03 . 2012-10-10 12:00 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-30 17:12 . 2012-10-10 12:00 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12 . 2012-10-10 12:00 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-08-24 18:05 . 2012-10-10 12:00 220160 ----a-w- c:\windows\system32\wintrust.dll
2012-08-24 16:57 . 2012-10-10 12:00 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-08-22 18:12 . 2012-09-12 11:50 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-12 11:50 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 11:50 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 21:01 . 2012-09-26 12:04 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-08-21 11:01 . 2012-09-22 10:14 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-08-21 11:01 . 2012-01-02 03:17 125872 ----a-w- c:\windows\system32\GEARAspi64.dll
2012-08-21 11:01 . 2012-01-02 03:17 106928 ----a-w- c:\windows\SysWow64\GEARAspi.dll
2012-08-21 09:13 . 2012-10-04 00:28 359464 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-21 09:13 . 2012-10-04 00:27 969200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:13 . 2012-10-04 00:27 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-08-21 09:13 . 2012-10-04 00:28 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-08-21 09:13 . 2012-10-04 00:27 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-08-21 09:13 . 2012-10-04 00:28 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-21 09:12 . 2012-10-04 00:27 41224 ----a-w- c:\windows\avastSS.scr
2012-08-21 09:12 . 2012-10-04 00:27 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-08-21 09:12 . 2011-01-18 14:27 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-08-20 18:48 . 2012-10-10 12:00 243200 ----a-w- c:\windows\system32\wow64.dll
2012-08-20 18:48 . 2012-10-10 12:00 362496 ----a-w- c:\windows\system32\wow64win.dll
2012-08-20 18:48 . 2012-10-10 12:00 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2012-08-20 18:48 . 2012-10-10 12:00 215040 ----a-w- c:\windows\system32\winsrv.dll
2012-08-20 18:48 . 2012-10-10 12:00 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2012-08-20 18:48 . 2012-10-10 12:00 424448 ----a-w- c:\windows\system32\KernelBase.dll
2012-08-20 18:48 . 2012-10-10 12:00 1162240 ----a-w- c:\windows\system32\kernel32.dll
2012-08-20 18:46 . 2012-10-10 12:00 338432 ----a-w- c:\windows\system32\conhost.exe
2012-08-20 18:38 . 2012-10-10 12:00 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-08-20 17:40 . 2012-10-10 12:00 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2012-08-20 17:38 . 2012-10-10 12:00 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-08-20 17:38 . 2012-10-10 12:00 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2012-08-20 17:37 . 2012-10-10 12:00 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2012-08-20 17:37 . 2012-10-10 12:00 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2012-08-20 17:32 . 2012-10-10 12:00 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 12:00 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2012-08-20 15:38 . 2012-10-10 12:00 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2012-08-20 15:38 . 2012-10-10 12:00 2048 ----a-w- c:\windows\SysWow64\user.exe
2012-08-20 15:33 . 2012-10-10 12:00 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 15:33 . 2012-10-10 12:00 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"avast"="i:\avast\avastUI.exe" [2012-08-21 4282728]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_SZ
.
R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-12-03 834544]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2010-12-21 36328]
R3 dump_wmimmc;dump_wmimmc;i:\download chrom\EliteSRO\GameGuard\dump_wmimmc.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;i:\gerena\Garena\safedrv.sys [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2009-11-23 16008]
R3 nmwcdnsucx64;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsucx64.sys [2011-11-01 12800]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [2011-11-01 171008]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2010-01-22 82816]
R3 Pcouffin64;Low level access layer for CD devices;c:\windows\system32\Drivers\pcouffin64a.sys [2010-11-04 55136]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-06-02 157672]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 177640]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-06-02 146920]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-03 1255736]
R4 UltiDev Cassini Web Server for ASP.NET 2.0;UltiDev Cassini Web Server for ASP.NET 2.0;c:\program files (x86)\UltiDev\Cassini Web Server for ASP.NET 2.0\UltiDevCassinWebServer2a.exe [2010-08-09 49152]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [2012-03-09 23816]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-05-15 382272]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-11-23 22408]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2010-01-11 1290752]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:11 133400 ----a-w- i:\avast\ashShA64.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://webtv.starnet.cz/
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: &NeoTrace It! - i:\downlo~1\NEOTRA~1\NTXcontext.htm
IE: E&xport to Microsoft Excel - i:\micros~1\Office14\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: S&end to OneNote - i:\micros~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.2.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
AddRemove-{281F705E-597F-4514-9D0C-76ADC560F5C2}_is1 - k:\hry\L2\system\unins000.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_110_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
i:\avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\ezSharedSvcHost.exe
i:\hijackthis\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\ASUS\TurboV EVO\TurboVHELP.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Celkový čas: 2012-11-18 15:45:26 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-11-18 14:45
ComboFix2.txt 2012-11-17 11:27
.
Před spuštěním: Volných bajtů: 223 745 576 960
Po spuštění: Volných bajtů: 223 416 799 232
.
- - End Of File - - 08E5D5059A54115E2AF626F200101BBE

--------------------------------------------------------------------------------------------------------------------------------------------------------------------------

https://www.virustotal.com/file/0faaf27 ... /analysis/

https://www.virustotal.com/file/53767a5 ... /analysis/

Ještě mám jeden dotaz. Po restartování počítače jsem se nemohl 10 minut dostat na internet, ale ostatní počítače se připojit mohli. Je to normální?

Příspěvekod **memphisto** » 18 lis 2012 18:41

Občas se stane... Používáš Garenu?

HAFcool · Příspěvekod **HAFcool** » 18 lis 2012 23:26

Garenu vůbec. Jednou jsem jí použil.

Příspěvekod **jaro3** » 19 lis 2012 09:51

Odinstaluj jí a pak nový Combofix.

Prevence + opět stažení kravin z e-mailu Vyřešeno

Prevence + opět stažení kravin z e-mailu

Re: Prevence + opět stažení kravin z e-mailu

Re: Prevence + opět stažení kravin z e-mailu

Re: Prevence + opět stažení kravin z e-mailu

Re: Prevence + opět stažení kravin z e-mailu

Re: Prevence + opět stažení kravin z e-mailu

Re: Prevence + opět stažení kravin z e-mailu

Re: Prevence + opět stažení kravin z e-mailu

Re: Prevence + opět stažení kravin z e-mailu

Re: Prevence + opět stažení kravin z e-mailu

Re: Prevence + opět stažení kravin z e-mailu

Re: Prevence + opět stažení kravin z e-mailu

Kdo je online