Doporučená kontrola Logu

Joey61 · Příspěvekod **Joey61** » 23 lis 2012 23:24

Dobrý den, poslední dobou mě zlobil počítač, po cca 2 hodinách hraní se mi začala sekat hra na vždy cca 5s, skype, mozilla, spousta programů mi velmi často neodpovídala, myslel jsem že mám poškozený socket, psal jsem sem na fórum ale prý je v pořádku, teploty mám také ok tak mi byla doporučena d1amondem kontrola logu, předem děkuji všem přispívajícím.

--------------------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:17:23, on 23.11.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16455)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe
C:\Fraps\fraps.exe
C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=113932 ... 79055c68b9
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000.10005&barid={7A8E1D87-EFEF-11E1-B26D-C86000A1A650}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {EEE6C35D-6118-11DC-9C72-001320C79847} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: (no name) - {E2A48F58-6AD2-322B-BCE8-3F8DE5F49EEC} - (no file)
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - (no file)
O3 - Toolbar: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
O4 - HKCU\..\Run: [Windows Explorer] C:\Users\Joey\Drivers\msconfig.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKLM\..\Policies\Explorer\Run: [46923] C:\PROGRA~3\LOCALS~1\Temp\msquqaif.com
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1931917541-2785547761-4208433868-1004\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1931917541-2785547761-4208433868-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
O23 - Service: ASGT - Unknown owner - C:\Windows\SysWOW64\ASGT.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
O23 - Service: Stavová služba ASP.NET (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
O23 - Service: AsusFanControlService - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.14\AsusFanControlService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11792 bytes

Reklama

Damned · Příspěvekod **Damned** » 23 lis 2012 23:30

Zlobí? Ani se nedivím...

Odinstaluj si Babylon Toolbar

Spusť HJT (HijackThis), vypni prohlížeče, odpoj se od internetu a fixni (spustit HJT, "Do a system scan only",
zatrhnout políčko před hodnotou, zmáčknout "Fix checked" a poté "Ano"):

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=113932 ... 79055c68b9
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {EEE6C35D-6118-11DC-9C72-001320C79847} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: (no name) - {E2A48F58-6AD2-322B-BCE8-3F8DE5F49EEC} - (no file)
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - (no file)
O3 - Toolbar: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Windows Explorer] C:\Users\Joey\Drivers\msconfig.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKLM\..\Policies\Explorer\Run: [46923] C:\PROGRA~3\LOCALS~1\Temp\msquqaif.com
*****************************************************************************************************************************************************************************************
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti: Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko Konec.
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje a poté kliknutím na OK spusť program
- nech vybranou možnost Rychlá kontrola a klikni na tlačítko Prohledat

Bude-li nalezen problém:
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost Uložit protokol a ulož si log na Plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
- výsledný log mi sem zkopíruj
(zatím nic nemaž!).

Nebude-li nalezen problém:
- Klikni na tlačítko "OK" a sděl mi to

Joey61 · Příspěvekod **Joey61** » 24 lis 2012 02:07

Babylon jsem odinstalovával jakmile jsem zjistil že se mi do PC dostal, mazal jsem ho ode všad, když spustím odinstalovat programy tak ho tam nemám, mazal jsem ho i z appDat atd.. když dám vyhledat babylon nic mi to nenajde, sám sem byl teď dost překvapenej když jsem ho tam viděl, jinak díky že sis na to udělal čas, odpoledne du do práce tak se do toho pustím večer a dám ti vědět.

Příspěvekod **jaro3** » 24 lis 2012 11:12

Stáhni AdwCleaner

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Joey61 · Příspěvekod **Joey61** » 24 lis 2012 22:22

Vše sem vypl, spuštěný jsem měl jen správce zvuku Realtek HD a Eset Smart Security 5, zde je výpis:

# AdwCleaner v2.009 - Logfile created 11/24/2012 at 22:18:47
# Updated 24/11/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : Joey - JOEY-TUF
# Boot Mode : Normal
# Running from : C:\Users\Joey\Downloads\adwcleaner.exe
# Option [Search]

***** [Services] *****

***** [Files / Folders] *****

Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\Ticno
Folder Found : C:\ProgramData\Trymedia

***** [Registry] *****

Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\Ticno Multibar
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKLM\Software\Babylon
Key Found : HKLM\Software\BabylonToolbar
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Freeze.com
Key Found : HKLM\Software\Ticno Multibar
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IM
Key Found : HKU\S-1-5-21-1931917541-2785547761-4208433868-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.babylon.com/?affID=113932 ... 79055c68b9
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.10005&barid={7A8E1D87-EFEF-11E1-B26D-C86000A1A650}

-\\ Mozilla Firefox v16.0.2 (cs)

Profile name : default
File : C:\Users\Joey\AppData\Roaming\Mozilla\Firefox\Profiles\66tjd9x7.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Joey\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found [l.11] : homepage = "hxxp://search.babylon.com/?affID=113932&tt=3612_5&babsrc=HP_ss&mntrId=54c3b74b0000000000007a79055c68b9",
Found [l.1419] : homepage = "hxxp://search.babylon.com/?affID=113932&tt=3612_5&babsrc=HP_ss&mntrId=54c3b74b0000000000007a79055c68b9",

File : C:\Users\Wow\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [2408 octets] - [24/11/2012 22:18:47]

########## EOF - C:\AdwCleaner[R1].txt - [2468 octets] ##########

Joey61 · Příspěvekod **Joey61** » 24 lis 2012 22:39

to Damned: tak jsem v HJT fixl věci co jsi psal, byl jsem odpojený od internetu, poté jsem ho znovu zapojil protože jsem potřeboval updatnout Malwarebytes' Anti-Malware, snad to není problém ten mi poté vypsal 4 problémy a log je zde:

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.65.1.1000
www.malwarebytes.org

Verze databáze: v2012.11.24.10

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Joey :: JOEY-TUF [administrátor]

Ochrana: Povolena

24.11.2012 22:32:27
mbam-log-2012-11-24 (22-35-17).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 248537
Uplynulý čas: 2 minut, 27 sekund

Nalezené procesy v paměti: 1
C:\Users\Joey\Drivers\explorer.exe (Spyware.Password) -> 3696 -> Žádná instrukce nebyla provedena.

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 1
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ctfmon.exe (Security.Hijack) -> Žádná instrukce nebyla provedena.

Nalezené hodnoty v registru: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Windows Explorer (Spyware.Password) -> Data: C:\Users\Joey\Drivers\msconfig.exe -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|46923 (Trojan.Agent) -> Data: C:\PROGRA~3\LOCALS~1\Temp\msquqaif.com -> Žádná instrukce nebyla provedena.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 4
C:\Users\Joey\Drivers\explorer.exe (Spyware.Password) -> Žádná instrukce nebyla provedena.
C:\Users\Joey\Drivers\msconfig.exe (Spyware.Password) -> Žádná instrukce nebyla provedena.
C:\Users\Joey\Documents\Windows\winsvcs.exe (Backdoor.Agent) -> Žádná instrukce nebyla provedena.
C:\ProgramData\Local Settings\Temp\msquqaif.com (Trojan.Agent) -> Žádná instrukce nebyla provedena.

(konec)

Příspěvekod **Orcus** » 24 lis 2012 23:01

Znovu spusť MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

====================================================

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

====================================================

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.

Pokud budou problémy , spusť v nouz. režimu.

Joey61 · Příspěvekod **Joey61** » 24 lis 2012 23:34

Výpis logu z MbAM, provedl jsem restart jak mi radil program, teď jdu na TDSSKiller.

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware) 1.65.1.1000
www.malwarebytes.org

Verze databáze: v2012.11.24.10

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Joey :: JOEY-TUF [administrátor]

Ochrana: Zakázána

24.11.2012 23:23:35
mbam-log-2012-11-24 (23-23-35).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 249182
Uplynulý čas: 2 minut, 20 sekund

Nalezené procesy v paměti: 1
C:\Users\Joey\Drivers\explorer.exe (Spyware.Password) -> 4904 -> Bude smazán při restartu.

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 1
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ctfmon.exe (Security.Hijack) -> Umístnění do karantény a smazání se zdařilo.

Nalezené hodnoty v registru: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Windows Explorer (Spyware.Password) -> Data: C:\Users\Joey\Drivers\msconfig.exe -> Umístnění do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|46923 (Trojan.Agent) -> Data: C:\PROGRA~3\LOCALS~1\Temp\msquqaif.com -> Bude smazán při restartu.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 4
C:\Users\Joey\Drivers\explorer.exe (Spyware.Password) -> Bude smazán při restartu.
C:\Users\Joey\Drivers\msconfig.exe (Spyware.Password) -> Umístnění do karantény a smazání se zdařilo.
C:\Users\Joey\Documents\Windows\winsvcs.exe (Backdoor.Agent) -> Umístnění do karantény a smazání se zdařilo.
C:\ProgramData\Local Settings\Temp\msquqaif.com (Trojan.Agent) -> Umístnění do karantény a smazání se zdařilo.

(konec)

Joey61 · Příspěvekod **Joey61** » 24 lis 2012 23:41

Výpis logu z TDDSKiller.

23:36:08.0030 3932 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
23:36:08.0218 3932 ============================================================
23:36:08.0218 3932 Current date / time: 2012/11/24 23:36:08.0218
23:36:08.0218 3932 SystemInfo:
23:36:08.0218 3932
23:36:08.0218 3932 OS Version: 6.1.7601 ServicePack: 1.0
23:36:08.0218 3932 Product type: Workstation
23:36:08.0218 3932 ComputerName: JOEY-TUF
23:36:08.0218 3932 UserName: Joey
23:36:08.0218 3932 Windows directory: C:\Windows
23:36:08.0218 3932 System windows directory: C:\Windows
23:36:08.0218 3932 Running under WOW64
23:36:08.0218 3932 Processor architecture: Intel x64
23:36:08.0218 3932 Number of processors: 4
23:36:08.0218 3932 Page size: 0x1000
23:36:08.0218 3932 Boot type: Normal boot
23:36:08.0218 3932 ============================================================
23:36:10.0246 3932 Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:36:10.0246 3932 ============================================================
23:36:10.0246 3932 \Device\Harddisk0\DR0:
23:36:10.0246 3932 MBR partitions:
23:36:10.0246 3932 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:36:10.0246 3932 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xAEA54800
23:36:10.0246 3932 ============================================================
23:36:10.0292 3932 C: <-> \Device\Harddisk0\DR0\Partition2
23:36:10.0292 3932 ============================================================
23:36:10.0292 3932 Initialize success
23:36:10.0292 3932 ============================================================
23:36:32.0569 5852 ============================================================
23:36:32.0569 5852 Scan started
23:36:32.0569 5852 Mode: Manual;
23:36:32.0569 5852 ============================================================
23:36:33.0880 5852 ================ Scan system memory ========================
23:36:33.0880 5852 System memory - ok
23:36:33.0880 5852 ================ Scan services =============================
23:36:33.0989 5852 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
23:36:34.0004 5852 1394ohci - ok
23:36:34.0020 5852 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
23:36:34.0020 5852 ACPI - ok
23:36:34.0036 5852 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
23:36:34.0036 5852 AcpiPmi - ok
23:36:34.0098 5852 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:36:34.0098 5852 AdobeFlashPlayerUpdateSvc - ok
23:36:34.0129 5852 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
23:36:34.0145 5852 adp94xx - ok
23:36:34.0160 5852 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
23:36:34.0176 5852 adpahci - ok
23:36:34.0192 5852 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
23:36:34.0192 5852 adpu320 - ok
23:36:34.0254 5852 [ 7652940ADA176D26D8938B9BE309F4EE ] AdvancedSystemCareService6 C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
23:36:34.0254 5852 AdvancedSystemCareService6 - ok
23:36:34.0270 5852 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:36:34.0270 5852 AeLookupSvc - ok
23:36:34.0316 5852 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
23:36:34.0332 5852 AFD - ok
23:36:34.0348 5852 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
23:36:34.0348 5852 agp440 - ok
23:36:34.0394 5852 [ 4BFB41025FA1C37205EDEEFDE36F7771 ] AiChargerPlus C:\Windows\syswow64\drivers\AiChargerPlus.sys
23:36:34.0394 5852 AiChargerPlus - ok
23:36:34.0394 5852 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
23:36:34.0394 5852 ALG - ok
23:36:34.0394 5852 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
23:36:34.0410 5852 aliide - ok
23:36:34.0441 5852 ALSysIO - ok
23:36:34.0472 5852 [ 514089CB4A7DF38DC4DD936ADE4114D3 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
23:36:34.0472 5852 AMD External Events Utility - ok
23:36:34.0488 5852 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
23:36:34.0488 5852 amdide - ok
23:36:34.0504 5852 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
23:36:34.0519 5852 AmdK8 - ok
23:36:34.0628 5852 [ 9A4B92150A5E259A7159D914CC3A60D7 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
23:36:34.0753 5852 amdkmdag - ok
23:36:34.0769 5852 [ 9DEB889D152F9C9DBA98BE8986084535 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
23:36:34.0769 5852 amdkmdap - ok
23:36:34.0784 5852 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
23:36:34.0784 5852 AmdPPM - ok
23:36:34.0800 5852 [ 6EC6D772EAE38DC17C14AED9B178D24B ] amdsata C:\Windows\system32\drivers\amdsata.sys
23:36:34.0816 5852 amdsata - ok
23:36:34.0847 5852 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
23:36:34.0862 5852 amdsbs - ok
23:36:34.0878 5852 [ 1142A21DB581A84EA5597B03A26EBAA0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
23:36:34.0878 5852 amdxata - ok
23:36:34.0909 5852 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
23:36:34.0925 5852 AppID - ok
23:36:34.0925 5852 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:36:34.0925 5852 AppIDSvc - ok
23:36:34.0987 5852 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
23:36:34.0987 5852 Appinfo - ok
23:36:35.0003 5852 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
23:36:35.0003 5852 AppMgmt - ok
23:36:35.0003 5852 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
23:36:35.0018 5852 arc - ok
23:36:35.0018 5852 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
23:36:35.0018 5852 arcsas - ok
23:36:35.0096 5852 [ 31E2470E61D5A390405BA41C279D8446 ] asComSvc C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
23:36:35.0096 5852 asComSvc - ok
23:36:35.0112 5852 [ E536856E96A7605EBF580D62A868E5FE ] ASGT C:\Windows\SysWOW64\ASGT.exe
23:36:35.0112 5852 ASGT - ok
23:36:35.0159 5852 [ 0466B91EE5767A769E9F8EDB8EF94DDB ] asHmComSvc C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
23:36:35.0159 5852 asHmComSvc - ok
23:36:35.0159 5852 [ 798DE15F187C1F013095BBBEB6FB6197 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
23:36:35.0159 5852 AsIO - ok
23:36:35.0190 5852 [ 22842362DF890F5492F85AA60916A697 ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
23:36:35.0206 5852 asmthub3 - ok
23:36:35.0221 5852 [ 08E2D77766CC05E75A0707207D9FC684 ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
23:36:35.0237 5852 asmtxhci - ok
23:36:35.0268 5852 aspnet_state - ok
23:36:35.0284 5852 [ AD8947D621FDCA48F1F39F4624B60AA1 ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
23:36:35.0299 5852 AsSysCtrlService - ok
23:36:35.0330 5852 [ 1392B92179B07B672720763D9B1028A5 ] AsUpIO C:\Windows\syswow64\drivers\AsUpIO.sys
23:36:35.0330 5852 AsUpIO - ok
23:36:35.0377 5852 [ 02F97FBBA78B79196BBE0AC4044F2B61 ] AsusFanControlService C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.14\AsusFanControlService.exe
23:36:35.0377 5852 AsusFanControlService - ok
23:36:35.0424 5852 [ A5E4CDB420540095D1293C874B5F89AA ] ASUSFILTER C:\Windows\syswow64\drivers\ASUSFILTER.sys
23:36:35.0424 5852 ASUSFILTER - ok
23:36:35.0440 5852 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:36:35.0440 5852 AsyncMac - ok
23:36:35.0440 5852 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
23:36:35.0440 5852 atapi - ok
23:36:35.0486 5852 [ CBD14F698DEF12EE3557604B726CB8EB ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
23:36:35.0486 5852 AtiHDAudioService - ok
23:36:35.0518 5852 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:36:35.0518 5852 AudioEndpointBuilder - ok
23:36:35.0533 5852 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
23:36:35.0533 5852 AudioSrv - ok
23:36:35.0580 5852 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:36:35.0580 5852 AxInstSV - ok
23:36:35.0611 5852 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
23:36:35.0611 5852 b06bdrv - ok
23:36:35.0627 5852 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
23:36:35.0642 5852 b57nd60a - ok
23:36:35.0658 5852 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
23:36:35.0658 5852 BDESVC - ok
23:36:35.0658 5852 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
23:36:35.0658 5852 Beep - ok
23:36:35.0689 5852 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
23:36:35.0689 5852 BFE - ok
23:36:35.0705 5852 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
23:36:35.0705 5852 BITS - ok
23:36:35.0720 5852 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
23:36:35.0720 5852 blbdrive - ok
23:36:35.0752 5852 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:36:35.0767 5852 bowser - ok
23:36:35.0783 5852 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:36:35.0798 5852 BrFiltLo - ok
23:36:35.0798 5852 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:36:35.0798 5852 BrFiltUp - ok
23:36:35.0830 5852 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
23:36:35.0830 5852 Browser - ok
23:36:35.0845 5852 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:36:35.0845 5852 Brserid - ok
23:36:35.0845 5852 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:36:35.0861 5852 BrSerWdm - ok
23:36:35.0861 5852 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:36:35.0861 5852 BrUsbMdm - ok
23:36:35.0861 5852 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:36:35.0861 5852 BrUsbSer - ok
23:36:35.0876 5852 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
23:36:35.0876 5852 BTHMODEM - ok
23:36:35.0876 5852 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
23:36:35.0892 5852 bthserv - ok
23:36:35.0892 5852 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:36:35.0892 5852 cdfs - ok
23:36:35.0908 5852 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
23:36:35.0908 5852 cdrom - ok
23:36:35.0954 5852 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
23:36:35.0954 5852 CertPropSvc - ok
23:36:35.0954 5852 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
23:36:35.0954 5852 circlass - ok
23:36:35.0970 5852 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
23:36:35.0986 5852 CLFS - ok
23:36:36.0001 5852 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:36:36.0001 5852 clr_optimization_v2.0.50727_32 - ok
23:36:36.0017 5852 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:36:36.0017 5852 clr_optimization_v2.0.50727_64 - ok
23:36:36.0110 5852 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:36:36.0110 5852 clr_optimization_v4.0.30319_32 - ok
23:36:36.0126 5852 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:36:36.0126 5852 clr_optimization_v4.0.30319_64 - ok
23:36:36.0126 5852 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:36:36.0142 5852 CmBatt - ok
23:36:36.0142 5852 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:36:36.0656 5852 cmdide - ok
23:36:36.0703 5852 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
23:36:36.0719 5852 CNG - ok
23:36:36.0719 5852 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:36:36.0734 5852 Compbatt - ok
23:36:36.0750 5852 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
23:36:36.0750 5852 CompositeBus - ok
23:36:36.0750 5852 COMSysApp - ok
23:36:36.0812 5852 [ D0C2CAA17C7B6D2200E1B5AA9D07135E ] cpuz135 C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys
23:36:36.0812 5852 cpuz135 - ok
23:36:36.0812 5852 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
23:36:36.0828 5852 crcdisk - ok
23:36:36.0859 5852 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:36:36.0859 5852 CryptSvc - ok
23:36:36.0890 5852 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
23:36:36.0890 5852 CSC - ok
23:36:36.0937 5852 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
23:36:36.0937 5852 CscService - ok
23:36:36.0953 5852 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:36:36.0953 5852 DcomLaunch - ok
23:36:36.0968 5852 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
23:36:36.0968 5852 defragsvc - ok
23:36:36.0984 5852 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:36:36.0984 5852 DfsC - ok
23:36:37.0000 5852 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
23:36:37.0000 5852 Dhcp - ok
23:36:37.0000 5852 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
23:36:37.0015 5852 discache - ok
23:36:37.0031 5852 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
23:36:37.0046 5852 Disk - ok
23:36:37.0078 5852 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:36:37.0078 5852 Dnscache - ok
23:36:37.0109 5852 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
23:36:37.0124 5852 dot3svc - ok
23:36:37.0140 5852 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
23:36:37.0140 5852 DPS - ok
23:36:37.0156 5852 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:36:37.0171 5852 drmkaud - ok
23:36:37.0202 5852 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
23:36:37.0202 5852 dtsoftbus01 - ok
23:36:37.0218 5852 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:36:37.0234 5852 DXGKrnl - ok
23:36:37.0249 5852 [ E53D32044F4A03D64D6C91CF0A22A77E ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
23:36:37.0249 5852 e1cexpress - ok
23:36:37.0296 5852 [ 13533557D01B88C83110D5CF749F14D7 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
23:36:37.0296 5852 eamonm - ok
23:36:37.0296 5852 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
23:36:37.0296 5852 EapHost - ok
23:36:37.0343 5852 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
23:36:37.0405 5852 ebdrv - ok
23:36:37.0436 5852 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
23:36:37.0436 5852 EFS - ok
23:36:37.0483 5852 [ E097728129E7B79BF1089D7AEF42332B ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
23:36:37.0499 5852 ehdrv - ok
23:36:37.0530 5852 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:36:37.0530 5852 ehRecvr - ok
23:36:37.0546 5852 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
23:36:37.0546 5852 ehSched - ok
23:36:37.0670 5852 [ F0EEBAC2F362AA866188A1C0EF819CB9 ] ekrn C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
23:36:37.0670 5852 ekrn - ok
23:36:37.0686 5852 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
23:36:37.0686 5852 elxstor - ok
23:36:37.0733 5852 [ 198C6FBC30BBD9632EA051203DCCF204 ] epfw C:\Windows\system32\DRIVERS\epfw.sys
23:36:37.0733 5852 epfw - ok
23:36:37.0780 5852 [ 56DE463F517710A8AA44EEF82C35B3C9 ] EpfwLWF C:\Windows\system32\DRIVERS\EpfwLWF.sys
23:36:37.0795 5852 EpfwLWF - ok
23:36:37.0826 5852 [ 710B0442BB2F99278D7B8E02A8849C11 ] epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys
23:36:37.0826 5852 epfwwfp - ok
23:36:37.0858 5852 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:36:37.0873 5852 ErrDev - ok
23:36:37.0904 5852 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
23:36:37.0904 5852 EventSystem - ok
23:36:37.0920 5852 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
23:36:37.0920 5852 exfat - ok
23:36:37.0936 5852 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:36:37.0951 5852 fastfat - ok
23:36:37.0967 5852 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
23:36:37.0967 5852 Fax - ok
23:36:37.0967 5852 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
23:36:37.0982 5852 fdc - ok
23:36:37.0982 5852 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
23:36:37.0982 5852 fdPHost - ok
23:36:37.0998 5852 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
23:36:37.0998 5852 FDResPub - ok
23:36:37.0998 5852 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:36:38.0014 5852 FileInfo - ok
23:36:38.0014 5852 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:36:38.0029 5852 Filetrace - ok
23:36:38.0029 5852 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
23:36:38.0029 5852 flpydisk - ok
23:36:38.0045 5852 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:36:38.0060 5852 FltMgr - ok
23:36:38.0076 5852 [ B4447F606BB19FD8AD0BAFB59B90F5D9 ] FontCache C:\Windows\system32\FntCache.dll
23:36:38.0092 5852 FontCache - ok
23:36:38.0123 5852 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:36:38.0138 5852 FontCache3.0.0.0 - ok
23:36:38.0138 5852 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:36:38.0154 5852 FsDepends - ok
23:36:38.0185 5852 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:36:38.0185 5852 Fs_Rec - ok
23:36:38.0232 5852 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:36:38.0248 5852 fvevol - ok
23:36:38.0263 5852 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
23:36:38.0279 5852 gagp30kx - ok
23:36:38.0341 5852 GGSAFERDriver - ok
23:36:38.0341 5852 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
23:36:38.0357 5852 gpsvc - ok
23:36:38.0419 5852 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:36:38.0435 5852 gupdate - ok
23:36:38.0435 5852 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:36:38.0435 5852 gupdatem - ok
23:36:38.0466 5852 [ F8F0851D336C3B88DBD7232B6348E09A ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
23:36:38.0482 5852 hamachi - ok
23:36:38.0482 5852 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:36:38.0482 5852 hcw85cir - ok
23:36:38.0513 5852 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:36:38.0528 5852 HdAudAddService - ok
23:36:38.0528 5852 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
23:36:38.0528 5852 HDAudBus - ok
23:36:38.0544 5852 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
23:36:38.0560 5852 HidBatt - ok
23:36:38.0560 5852 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
23:36:38.0575 5852 HidBth - ok
23:36:38.0575 5852 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
23:36:38.0591 5852 HidIr - ok
23:36:38.0606 5852 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
23:36:38.0606 5852 hidserv - ok
23:36:38.0606 5852 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
23:36:38.0606 5852 HidUsb - ok
23:36:38.0638 5852 [ 105C4376B682DF3FE6C9B45252BE9DB7 ] hipeer20 C:\Windows\system32\DRIVERS\remobo64.sys
23:36:38.0653 5852 hipeer20 - ok
23:36:38.0684 5852 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:36:38.0684 5852 hkmsvc - ok
23:36:38.0700 5852 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:36:38.0716 5852 HomeGroupListener - ok
23:36:38.0716 5852 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:36:38.0716 5852 HomeGroupProvider - ok
23:36:38.0731 5852 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
23:36:38.0731 5852 HpSAMD - ok
23:36:38.0747 5852 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:36:38.0762 5852 HTTP - ok
23:36:38.0778 5852 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:36:38.0778 5852 hwpolicy - ok
23:36:38.0794 5852 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
23:36:38.0794 5852 i8042prt - ok
23:36:38.0825 5852 [ 3DF4395A7CF8B7A72A5F4606366B8C2D ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
23:36:38.0825 5852 iaStorV - ok
23:36:38.0903 5852 [ 90D95B25F8413F937A2E155F196D892C ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
23:36:38.0918 5852 ICCS - ok
23:36:38.0934 5852 [ C1010ADD3DDAE1196ED21057AF7B2AAE ] ICCWDT C:\Windows\system32\DRIVERS\ICCWDT.sys
23:36:38.0934 5852 ICCWDT - ok
23:36:38.0965 5852 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:36:38.0965 5852 idsvc - ok
23:36:38.0981 5852 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
23:36:38.0981 5852 iirsp - ok
23:36:38.0996 5852 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
23:36:38.0996 5852 IKEEXT - ok
23:36:39.0059 5852 [ 9CC645EB9697AA4F2D5A39835C80A0A2 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
23:36:39.0090 5852 IntcAzAudAddService - ok
23:36:39.0121 5852 [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
23:36:39.0121 5852 Intel(R) Capability Licensing Service Interface - ok
23:36:39.0168 5852 [ FE098EF3DB8E8064CF6BE4CA6DD1FDF0 ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
23:36:39.0168 5852 Intel(R) PROSet Monitoring Service - ok
23:36:39.0184 5852 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
23:36:39.0184 5852 intelide - ok
23:36:39.0199 5852 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:36:39.0199 5852 intelppm - ok
23:36:39.0246 5852 [ A01C412699B6F21645B2885C2BAE4454 ] IOMap C:\Windows\system32\drivers\IOMap64.sys
23:36:39.0246 5852 IOMap - ok
23:36:39.0246 5852 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:36:39.0262 5852 IPBusEnum - ok
23:36:39.0293 5852 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:36:39.0293 5852 IpFilterDriver - ok
23:36:39.0308 5852 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:36:39.0324 5852 iphlpsvc - ok
23:36:39.0324 5852 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
23:36:39.0340 5852 IPMIDRV - ok
23:36:39.0340 5852 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:36:39.0355 5852 IPNAT - ok
23:36:39.0371 5852 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:36:39.0371 5852 IRENUM - ok
23:36:39.0371 5852 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:36:39.0386 5852 isapnp - ok
23:36:39.0402 5852 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
23:36:39.0402 5852 iScsiPrt - ok
23:36:39.0418 5852 [ D596D915CF091DA1F8CE4BD38BB5D509 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
23:36:39.0433 5852 iusb3hcs - ok
23:36:39.0433 5852 [ 023896E23B61543A15A230EED996D911 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
23:36:39.0433 5852 iusb3hub - ok
23:36:39.0449 5852 [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
23:36:39.0464 5852 iusb3xhc - ok
23:36:39.0464 5852 [ C44B44E24B929631D9D7368F5B2B40CF ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
23:36:39.0464 5852 jhi_service - ok
23:36:39.0480 5852 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
23:36:39.0480 5852 kbdclass - ok
23:36:39.0480 5852 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
23:36:39.0480 5852 kbdhid - ok
23:36:39.0496 5852 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
23:36:39.0496 5852 KeyIso - ok
23:36:39.0527 5852 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:36:39.0527 5852 KSecDD - ok
23:36:39.0542 5852 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:36:39.0542 5852 KSecPkg - ok
23:36:39.0558 5852 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
23:36:39.0558 5852 ksthunk - ok
23:36:39.0574 5852 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
23:36:39.0574 5852 KtmRm - ok
23:36:39.0589 5852 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
23:36:39.0589 5852 LanmanServer - ok
23:36:39.0605 5852 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:36:39.0605 5852 LanmanWorkstation - ok
23:36:39.0620 5852 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:36:39.0636 5852 lltdio - ok
23:36:39.0652 5852 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:36:39.0667 5852 lltdsvc - ok
23:36:39.0667 5852 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:36:39.0667 5852 lmhosts - ok
23:36:39.0698 5852 [ 75F29D77B0540FCF47EE3BE000BBABDA ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
23:36:39.0698 5852 LMS - ok
23:36:39.0714 5852 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
23:36:39.0730 5852 LSI_FC - ok
23:36:39.0730 5852 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
23:36:39.0745 5852 LSI_SAS - ok
23:36:39.0745 5852 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:36:39.0761 5852 LSI_SAS2 - ok
23:36:39.0761 5852 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:36:39.0776 5852 LSI_SCSI - ok
23:36:39.0808 5852 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
23:36:39.0808 5852 luafv - ok
23:36:39.0854 5852 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
23:36:39.0854 5852 MBAMProtector - ok
23:36:39.0886 5852 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
23:36:39.0886 5852 MBAMScheduler - ok
23:36:39.0917 5852 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
23:36:39.0932 5852 MBAMService - ok
23:36:39.0964 5852 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:36:39.0964 5852 Mcx2Svc - ok
23:36:39.0979 5852 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
23:36:39.0995 5852 megasas - ok
23:36:39.0995 5852 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
23:36:40.0010 5852 MegaSR - ok
23:36:40.0026 5852 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
23:36:40.0026 5852 MEIx64 - ok
23:36:40.0026 5852 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
23:36:40.0026 5852 MMCSS - ok
23:36:40.0042 5852 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
23:36:40.0042 5852 Modem - ok
23:36:40.0057 5852 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:36:40.0057 5852 monitor - ok
23:36:40.0057 5852 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
23:36:40.0057 5852 mouclass - ok
23:36:40.0073 5852 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:36:40.0073 5852 mouhid - ok
23:36:40.0088 5852 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:36:40.0088 5852 mountmgr - ok

Joey61 · Příspěvekod **Joey61** » 24 lis 2012 23:42

23:36:40.0120 5852 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:36:40.0120 5852 MozillaMaintenance - ok
23:36:40.0135 5852 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
23:36:40.0135 5852 mpio - ok
23:36:40.0166 5852 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:36:40.0166 5852 mpsdrv - ok
23:36:40.0213 5852 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
23:36:40.0213 5852 MpsSvc - ok
23:36:40.0229 5852 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:36:40.0229 5852 MRxDAV - ok
23:36:40.0260 5852 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:36:40.0276 5852 mrxsmb - ok
23:36:40.0276 5852 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:36:40.0291 5852 mrxsmb10 - ok
23:36:40.0307 5852 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:36:40.0307 5852 mrxsmb20 - ok
23:36:40.0322 5852 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
23:36:40.0322 5852 msahci - ok
23:36:40.0338 5852 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:36:40.0338 5852 msdsm - ok
23:36:40.0354 5852 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
23:36:40.0354 5852 MSDTC - ok
23:36:40.0369 5852 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:36:40.0369 5852 Msfs - ok
23:36:40.0369 5852 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:36:40.0385 5852 mshidkmdf - ok
23:36:40.0385 5852 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:36:40.0400 5852 msisadrv - ok
23:36:40.0416 5852 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:36:40.0416 5852 MSiSCSI - ok
23:36:40.0416 5852 msiserver - ok
23:36:40.0432 5852 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:36:40.0432 5852 MSKSSRV - ok
23:36:40.0432 5852 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:36:40.0432 5852 MSPCLOCK - ok
23:36:40.0447 5852 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:36:40.0447 5852 MSPQM - ok
23:36:40.0463 5852 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:36:40.0463 5852 MsRPC - ok
23:36:40.0463 5852 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
23:36:40.0463 5852 mssmbios - ok
23:36:40.0478 5852 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:36:40.0478 5852 MSTEE - ok
23:36:40.0478 5852 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
23:36:40.0478 5852 MTConfig - ok
23:36:40.0494 5852 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
23:36:40.0494 5852 Mup - ok
23:36:40.0510 5852 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
23:36:40.0510 5852 napagent - ok
23:36:40.0525 5852 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:36:40.0541 5852 NativeWifiP - ok
23:36:40.0556 5852 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
23:36:40.0556 5852 NDIS - ok
23:36:40.0572 5852 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:36:40.0572 5852 NdisCap - ok
23:36:40.0603 5852 [ 270B10B8BD822DD4673781E0A1935DFB ] ndisrd C:\Windows\system32\DRIVERS\ndisrd.sys
23:36:40.0603 5852 ndisrd - ok
23:36:40.0619 5852 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:36:40.0619 5852 NdisTapi - ok
23:36:40.0650 5852 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:36:40.0650 5852 Ndisuio - ok
23:36:40.0681 5852 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:36:40.0681 5852 NdisWan - ok
23:36:40.0728 5852 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:36:40.0728 5852 NDProxy - ok
23:36:40.0744 5852 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:36:40.0759 5852 NetBIOS - ok
23:36:40.0790 5852 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:36:40.0790 5852 NetBT - ok
23:36:40.0806 5852 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
23:36:40.0806 5852 Netlogon - ok
23:36:40.0822 5852 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
23:36:40.0822 5852 Netman - ok
23:36:40.0853 5852 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:36:40.0853 5852 NetMsmqActivator - ok
23:36:40.0868 5852 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:36:40.0868 5852 NetPipeActivator - ok
23:36:40.0868 5852 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
23:36:40.0868 5852 netprofm - ok
23:36:40.0868 5852 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:36:40.0868 5852 NetTcpActivator - ok
23:36:40.0868 5852 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:36:40.0884 5852 NetTcpPortSharing - ok
23:36:40.0884 5852 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
23:36:40.0900 5852 nfrd960 - ok
23:36:40.0915 5852 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:36:40.0915 5852 NlaSvc - ok
23:36:40.0931 5852 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:36:40.0931 5852 Npfs - ok
23:36:40.0946 5852 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
23:36:40.0946 5852 nsi - ok
23:36:40.0946 5852 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:36:40.0962 5852 nsiproxy - ok
23:36:41.0009 5852 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:36:41.0056 5852 Ntfs - ok
23:36:41.0056 5852 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
23:36:41.0071 5852 Null - ok
23:36:41.0102 5852 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
23:36:41.0102 5852 NVHDA - ok
23:36:41.0305 5852 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:36:41.0352 5852 nvlddmkm - ok
23:36:41.0383 5852 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48 ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:36:41.0383 5852 nvraid - ok
23:36:41.0399 5852 [ F7CD50FE7139F07E77DA8AC8033D1832 ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:36:41.0414 5852 nvstor - ok
23:36:41.0446 5852 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
23:36:41.0461 5852 nvsvc - ok
23:36:41.0539 5852 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
23:36:41.0539 5852 nvUpdatusService - ok
23:36:41.0555 5852 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:36:41.0570 5852 nv_agp - ok
23:36:41.0570 5852 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
23:36:41.0586 5852 ohci1394 - ok
23:36:41.0602 5852 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
23:36:41.0602 5852 p2pimsvc - ok
23:36:41.0633 5852 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
23:36:41.0633 5852 p2psvc - ok
23:36:41.0648 5852 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
23:36:41.0648 5852 Parport - ok
23:36:41.0680 5852 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:36:41.0695 5852 partmgr - ok
23:36:41.0695 5852 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
23:36:41.0695 5852 PcaSvc - ok
23:36:41.0711 5852 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
23:36:41.0726 5852 pci - ok
23:36:41.0726 5852 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
23:36:41.0742 5852 pciide - ok
23:36:41.0758 5852 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
23:36:41.0773 5852 pcmcia - ok
23:36:41.0773 5852 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
23:36:41.0789 5852 pcw - ok
23:36:41.0789 5852 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:36:41.0804 5852 PEAUTH - ok
23:36:41.0836 5852 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
23:36:41.0867 5852 PeerDistSvc - ok
23:36:41.0898 5852 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
23:36:41.0898 5852 PerfHost - ok
23:36:41.0945 5852 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
23:36:41.0945 5852 pla - ok
23:36:41.0976 5852 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:36:41.0976 5852 PlugPlay - ok
23:36:41.0992 5852 PnkBstrA - ok
23:36:42.0007 5852 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
23:36:42.0007 5852 PNRPAutoReg - ok
23:36:42.0007 5852 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
23:36:42.0007 5852 PNRPsvc - ok
23:36:42.0023 5852 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:36:42.0023 5852 PolicyAgent - ok
23:36:42.0038 5852 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
23:36:42.0038 5852 Power - ok
23:36:42.0085 5852 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:36:42.0101 5852 PptpMiniport - ok
23:36:42.0101 5852 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
23:36:42.0116 5852 Processor - ok
23:36:42.0148 5852 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
23:36:42.0148 5852 ProfSvc - ok
23:36:42.0163 5852 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:36:42.0163 5852 ProtectedStorage - ok
23:36:42.0194 5852 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
23:36:42.0194 5852 Psched - ok
23:36:42.0226 5852 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
23:36:42.0241 5852 ql2300 - ok
23:36:42.0257 5852 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
23:36:42.0257 5852 ql40xx - ok
23:36:42.0272 5852 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
23:36:42.0272 5852 QWAVE - ok
23:36:42.0288 5852 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:36:42.0288 5852 QWAVEdrv - ok
23:36:42.0304 5852 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:36:42.0319 5852 RasAcd - ok
23:36:42.0335 5852 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
23:36:42.0335 5852 RasAgileVpn - ok
23:36:42.0350 5852 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
23:36:42.0350 5852 RasAuto - ok
23:36:42.0366 5852 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:36:42.0382 5852 Rasl2tp - ok
23:36:42.0382 5852 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
23:36:42.0382 5852 RasMan - ok
23:36:42.0397 5852 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:36:42.0397 5852 RasPppoe - ok
23:36:42.0413 5852 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:36:42.0413 5852 RasSstp - ok
23:36:42.0428 5852 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:36:42.0428 5852 rdbss - ok
23:36:42.0444 5852 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
23:36:42.0460 5852 rdpbus - ok
23:36:42.0460 5852 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:36:42.0460 5852 RDPCDD - ok
23:36:42.0506 5852 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
23:36:42.0522 5852 RDPDR - ok
23:36:42.0538 5852 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:36:42.0538 5852 RDPENCDD - ok
23:36:42.0538 5852 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
23:36:42.0538 5852 RDPREFMP - ok
23:36:42.0584 5852 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
23:36:42.0600 5852 RdpVideoMiniport - ok
23:36:42.0616 5852 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:36:42.0631 5852 RDPWD - ok
23:36:42.0647 5852 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
23:36:42.0647 5852 rdyboost - ok
23:36:42.0662 5852 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
23:36:42.0662 5852 RemoteAccess - ok
23:36:42.0662 5852 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:36:42.0662 5852 RemoteRegistry - ok
23:36:42.0678 5852 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
23:36:42.0678 5852 RpcEptMapper - ok
23:36:42.0678 5852 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
23:36:42.0694 5852 RpcLocator - ok
23:36:42.0694 5852 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
23:36:42.0694 5852 RpcSs - ok
23:36:42.0709 5852 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:36:42.0725 5852 rspndr - ok
23:36:42.0756 5852 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
23:36:42.0756 5852 s3cap - ok
23:36:42.0756 5852 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
23:36:42.0756 5852 SamSs - ok
23:36:42.0772 5852 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:36:42.0787 5852 sbp2port - ok
23:36:42.0803 5852 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:36:42.0803 5852 SCardSvr - ok
23:36:42.0834 5852 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
23:36:42.0834 5852 scfilter - ok
23:36:42.0896 5852 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
23:36:42.0912 5852 Schedule - ok
23:36:42.0943 5852 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
23:36:42.0943 5852 SCPolicySvc - ok
23:36:42.0990 5852 [ 490B0B68BB938D5C628EC4A67277BE75 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
23:36:43.0006 5852 ScreamBAudioSvc - ok
23:36:43.0006 5852 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:36:43.0021 5852 SDRSVC - ok
23:36:43.0037 5852 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:36:43.0052 5852 secdrv - ok
23:36:43.0052 5852 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
23:36:43.0052 5852 seclogon - ok
23:36:43.0052 5852 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
23:36:43.0052 5852 SENS - ok
23:36:43.0068 5852 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
23:36:43.0068 5852 SensrSvc - ok
23:36:43.0084 5852 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
23:36:43.0084 5852 Serenum - ok
23:36:43.0099 5852 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
23:36:43.0130 5852 Serial - ok
23:36:43.0130 5852 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
23:36:43.0146 5852 sermouse - ok
23:36:43.0162 5852 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
23:36:43.0162 5852 SessionEnv - ok
23:36:43.0208 5852 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:36:43.0224 5852 sffdisk - ok
23:36:43.0255 5852 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:36:43.0271 5852 sffp_mmc - ok
23:36:43.0302 5852 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:36:43.0302 5852 sffp_sd - ok
23:36:43.0302 5852 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
23:36:43.0318 5852 sfloppy - ok
23:36:43.0333 5852 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:36:43.0333 5852 SharedAccess - ok
23:36:43.0349 5852 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:36:43.0349 5852 ShellHWDetection - ok
23:36:43.0380 5852 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:36:43.0380 5852 SiSRaid2 - ok
23:36:43.0396 5852 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
23:36:43.0396 5852 SiSRaid4 - ok
23:36:43.0427 5852 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
23:36:43.0427 5852 SkypeUpdate - ok
23:36:43.0442 5852 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:36:43.0442 5852 Smb - ok
23:36:43.0458 5852 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:36:43.0458 5852 SNMPTRAP - ok
23:36:43.0520 5852 [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan C:\Windows\syswow64\speedfan.sys
23:36:43.0520 5852 speedfan - ok
23:36:43.0520 5852 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
23:36:43.0536 5852 spldr - ok
23:36:43.0567 5852 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
23:36:43.0567 5852 Spooler - ok
23:36:43.0630 5852 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
23:36:43.0676 5852 sppsvc - ok
23:36:43.0692 5852 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
23:36:43.0692 5852 sppuinotify - ok
23:36:43.0739 5852 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
23:36:43.0754 5852 srv - ok
23:36:43.0770 5852 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:36:43.0786 5852 srv2 - ok
23:36:43.0786 5852 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:36:43.0786 5852 srvnet - ok
23:36:43.0801 5852 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:36:43.0801 5852 SSDPSRV - ok
23:36:43.0801 5852 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:36:43.0801 5852 SstpSvc - ok
23:36:43.0832 5852 Steam Client Service - ok
23:36:43.0895 5852 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
23:36:43.0895 5852 Stereo Service - ok
23:36:43.0910 5852 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
23:36:43.0910 5852 stexstor - ok
23:36:43.0910 5852 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
23:36:43.0926 5852 stisvc - ok
23:36:43.0926 5852 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
23:36:43.0926 5852 storflt - ok
23:36:43.0942 5852 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
23:36:43.0942 5852 storvsc - ok
23:36:43.0957 5852 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
23:36:43.0973 5852 swenum - ok
23:36:43.0988 5852 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
23:36:43.0988 5852 swprv - ok
23:36:44.0004 5852 Synth3dVsc - ok
23:36:44.0035 5852 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
23:36:44.0051 5852 SysMain - ok
23:36:44.0098 5852 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:36:44.0098 5852 TabletInputService - ok
23:36:44.0129 5852 [ B08740047145B9BCE15BF75CA0F9718A ] tap0901t C:\Windows\system32\DRIVERS\tap0901t.sys
23:36:44.0129 5852 tap0901t - ok
23:36:44.0144 5852 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
23:36:44.0144 5852 TapiSrv - ok
23:36:44.0160 5852 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
23:36:44.0160 5852 TBS - ok
23:36:44.0207 5852 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:36:44.0254 5852 Tcpip - ok
23:36:44.0269 5852 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
23:36:44.0269 5852 TCPIP6 - ok
23:36:44.0300 5852 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:36:44.0300 5852 tcpipreg - ok
23:36:44.0316 5852 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:36:44.0332 5852 TDPIPE - ok
23:36:44.0363 5852 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:36:44.0363 5852 TDTCP - ok
23:36:44.0394 5852 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:36:44.0410 5852 tdx - ok
23:36:44.0410 5852 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
23:36:44.0425 5852 TermDD - ok
23:36:44.0441 5852 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
23:36:44.0441 5852 TermService - ok
23:36:44.0456 5852 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
23:36:44.0456 5852 Themes - ok
23:36:44.0472 5852 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
23:36:44.0472 5852 THREADORDER - ok
23:36:44.0488 5852 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
23:36:44.0488 5852 TrkWks - ok
23:36:44.0519 5852 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:36:44.0534 5852 TrustedInstaller - ok
23:36:44.0566 5852 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:36:44.0566 5852 tssecsrv - ok
23:36:44.0581 5852 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
23:36:44.0597 5852 TsUsbFlt - ok
23:36:44.0597 5852 tsusbhub - ok
23:36:44.0659 5852 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:36:44.0675 5852 tunnel - ok
23:36:44.0722 5852 [ 0D8E46C7CBB2728ACCC54619A68FBB7B ] TunngleService C:\Program Files (x86)\Tunngle\TnglCtrl.exe
23:36:44.0722 5852 TunngleService - ok
23:36:44.0722 5852 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
23:36:44.0737 5852 uagp35 - ok
23:36:44.0753 5852 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:36:44.0753 5852 udfs - ok
23:36:44.0784 5852 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:36:44.0784 5852 UI0Detect - ok
23:36:44.0800 5852 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:36:44.0800 5852 uliagpkx - ok
23:36:44.0815 5852 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
23:36:44.0831 5852 umbus - ok
23:36:44.0846 5852 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
23:36:44.0846 5852 UmPass - ok
23:36:44.0862 5852 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
23:36:44.0862 5852 UmRdpService - ok
23:36:44.0956 5852 [ 193AD338F2A64D17300AD640ADFA5D0A ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
23:36:44.0956 5852 UNS - ok
23:36:44.0971 5852 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
23:36:44.0971 5852 upnphost - ok
23:36:44.0987 5852 [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829 ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
23:36:44.0987 5852 usbccgp - ok
23:36:45.0018 5852 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:36:45.0034 5852 usbcir - ok
23:36:45.0034 5852 [ 74EE782B1D9C241EFE425565854C661C ] usbehci C:\Windows\system32\drivers\usbehci.sys
23:36:45.0034 5852 usbehci - ok
23:36:45.0049 5852 [ DC96BD9CCB8403251BCF25047573558E ] usbhub C:\Windows\system32\drivers\usbhub.sys
23:36:45.0065 5852 usbhub - ok
23:36:45.0080 5852 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\drivers\usbohci.sys
23:36:45.0080 5852 usbohci - ok
23:36:45.0096 5852 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:36:45.0096 5852 usbprint - ok
23:36:45.0112 5852 [ D76510CFA0FC09023077F22C2F979D86 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
23:36:45.0127 5852 USBSTOR - ok
23:36:45.0143 5852 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
23:36:45.0143 5852 usbuhci - ok
23:36:45.0158 5852 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
23:36:45.0158 5852 UxSms - ok
23:36:45.0174 5852 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
23:36:45.0174 5852 VaultSvc - ok
23:36:45.0174 5852 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
23:36:45.0190 5852 vdrvroot - ok
23:36:45.0205 5852 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
23:36:45.0205 5852 vds - ok
23:36:45.0221 5852 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:36:45.0221 5852 vga - ok
23:36:45.0236 5852 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
23:36:45.0236 5852 VgaSave - ok
23:36:45.0236 5852 VGPU - ok
23:36:45.0268 5852 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
23:36:45.0268 5852 vhdmp - ok
23:36:45.0283 5852 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
23:36:45.0299 5852 viaide - ok
23:36:45.0299 5852 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
23:36:45.0330 5852 vmbus - ok
23:36:45.0346 5852 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
23:36:45.0361 5852 VMBusHID - ok
23:36:45.0361 5852 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:36:45.0377 5852 volmgr - ok
23:36:45.0392 5852 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:36:45.0814 5852 volmgrx - ok
23:36:45.0845 5852 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:36:45.0845 5852 volsnap - ok
23:36:45.0860 5852 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
23:36:45.0876 5852 vsmraid - ok
23:36:45.0907 5852 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
23:36:45.0923 5852 VSS - ok
23:36:45.0938 5852 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
23:36:45.0938 5852 vwifibus - ok
23:36:45.0954 5852 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
23:36:45.0954 5852 W32Time - ok
23:36:45.0970 5852 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
23:36:45.0970 5852 WacomPen - ok
23:36:45.0970 5852 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:36:45.0985 5852 WANARP - ok
23:36:45.0985 5852 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:36:45.0985 5852 Wanarpv6 - ok
23:36:46.0032 5852 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
23:36:46.0048 5852 WatAdminSvc - ok
23:36:46.0110 5852 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
23:36:46.0126 5852 wbengine - ok
23:36:46.0126 5852 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:36:46.0141 5852 WbioSrvc - ok
23:36:46.0141 5852 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:36:46.0141 5852 wcncsvc - ok
23:36:46.0157 5852 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:36:46.0157 5852 WcsPlugInService - ok
23:36:46.0172 5852 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
23:36:46.0172 5852 Wd - ok
23:36:46.0188 5852 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:36:46.0188 5852 Wdf01000 - ok
23:36:46.0204 5852 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:36:46.0204 5852 WdiServiceHost - ok
23:36:46.0204 5852 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:36:46.0204 5852 WdiSystemHost - ok
23:36:46.0235 5852 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
23:36:46.0250 5852 WebClient - ok
23:36:46.0250 5852 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:36:46.0250 5852 Wecsvc - ok
23:36:46.0266 5852 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:36:46.0266 5852 wercplsupport - ok
23:36:46.0266 5852 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
23:36:46.0266 5852 WerSvc - ok
23:36:46.0282 5852 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
23:36:46.0282 5852 WfpLwf - ok
23:36:46.0297 5852 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
23:36:46.0297 5852 WIMMount - ok
23:36:46.0313 5852 WinDefend - ok
23:36:46.0313 5852 WinHttpAutoProxySvc - ok
23:36:46.0344 5852 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:36:46.0344 5852 Winmgmt - ok
23:36:46.0375 5852 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
23:36:46.0406 5852 WinRM - ok
23:36:46.0422 5852 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
23:36:46.0422 5852 Wlansvc - ok
23:36:46.0500 5852 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:36:46.0531 5852 wlidsvc - ok
23:36:46.0547 5852 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
23:36:46.0547 5852 WmiAcpi - ok
23:36:46.0562 5852 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:36:46.0562 5852 wmiApSrv - ok
23:36:46.0578 5852 WMPNetworkSvc - ok
23:36:46.0578 5852 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:36:46.0594 5852 WPCSvc - ok
23:36:46.0594 5852 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:36:46.0594 5852 WPDBusEnum - ok
23:36:46.0609 5852 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:36:46.0609 5852 ws2ifsl - ok
23:36:46.0625 5852 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
23:36:46.0625 5852 wscsvc - ok
23:36:46.0625 5852 WSearch - ok
23:36:46.0687 5852 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
23:36:46.0718 5852 wuauserv - ok
23:36:46.0718 5852 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:36:46.0734 5852 WudfPf - ok
23:36:46.0765 5852 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:36:46.0765 5852 WUDFRd - ok
23:36:46.0796 5852 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:36:46.0796 5852 wudfsvc - ok
23:36:46.0812 5852 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
23:36:46.0812 5852 WwanSvc - ok
23:36:46.0874 5852 [ 4A5CE13408945E525503B5F73D29B9C5 ] xnacc C:\Windows\system32\DRIVERS\xnacc.sys
23:36:46.0874 5852 xnacc - ok
23:36:46.0890 5852 [ 2C6BC21B2D5B58D8B1D638C1704CB494 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
23:36:46.0890 5852 xusb21 - ok
23:36:46.0906 5852 ================ Scan global ===============================
23:36:46.0921 5852 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
23:36:46.0952 5852 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
23:36:46.0952 5852 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
23:36:46.0968 5852 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
23:36:46.0984 5852 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
23:36:46.0984 5852 [Global] - ok
23:36:46.0984 5852 ================ Scan MBR ==================================
23:36:46.0984 5852 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:36:47.0171 5852 \Device\Harddisk0\DR0 - ok
23:36:47.0171 5852 ================ Scan VBR ==================================
23:36:47.0171 5852 [ 988863BD2C7AD0E0998641E8A60C2355 ] \Device\Harddisk0\DR0\Partition1
23:36:47.0171 5852 \Device\Harddisk0\DR0\Partition1 - ok
23:36:47.0171 5852 [ 71072B1F1FC98E35AAAD3A40D698E9B6 ] \Device\Harddisk0\DR0\Partition2
23:36:47.0186 5852 \Device\Harddisk0\DR0\Partition2 - ok
23:36:47.0186 5852 ============================================================
23:36:47.0186 5852 Scan finished
23:36:47.0186 5852 ============================================================
23:36:47.0186 5320 Detected object count: 0
23:36:47.0186 5320 Actual detected object count: 0

Joey61 · Příspěvekod **Joey61** » 25 lis 2012 00:01

Log z ComboFixu.

ComboFix 12-11-24.02 - Joey 24.11.2012 23:52:37.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.8147.6683 [GMT 1:00]
Spuštěný z: c:\users\Joey\Desktop\ComboFix.exe
AV: ESET Smart Security 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\users\Joey\AppData\Roaming\Identities\{E7927442-8v23-436B-8409-951D004DCD3B}\mswin32.exe
c:\windows\SysWow64\tmp2B83.tmp
c:\windows\SysWow64\tmp2B93.tmp
c:\windows\SysWow64\tmp4F4C.tmp
c:\windows\SysWow64\tmp4F4D.tmp
c:\windows\SysWow64\tmp5897.tmp
c:\windows\SysWow64\tmp5898.tmp
c:\windows\SysWow64\tmpA515.tmp
c:\windows\SysWow64\tmpA526.tmp
c:\windows\SysWow64\tmpA789.tmp
c:\windows\SysWow64\tmpA78A.tmp
c:\windows\SysWow64\tmpFBFB.tmp
c:\windows\SysWow64\tmpFC0C.tmp
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-10-24 do 2012-11-24 )))))))))))))))))))))))))))))))
.
.
2012-11-24 22:57 . 2012-11-24 22:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-24 22:57 . 2012-11-24 22:57 -------- d-----w- c:\users\Wow\AppData\Local\temp
2012-11-24 22:52 . 2012-11-24 22:52 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{73529BBC-215F-4CF2-AD11-2C48B124AC5B}\offreg.dll
2012-11-24 21:31 . 2012-11-24 21:31 -------- d-----w- c:\users\Joey\AppData\Roaming\Malwarebytes
2012-11-24 21:31 . 2012-11-24 21:31 -------- d-----w- c:\programdata\Malwarebytes
2012-11-24 21:31 . 2012-11-24 21:31 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-11-24 21:31 . 2012-09-29 18:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-24 02:06 . 2012-11-19 00:01 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{73529BBC-215F-4CF2-AD11-2C48B124AC5B}\mpengine.dll
2012-11-23 21:02 . 2012-11-23 21:02 388096 ----a-r- c:\users\Joey\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-11-23 21:02 . 2012-11-23 21:02 -------- d-----w- c:\program files (x86)\Trend Micro
2012-11-23 20:54 . 2012-11-23 20:54 -------- d-sh--w- c:\users\Joey\msdata
2012-11-23 20:47 . 2012-11-23 20:54 -------- d-----w- c:\users\Joey\AppData\Local\Ubisoft Game Launcher
2012-11-23 20:46 . 2012-11-23 20:46 -------- d-----w- c:\program files (x86)\Ubisoft
2012-11-22 21:14 . 2012-11-22 21:14 -------- d-----w- c:\users\Joey\AppData\Roaming\JAM Software
2012-11-22 21:14 . 2012-11-22 21:14 -------- d-----w- c:\program files (x86)\JAM Software
2012-11-22 14:26 . 2012-11-22 14:26 -------- d-----w- c:\users\Wow\AppData\Local\VirtualStore
2012-11-22 14:26 . 2012-11-22 14:28 -------- d-----w- c:\users\Wow\AppData\Roaming\IObit
2012-11-22 12:07 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-11-22 12:07 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-11-22 12:07 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-11-21 19:38 . 2012-11-21 19:38 -------- d-----w- c:\users\Joey\AppData\Local\ESET
2012-11-21 19:35 . 2012-11-21 19:35 -------- d-----w- c:\program files\ESET
2012-11-21 19:08 . 2012-11-22 18:15 -------- d-----w- c:\programdata\Tunngle
2012-11-21 19:08 . 2012-11-22 18:14 -------- d-----w- c:\users\Joey\AppData\Roaming\Tunngle
2012-11-21 19:08 . 2012-11-21 19:09 -------- d-----w- c:\program files (x86)\Tunngle
2012-11-21 16:04 . 2012-11-21 16:04 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-11-21 16:04 . 2012-11-21 16:04 -------- d-----r- c:\program files (x86)\Skype
2012-11-21 15:25 . 2012-11-21 15:25 -------- d-----w- c:\windows\system32\SPReview
2012-11-21 15:25 . 2012-11-21 15:25 -------- d-----w- c:\windows\system32\EventProviders
2012-11-21 15:23 . 2012-10-29 20:04 66395536 ----a-w- c:\windows\system32\MRT.exe
2012-11-21 15:17 . 2010-11-20 13:27 1363968 ----a-w- c:\windows\system32\wdc.dll
2012-11-21 15:16 . 2010-11-20 13:27 529408 ----a-w- c:\windows\system32\wbemcomn.dll
2012-11-21 15:16 . 2010-11-20 13:27 244736 ----a-w- c:\program files\Windows Portable Devices\sqmapi.dll
2012-11-21 15:16 . 2010-11-20 13:27 244736 ----a-w- c:\windows\system32\sqmapi.dll
2012-11-21 15:05 . 2012-11-21 15:05 -------- d-----w- c:\programdata\Local Settings
2012-11-21 14:58 . 2012-10-18 18:25 3149824 ----a-w- c:\windows\system32\win32k.sys
2012-11-21 14:58 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2012-11-21 14:58 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll
2012-11-21 14:18 . 2012-11-22 02:30 -------- d-sh--w- c:\users\Joey\Userdata
2012-11-20 19:03 . 2012-11-20 19:03 -------- d-----w- c:\users\Joey\AppData\Roaming\PunkBuster
2012-11-20 02:58 . 2012-11-24 22:30 -------- d-sh--w- c:\users\Joey\Drivers
2012-11-20 02:09 . 2012-11-20 02:09 -------- d-----w- c:\users\Joey\AppData\Roaming\Assassin's Creed III
2012-11-19 22:41 . 2012-11-20 18:37 -------- d-----w- c:\programdata\Solidshield
2012-11-19 21:13 . 2012-11-19 21:13 -------- d-----w- c:\users\Owner
2012-11-19 21:13 . 2012-11-19 21:13 -------- d-----w- c:\users\Joey\AppData\Roaming\Rovio
2012-11-18 19:35 . 2012-11-18 19:35 -------- d-----w- c:\program files (x86)\Cheat Engine 6.1
2012-11-16 01:57 . 2012-11-16 01:57 -------- d-----w- c:\programdata\Origin
2012-11-15 04:11 . 2012-11-15 04:11 -------- d-----w- c:\windows\Simple Shutdown Timer
2012-11-15 04:11 . 2012-11-15 04:11 -------- d-----w- c:\program files (x86)\Simple Shutdown Timer
2012-11-15 04:11 . 2012-11-15 04:11 -------- d-----w- c:\users\Joey\AppData\Roaming\Sinvise Systems
2012-11-15 04:11 . 2012-11-15 04:11 -------- d-----w- c:\program files\Sinvise Systems
2012-11-15 00:28 . 2012-11-15 00:28 -------- d-----w- c:\users\Joey\AppData\Local\Programs
2012-11-14 18:28 . 2012-11-24 22:47 -------- d-----w- C:\Fraps
2012-11-13 02:33 . 2012-11-13 02:33 -------- d-----w- c:\program files\CCleaner
2012-11-13 02:33 . 2012-11-13 02:33 -------- d-----w- c:\programdata\IObit
2012-11-13 02:33 . 2012-11-24 22:48 -------- d-----w- c:\users\Joey\AppData\Roaming\IObit
2012-11-13 02:33 . 2012-11-13 02:33 -------- d-----w- c:\program files (x86)\IObit
2012-11-13 02:07 . 2012-11-13 02:07 -------- d-----w- c:\program files (x86)\CPUID
2012-11-13 02:07 . 2012-02-14 11:49 114176 ----a-w- c:\windows\SysWow64\PCWizard.cpl
2012-11-10 22:02 . 2012-11-10 22:02 -------- d-----w- c:\users\Joey\AppData\Roaming\Screaming Bee
2012-11-06 00:37 . 2012-11-08 22:13 -------- d-----w- c:\program files (x86)\Prime95
2012-11-05 22:38 . 2012-11-05 22:38 -------- d-----w- c:\users\Joey\AppData\Roaming\AnvSoft
2012-11-05 22:38 . 2012-11-05 22:38 -------- d-----w- c:\program files (x86)\AnvSoft
2012-11-01 21:30 . 2012-10-02 22:21 9146728 ----a-w- c:\windows\system32\nvcuda.dll
2012-10-31 23:28 . 2007-07-19 23:57 411496 ----a-w- c:\windows\system32\xactengine2_9.dll
2012-10-31 23:25 . 2012-10-31 23:25 -------- d-----w- c:\windows\E4D153288C89484BB9AAF5BE9EA6D01C.TMP
2012-10-29 20:40 . 2012-10-29 20:40 -------- d-----w- c:\users\Joey\AppData\Local\2K Games
2012-10-29 20:35 . 2012-10-29 20:35 -------- d-----w- C:\NVIDIA
2012-10-29 19:08 . 2012-10-29 19:08 -------- d-----w- c:\users\Joey\AppData\Roaming\Rockstar Games
2012-10-28 02:58 . 2012-10-28 23:33 1048576 ----a-w- c:\windows\PE_Rom.dll
2012-10-28 02:58 . 2012-10-28 02:58 -------- d-----w- c:\programdata\ASUS OC Profiles
2012-10-28 02:57 . 2012-10-28 02:57 -------- d-----w- c:\programdata\ASUS PowerControl Profiles
2012-10-28 02:47 . 2012-10-28 02:47 -------- d-----w- c:\program files\ASUS
2012-10-28 02:47 . 2012-10-28 02:41 46152 ----a-w- c:\windows\SysWow64\drivers\ASUSFILTER.sys
2012-10-28 02:45 . 2012-10-28 02:41 32400 ----a-w- c:\windows\system32\drivers\ndisrd.sys
2012-10-28 02:44 . 2012-10-28 02:41 14464 ----a-w- c:\windows\SysWow64\drivers\AsUpIO.sys
2012-10-28 02:44 . 2012-04-19 08:19 14848 ----a-w- c:\windows\SysWow64\drivers\AiChargerPlus.sys
2012-10-28 02:43 . 2008-12-02 19:05 184320 ----a-w- c:\windows\SysWow64\drivers\UpdateHelper.dll
2012-10-28 02:43 . 2001-09-05 03:18 225280 ----a-w- c:\program files (x86)\Common Files\InstallShield\IScript\iscript.dll
2012-10-28 02:43 . 2001-09-05 03:14 176128 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2012-10-28 02:43 . 2001-09-05 03:13 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2012-10-28 02:43 . 2001-09-05 03:18 77824 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2012-10-28 02:42 . 2012-10-28 02:41 614532 ----a-w- c:\program files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2012-10-28 02:42 . 2012-10-28 02:42 -------- d-----w- c:\programdata\ASUS
2012-10-28 02:42 . 2012-10-28 02:41 28672 ----a-w- c:\windows\SysWow64\AsIO.dll
2012-10-28 02:42 . 2012-10-28 02:41 15232 ----a-w- c:\windows\SysWow64\drivers\AsIO.sys
2012-10-28 02:42 . 2012-10-28 02:42 -------- d-----w- c:\windows\SysWow64\drivers\MFDLL
2012-10-28 02:42 . 2012-10-28 02:41 11832 ------w- c:\windows\SysWow64\drivers\AsInsHelp64.sys
2012-10-28 02:42 . 2012-10-28 02:41 10216 ------w- c:\windows\SysWow64\drivers\AsInsHelp32.sys
2012-10-28 02:12 . 2012-10-28 02:12 -------- d-----w- c:\windows\SysWow64\Wat
2012-10-28 02:12 . 2012-10-28 02:12 -------- d-----w- c:\windows\system32\Wat
2012-10-28 01:38 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2012-10-28 01:18 . 2012-10-28 01:18 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2012-10-28 01:11 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-10-28 01:11 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-10-28 01:11 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2012-10-28 01:11 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-10-28 01:11 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-10-27 15:59 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll
2012-10-27 15:58 . 2011-10-26 05:25 1572864 ----a-w- c:\windows\system32\quartz.dll
2012-10-27 15:57 . 2011-11-17 06:35 395776 ----a-w- c:\windows\system32\webio.dll
2012-10-27 15:57 . 2011-11-17 05:35 314880 ----a-w- c:\windows\SysWow64\webio.dll
2012-10-27 15:57 . 2012-06-06 06:06 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-10-27 15:57 . 2012-06-06 06:06 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-10-27 15:57 . 2012-06-06 05:05 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-10-27 15:57 . 2012-06-06 05:05 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-10-27 15:57 . 2010-06-26 03:55 2048 ----a-w- c:\windows\system32\msxml3r.dll
2012-10-27 15:57 . 2010-06-26 03:24 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2012-10-27 15:57 . 2011-10-26 05:21 43520 ----a-w- c:\windows\system32\csrsrv.dll
2012-10-27 15:57 . 2011-12-30 06:26 515584 ----a-w- c:\windows\system32\timedate.cpl
2012-10-27 15:57 . 2011-12-30 05:27 478720 ----a-w- c:\windows\SysWow64\timedate.cpl
2012-10-27 15:57 . 2011-02-24 06:15 476160 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2012-10-27 15:57 . 2011-02-24 05:38 288256 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2012-10-27 15:56 . 2012-08-30 18:03 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-10-27 15:56 . 2012-08-30 17:12 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-10-27 15:56 . 2012-08-30 17:12 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-10-27 15:56 . 2011-03-12 12:08 1465344 ----a-w- c:\windows\system32\XpsPrint.dll
2012-10-27 15:56 . 2011-03-12 11:23 870912 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2012-10-27 15:56 . 2011-03-11 06:34 1359872 ----a-w- c:\windows\system32\mfc42u.dll
2012-10-27 15:56 . 2011-03-11 06:34 1395712 ----a-w- c:\windows\system32\mfc42.dll
2012-10-27 15:56 . 2011-03-11 05:33 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll
2012-10-27 15:56 . 2011-03-11 05:33 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll
2012-10-27 15:56 . 2012-06-09 05:43 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-10-27 15:54 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-10-27 15:52 . 2012-08-24 18:05 220160 ----a-w- c:\windows\system32\wintrust.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-21 15:47 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-11-21 15:47 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-11-20 19:03 . 2012-08-27 03:33 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2012-11-20 19:03 . 2012-08-27 03:26 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-11-16 01:30 . 2012-06-21 08:37 669184 ----a-w- c:\windows\SysWow64\pbsvc.exe
2012-11-11 11:01 . 2012-08-15 20:03 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-11 11:01 . 2012-08-15 20:03 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-28 02:41 . 2012-05-17 17:57 26136 ----a-w- c:\windows\system32\drivers\ICCWDT.sys
2012-10-28 02:41 . 2012-05-17 17:57 1721576 ----a-w- c:\windows\system32\wdfcoinstaller01009.dll
2012-10-28 01:33 . 2012-10-28 01:33 203776 ----a-w- c:\windows\SysWow64\webcheck.dll
2012-10-28 01:33 . 2012-10-28 01:33 249344 ----a-w- c:\windows\system32\webcheck.dll
2012-10-27 01:53 . 2012-08-22 23:51 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-10-27 01:45 . 2012-08-27 03:26 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-10-08 20:37 . 2012-08-15 20:31 466520 ----a-w- c:\windows\system32\wrap_oal.dll
2012-10-08 20:37 . 2012-08-15 20:31 122968 ----a-w- c:\windows\system32\OpenAL32.dll
2012-10-08 20:37 . 2012-08-15 20:31 445016 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-10-08 20:37 . 2012-08-15 20:31 109144 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2012-10-02 22:21 . 2012-10-12 16:00 973672 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-10-02 22:21 . 2012-10-12 16:00 2731880 ----a-w- c:\windows\system32\nvapi64.dll
2012-10-02 22:21 . 2012-10-12 16:00 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll
2012-10-02 22:21 . 2012-10-12 16:00 18252136 ----a-w- c:\windows\system32\nvd3dumx.dll
2012-10-02 22:21 . 2012-10-12 16:00 1760104 ----a-w- c:\windows\system32\nvdispco64.dll
2012-10-02 22:21 . 2012-10-12 16:00 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2012-10-02 22:21 . 2012-10-12 16:00 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-10-02 22:21 . 2012-10-12 16:00 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-10-02 19:51 . 2012-10-12 16:02 3536817 ----a-w- c:\windows\system32\nvcoproc.bin
2012-10-02 19:51 . 2012-10-12 16:02 3293544 ----a-w- c:\windows\system32\nvsvc64.dll
2012-10-02 19:51 . 2012-10-12 16:02 6200680 ----a-w- c:\windows\system32\nvcpl.dll
2012-10-02 19:50 . 2012-10-12 16:02 891240 ----a-w- c:\windows\system32\nvvsvc.exe
2012-10-02 19:50 . 2012-10-12 16:02 63336 ----a-w- c:\windows\system32\nvshext.dll
2012-10-02 19:50 . 2012-10-12 16:02 2557800 ----a-w- c:\windows\system32\nvsvcr.dll
2012-10-02 19:50 . 2012-10-12 16:02 118120 ----a-w- c:\windows\system32\nvmctray.dll
2012-10-02 12:15 . 2012-10-02 12:15 430952 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2012-08-30 13:18 . 2012-08-30 13:18 71680 ----a-w- c:\windows\system32\frapsv64.dll
2012-08-30 13:18 . 2012-08-30 13:18 65536 ----a-w- c:\windows\SysWow64\frapsvid.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-08-15 895376]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
"Advanced SystemCare 6"="c:\program files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" [2012-09-24 490880]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-11-09 17877168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-08-15 291648]
"ASUS AiChargerPlus Execute"="c:\program files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe" [2012-08-20 550272]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
2;2 AsusFanControlService;AsusFanControlService [x]
R2 ASGT;ASGT;c:\windows\SysWOW64\ASGT.exe [2012-01-17 55296]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-08-15 114704]
R3 cpuz135;cpuz135;c:\program files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [2012-08-11 24368]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys [2009-12-01 38992]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe [2012-11-14 744856]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-10-28 1255736]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2011-08-04 62496]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-08-15 19264]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-08-15 283200]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2011-08-04 146432]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2011-08-04 38288]
S1 ndisrd;WinpkFilter LightWeight Filter;c:\windows\system32\DRIVERS\ndisrd.sys [2012-10-28 32400]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [2012-10-12 1026432]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-08-15 204288]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2012-10-28 920736]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2012-10-28 951936]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [2012-10-28 149120]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2011-08-09 202576]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2011-08-09 974944]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-02 628448]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [2012-03-12 190120]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-02-07 161560]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-02-07 363800]
S3 AiChargerPlus;AiChargerPlus;SysWow64\drivers\AiChargerPlus.sys [x]
S3 ALSysIO;ALSysIO;c:\users\Joey\AppData\Local\Temp\ALSysIO64.sys [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2011-11-03 130536]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2011-11-03 395752]
S3 ASUSFILTER;ASUSFILTER;SysWow64\drivers\ASUSFILTER.sys [x]
S3 hipeer20;Remobo Instant Private Network;c:\windows\system32\DRIVERS\remobo64.sys [2010-08-01 30720]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2011-05-27 160768]
S3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\DRIVERS\ICCWDT.sys [2012-10-28 26136]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-08-15 357184]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-08-15 789824]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
S4 IOMap;IOMap;c:\windows\system32\drivers\IOMap64.sys [2010-02-23 23680]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - ALSYSIO
.
Obsah adresáře 'Naplánované úlohy'
.
2012-11-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 11:01]
.
2012-11-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-15 16:47]
.
2012-11-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-15 16:47]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-08-15 6548112]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 825184]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-08-09 4030008]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://home.sweetim.com/?crg=3.1010000.10005&barid={7A8E1D87-EFEF-11E1-B26D-C86000A1A650}
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.20.1
FF - ProfilePath - c:\users\Joey\AppData\Roaming\Mozilla\Firefox\Profiles\66tjd9x7.default\
FF - prefs.js: browser.startup.homepage - szn.cz
FF - ExtSQL: 2012-10-01 20:31; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Joey\AppData\Roaming\Mozilla\Firefox\Profiles\66tjd9x7.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2012-10-08 18:09; {ab4b5718-3998-4a2c-91ae-18a7c2db513e}; c:\users\Joey\AppData\Roaming\Mozilla\Firefox\Profiles\66tjd9x7.default\extensions\{ab4b5718-3998-4a2c-91ae-18a7c2db513e}.xpi
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Explorer_Run-46923 - c:\progra~3\LOCALS~1\Temp\msquqaif.com
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
AddRemove-The First Templar - c:\program files (x86)\Kalypso Media\The First Templar\uninst.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1931917541-2785547761-4208433868-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:1f,3f,28,23,07,5d,85,26,03,67,ff,f0,bd,99,06,33,f2,02,4a,dc,e7,be,22,
21,c4,26,28,4b,0e,8e,54,9b,74,df,70,b5,3f,9c,c4,68,11,9e,93,c6,bd,84,b0,26,\
"??"=hex:4a,54,a8,c1,e8,10,ed,c8,8e,27,cf,f3,e0,fa,36,55
.
[HKEY_USERS\S-1-5-21-1931917541-2785547761-4208433868-1000\Software\SecuROM\License information*]
"datasecu"=hex:7d,e8,c4,d4,86,f7,f2,1d,75,fe,7b,71,75,21,d4,47,2a,95,a6,a2,6d,
48,f6,50,75,c8,c3,22,9d,3f,c4,b3,b6,1d,da,63,12,31,f7,b6,8a,61,b0,9f,b7,84,\
"rkeysecu"=hex:bb,4c,51,c5,ce,bb,49,4d,2f,ed,f4,cb,6d,44,f5,ef
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-11-24 23:59:53
ComboFix-quarantined-files.txt 2012-11-24 22:59
.
Před spuštěním: Volných bajtů: 336 032 018 432
Po spuštění: Volných bajtů: 336 744 472 576
.
- - End Of File - - E5446730DC15E100C56BA56BF35C2123

Příspěvekod **jaro3** » 25 lis 2012 10:54

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Google\Update

Driver::
SkypeUpdate

DDS::
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://home.sweetim.com/?crg=3.1010000.10005&barid={7A8E1D87-EFEF-11E1-B26D-C86000A1A650}

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Doporučená kontrola Logu Vyřešeno

Doporučená kontrola Logu

Re: Doporučená kontrola Logu

Re: Doporučená kontrola Logu

Re: Doporučená kontrola Logu

Re: Doporučená kontrola Logu

Re: Doporučená kontrola Logu

Re: Doporučená kontrola Logu

Re: Doporučená kontrola Logu

Re: Doporučená kontrola Logu

Re: Doporučená kontrola Logu

Re: Doporučená kontrola Logu

Re: Doporučená kontrola Logu

Kdo je online