HJT kontrola logu - pomalý NTB

[macwix]

11:32:10.0858 0x02f0 [ 907B5E1E4A592E5EDC5E4CCBDE4863C2, 7A3FA5B779CBBED46CA81328951B71352E4FC60153A91965877834EC7C6F0074 ] nmwcd C:\windows\system32\drivers\ccdcmbx64.sys
11:32:10.0874 0x02f0 nmwcd - ok
11:32:10.0967 0x02f0 [ 41C1AC1F3613435EB32D67BCB80A5FA5, 93A313BC4A7FA2FC3372CFBF2D76F417007B4A82455092724D3B0B6FA5A88F23 ] nmwcdc C:\windows\system32\drivers\ccdcmbox64.sys
11:32:10.0983 0x02f0 nmwcdc - ok
11:32:11.0014 0x02f0 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\windows\system32\drivers\Npfs.sys
11:32:11.0030 0x02f0 Npfs - ok
11:32:11.0092 0x02f0 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\windows\system32\nsisvc.dll
11:32:11.0092 0x02f0 nsi - ok
11:32:11.0154 0x02f0 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
11:32:11.0170 0x02f0 nsiproxy - ok
11:32:11.0404 0x02f0 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
11:32:11.0529 0x02f0 Ntfs - ok
11:32:11.0576 0x02f0 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\windows\system32\drivers\Null.sys
11:32:11.0591 0x02f0 Null - ok
11:32:11.0638 0x02f0 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\windows\system32\drivers\nvraid.sys
11:32:11.0654 0x02f0 nvraid - ok
11:32:11.0700 0x02f0 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\windows\system32\drivers\nvstor.sys
11:32:11.0716 0x02f0 nvstor - ok
11:32:11.0778 0x02f0 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\windows\system32\drivers\nv_agp.sys
11:32:11.0794 0x02f0 nv_agp - ok
11:32:11.0856 0x02f0 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
11:32:11.0888 0x02f0 ohci1394 - ok
11:32:11.0966 0x02f0 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:32:11.0966 0x02f0 ose - ok
11:32:12.0870 0x02f0 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:32:13.0276 0x02f0 osppsvc - ok
11:32:13.0385 0x02f0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\windows\system32\pnrpsvc.dll
11:32:13.0416 0x02f0 p2pimsvc - ok
11:32:13.0494 0x02f0 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\windows\system32\p2psvc.dll
11:32:13.0526 0x02f0 p2psvc - ok
11:32:13.0588 0x02f0 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\windows\system32\drivers\parport.sys
11:32:13.0604 0x02f0 Parport - ok
11:32:13.0650 0x02f0 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\windows\system32\drivers\partmgr.sys
11:32:13.0666 0x02f0 partmgr - ok
11:32:13.0713 0x02f0 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\windows\System32\pcasvc.dll
11:32:13.0728 0x02f0 PcaSvc - ok
11:32:13.0806 0x02f0 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\windows\system32\drivers\pci.sys
11:32:13.0822 0x02f0 pci - ok
11:32:13.0869 0x02f0 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\windows\system32\drivers\pciide.sys
11:32:13.0869 0x02f0 pciide - ok
11:32:13.0931 0x02f0 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\windows\system32\drivers\pcmcia.sys
11:32:13.0947 0x02f0 pcmcia - ok
11:32:14.0009 0x02f0 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\windows\system32\drivers\pcw.sys
11:32:14.0025 0x02f0 pcw - ok
11:32:14.0103 0x02f0 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\windows\system32\drivers\peauth.sys
11:32:14.0150 0x02f0 PEAUTH - ok
11:32:14.0290 0x02f0 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\windows\SysWow64\perfhost.exe
11:32:14.0306 0x02f0 PerfHost - ok
11:32:14.0524 0x02f0 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\windows\system32\pla.dll
11:32:14.0649 0x02f0 pla - ok
11:32:14.0727 0x02f0 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\windows\system32\umpnpmgr.dll
11:32:14.0758 0x02f0 PlugPlay - ok
11:32:14.0820 0x02f0 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
11:32:14.0820 0x02f0 PNRPAutoReg - ok
11:32:14.0883 0x02f0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\windows\system32\pnrpsvc.dll
11:32:14.0898 0x02f0 PNRPsvc - ok
11:32:14.0992 0x02f0 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
11:32:15.0023 0x02f0 PolicyAgent - ok
11:32:15.0101 0x02f0 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\windows\system32\umpo.dll
11:32:15.0117 0x02f0 Power - ok
11:32:15.0195 0x02f0 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
11:32:15.0210 0x02f0 PptpMiniport - ok
11:32:15.0273 0x02f0 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\windows\system32\drivers\processr.sys
11:32:15.0273 0x02f0 Processor - ok
11:32:15.0366 0x02f0 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\windows\system32\profsvc.dll
11:32:15.0382 0x02f0 ProfSvc - ok
11:32:15.0429 0x02f0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\windows\system32\lsass.exe
11:32:15.0429 0x02f0 ProtectedStorage - ok
11:32:15.0491 0x02f0 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\windows\system32\DRIVERS\pacer.sys
11:32:15.0507 0x02f0 Psched - ok
11:32:15.0647 0x02f0 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\windows\system32\drivers\ql2300.sys
11:32:15.0788 0x02f0 ql2300 - ok
11:32:15.0834 0x02f0 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\windows\system32\drivers\ql40xx.sys
11:32:15.0850 0x02f0 ql40xx - ok
11:32:15.0912 0x02f0 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\windows\system32\qwave.dll
11:32:15.0928 0x02f0 QWAVE - ok
11:32:15.0975 0x02f0 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
11:32:15.0975 0x02f0 QWAVEdrv - ok
11:32:16.0039 0x02f0 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
11:32:16.0039 0x02f0 RasAcd - ok
11:32:16.0102 0x02f0 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
11:32:16.0117 0x02f0 RasAgileVpn - ok
11:32:16.0195 0x02f0 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\windows\System32\rasauto.dll
11:32:16.0211 0x02f0 RasAuto - ok
11:32:16.0273 0x02f0 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
11:32:16.0289 0x02f0 Rasl2tp - ok
11:32:16.0351 0x02f0 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\windows\System32\rasmans.dll
11:32:16.0445 0x02f0 RasMan - ok
11:32:16.0507 0x02f0 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
11:32:16.0538 0x02f0 RasPppoe - ok
11:32:16.0585 0x02f0 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
11:32:16.0601 0x02f0 RasSstp - ok
11:32:16.0648 0x02f0 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
11:32:16.0679 0x02f0 rdbss - ok
11:32:16.0710 0x02f0 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\windows\system32\drivers\rdpbus.sys
11:32:16.0726 0x02f0 rdpbus - ok
11:32:16.0772 0x02f0 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
11:32:16.0772 0x02f0 RDPCDD - ok
11:32:16.0819 0x02f0 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
11:32:16.0835 0x02f0 RDPENCDD - ok
11:32:16.0882 0x02f0 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
11:32:16.0882 0x02f0 RDPREFMP - ok
11:32:16.0960 0x02f0 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
11:32:16.0975 0x02f0 RDPWD - ok
11:32:17.0038 0x02f0 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\windows\system32\drivers\rdyboost.sys
11:32:17.0053 0x02f0 rdyboost - ok
11:32:17.0116 0x02f0 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\windows\System32\mprdim.dll
11:32:17.0147 0x02f0 RemoteAccess - ok
11:32:17.0209 0x02f0 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\windows\system32\regsvc.dll
11:32:17.0225 0x02f0 RemoteRegistry - ok
11:32:17.0272 0x02f0 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
11:32:17.0287 0x02f0 RFCOMM - ok
11:32:17.0350 0x02f0 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
11:32:17.0365 0x02f0 RpcEptMapper - ok
11:32:17.0412 0x02f0 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\windows\system32\locator.exe
11:32:17.0428 0x02f0 RpcLocator - ok
11:32:17.0490 0x02f0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\windows\system32\rpcss.dll
11:32:17.0537 0x02f0 RpcSs - ok
11:32:17.0584 0x02f0 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
11:32:17.0584 0x02f0 rspndr - ok
11:32:17.0646 0x02f0 [ 218F14C0829D6F96317E1EB66988C507, 70606E6A89290E75FE2F09EF689BBD402F7C2175196D17162E916A60B6B19CC9 ] RT-USB C:\windows\system32\drivers\RT-USB64.SYS
11:32:17.0662 0x02f0 RT-USB - ok
11:32:17.0708 0x02f0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\windows\system32\lsass.exe
11:32:17.0708 0x02f0 SamSs - ok
11:32:17.0755 0x02f0 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\windows\system32\drivers\sbp2port.sys
11:32:17.0771 0x02f0 sbp2port - ok
11:32:17.0833 0x02f0 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\windows\System32\SCardSvr.dll
11:32:17.0849 0x02f0 SCardSvr - ok
11:32:17.0896 0x02f0 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
11:32:17.0896 0x02f0 scfilter - ok
11:32:18.0020 0x02f0 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\windows\system32\schedsvc.dll
11:32:18.0098 0x02f0 Schedule - ok
11:32:18.0161 0x02f0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\windows\System32\certprop.dll
11:32:18.0176 0x02f0 SCPolicySvc - ok
11:32:18.0223 0x02f0 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\windows\System32\SDRSVC.dll
11:32:18.0254 0x02f0 SDRSVC - ok
11:32:18.0332 0x02f0 [ CC781378E7EDA615D2CDCA3B17829FA4, 137BF83A2A3D69335AD031B8D73473526F782CB8917A34B3CD92F923E7660F2A ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
11:32:18.0364 0x02f0 SeaPort - ok
11:32:18.0410 0x02f0 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\windows\system32\drivers\secdrv.sys
11:32:18.0426 0x02f0 secdrv - ok
11:32:18.0473 0x02f0 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\windows\system32\seclogon.dll
11:32:18.0488 0x02f0 seclogon - ok
11:32:18.0520 0x02f0 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\windows\System32\sens.dll
11:32:18.0551 0x02f0 SENS - ok
11:32:18.0613 0x02f0 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\windows\system32\sensrsvc.dll
11:32:18.0613 0x02f0 SensrSvc - ok
11:32:18.0676 0x02f0 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\windows\system32\drivers\serenum.sys
11:32:18.0691 0x02f0 Serenum - ok
11:32:18.0754 0x02f0 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\windows\system32\drivers\serial.sys
11:32:18.0769 0x02f0 Serial - ok
11:32:18.0816 0x02f0 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\windows\system32\drivers\sermouse.sys
11:32:18.0832 0x02f0 sermouse - ok
11:32:18.0941 0x02f0 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\windows\system32\sessenv.dll
11:32:18.0972 0x02f0 SessionEnv - ok
11:32:19.0003 0x02f0 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\windows\system32\drivers\sffdisk.sys
11:32:19.0019 0x02f0 sffdisk - ok
11:32:19.0050 0x02f0 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
11:32:19.0050 0x02f0 sffp_mmc - ok
11:32:19.0081 0x02f0 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
11:32:19.0081 0x02f0 sffp_sd - ok
11:32:19.0144 0x02f0 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
11:32:19.0144 0x02f0 sfloppy - ok
11:32:19.0253 0x02f0 [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
11:32:19.0300 0x02f0 Sftfs - ok
11:32:19.0424 0x02f0 [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
11:32:19.0471 0x02f0 sftlist - ok
11:32:19.0549 0x02f0 [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
11:32:19.0565 0x02f0 Sftplay - ok
11:32:19.0596 0x02f0 [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
11:32:19.0612 0x02f0 Sftredir - ok
11:32:19.0643 0x02f0 [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
11:32:19.0658 0x02f0 Sftvol - ok
11:32:19.0721 0x02f0 [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
11:32:19.0736 0x02f0 sftvsa - ok
11:32:19.0814 0x02f0 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\windows\System32\ipnathlp.dll
11:32:19.0830 0x02f0 SharedAccess - ok
11:32:19.0908 0x02f0 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
11:32:19.0955 0x02f0 ShellHWDetection - ok
11:32:20.0002 0x02f0 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
11:32:20.0002 0x02f0 SiSRaid2 - ok
11:32:20.0064 0x02f0 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
11:32:20.0064 0x02f0 SiSRaid4 - ok
11:32:20.0158 0x02f0 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
11:32:20.0173 0x02f0 SkypeUpdate - ok
11:32:20.0251 0x02f0 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\windows\system32\DRIVERS\smb.sys
11:32:20.0251 0x02f0 Smb - ok
11:32:20.0329 0x02f0 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\windows\System32\snmptrap.exe
11:32:20.0345 0x02f0 SNMPTRAP - ok
11:32:20.0392 0x02f0 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\windows\system32\drivers\spldr.sys
11:32:20.0407 0x02f0 spldr - ok
11:32:20.0516 0x02f0 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\windows\System32\spoolsv.exe
11:32:20.0563 0x02f0 Spooler - ok
11:32:20.0875 0x02f0 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\windows\system32\sppsvc.exe
11:32:21.0172 0x02f0 sppsvc - ok
11:32:21.0265 0x02f0 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\windows\system32\sppuinotify.dll
11:32:21.0265 0x02f0 sppuinotify - ok
11:32:21.0374 0x02f0 [ A15860E920B02C9A7CE8F3A6C2FF1E3A, EC88ACD75D1423553C66E6706AD640A4BECD09E436172058FE137B0D7D339FB7 ] sptd C:\windows\System32\Drivers\sptd.sys
11:32:21.0421 0x02f0 sptd - ok
11:32:21.0499 0x02f0 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\windows\system32\DRIVERS\srv.sys
11:32:21.0530 0x02f0 srv - ok
11:32:21.0655 0x02f0 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
11:32:21.0686 0x02f0 srv2 - ok
11:32:21.0733 0x02f0 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
11:32:21.0749 0x02f0 srvnet - ok
11:32:21.0811 0x02f0 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
11:32:21.0842 0x02f0 SSDPSRV - ok
11:32:21.0889 0x02f0 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\windows\system32\sstpsvc.dll
11:32:21.0905 0x02f0 SstpSvc - ok
11:32:22.0014 0x02f0 [ E5C796B621F6FBA8616511063D7F0FFE, 447FA64F552D4B04AD029E01485B4438A70D9B9B98EB49A883D5B17ED4C1D52F ] StarWindServiceAE C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
11:32:22.0061 0x02f0 StarWindServiceAE - ok
11:32:22.0108 0x02f0 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\windows\system32\drivers\stexstor.sys
11:32:22.0139 0x02f0 stexstor - ok
11:32:22.0248 0x02f0 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\windows\System32\wiaservc.dll
11:32:22.0295 0x02f0 stisvc - ok
11:32:22.0342 0x02f0 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\windows\system32\DRIVERS\swenum.sys
11:32:22.0342 0x02f0 swenum - ok
11:32:22.0435 0x02f0 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\windows\System32\swprv.dll
11:32:22.0498 0x02f0 swprv - ok
11:32:22.0669 0x02f0 [ 5AD761BF492CECE3FD85D5FBA54A2C2F, BFA682A13C948CABF590D3B33C1CA4D968F6D6356F2E0E356A343B508371EAB6 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
11:32:22.0747 0x02f0 SynTP - ok
11:32:22.0919 0x02f0 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\windows\system32\sysmain.dll
11:32:23.0028 0x02f0 SysMain - ok
11:32:23.0122 0x02f0 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
11:32:23.0137 0x02f0 TabletInputService - ok
11:32:23.0200 0x02f0 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\windows\System32\tapisrv.dll
11:32:23.0246 0x02f0 TapiSrv - ok
11:32:23.0309 0x02f0 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\windows\System32\tbssvc.dll
11:32:23.0340 0x02f0 TBS - ok
11:32:23.0527 0x02f0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\windows\system32\drivers\tcpip.sys
11:32:23.0652 0x02f0 Tcpip - ok
11:32:23.0902 0x02f0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
11:32:24.0011 0x02f0 TCPIP6 - ok
11:32:24.0089 0x02f0 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
11:32:24.0104 0x02f0 tcpipreg - ok
11:32:24.0167 0x02f0 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
11:32:24.0182 0x02f0 TDPIPE - ok
11:32:24.0245 0x02f0 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
11:32:24.0245 0x02f0 TDTCP - ok
11:32:24.0323 0x02f0 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\windows\system32\DRIVERS\tdx.sys
11:32:24.0354 0x02f0 tdx - ok
11:32:24.0401 0x02f0 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\windows\system32\DRIVERS\termdd.sys
11:32:24.0432 0x02f0 TermDD - ok
11:32:24.0526 0x02f0 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\windows\System32\termsrv.dll
11:32:24.0619 0x02f0 TermService - ok
11:32:24.0682 0x02f0 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\windows\system32\themeservice.dll
11:32:24.0697 0x02f0 Themes - ok
11:32:24.0744 0x02f0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\windows\system32\mmcss.dll
11:32:24.0775 0x02f0 THREADORDER - ok
11:32:24.0884 0x02f0 [ 69D76CE06BB629B69165C81D83A4B03E, 0B0C4BD405E4234501B1331F30BA68B839D1E6B2D83A5DE8693C45110981E863 ] TiMiniService C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
11:32:24.0916 0x02f0 TiMiniService - ok
11:32:24.0962 0x02f0 [ 73AAFFDD2AC3C8814B26C440E5DD9DD4, 9A4F6C31C36752ADCEEFBB54F685CA8029391C4F2BEB6569ABB4A1E4823C0DF0 ] tmactmon C:\windows\system32\DRIVERS\tmactmon.sys
11:32:24.0994 0x02f0 tmactmon - ok
11:32:25.0056 0x02f0 [ 360E61217D4E1E333583D0C721057F70, 7B4CFB53DB8CF4D65F14F28D9951B5D0E957566ABA340B11BBDBB29FC224244D ] tmcomm C:\windows\system32\DRIVERS\tmcomm.sys
11:32:25.0087 0x02f0 tmcomm - ok
11:32:25.0118 0x02f0 [ 699D34EB7C670139CA23A65372BD5743, B09A20AC120FBBE1FEFFF750B75FBB2FC0C9D449F435A2E9D7016377FF36EEDA ] tmevtmgr C:\windows\system32\DRIVERS\tmevtmgr.sys
11:32:25.0134 0x02f0 tmevtmgr - ok
11:32:25.0212 0x02f0 [ 262198EFB734012BFCD17E7479AE4A09, 862316B66590D7DD07C57576642E582D7B7E6D041962D6367BEDD2810F814341 ] tmtdi C:\windows\system32\DRIVERS\tmtdi.sys
11:32:25.0228 0x02f0 tmtdi - ok
11:32:25.0306 0x02f0 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\windows\System32\trkwks.dll
11:32:25.0352 0x02f0 TrkWks - ok
11:32:25.0462 0x02f0 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
11:32:25.0508 0x02f0 TrustedInstaller - ok
11:32:25.0602 0x02f0 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
11:32:25.0618 0x02f0 tssecsrv - ok
11:32:25.0680 0x02f0 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
11:32:25.0711 0x02f0 TsUsbFlt - ok
11:32:25.0774 0x02f0 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
11:32:25.0805 0x02f0 TsUsbGD - ok
11:32:25.0867 0x02f0 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
11:32:25.0898 0x02f0 tunnel - ok
11:32:25.0945 0x02f0 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\windows\system32\drivers\uagp35.sys
11:32:25.0976 0x02f0 uagp35 - ok
11:32:26.0039 0x02f0 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\windows\system32\DRIVERS\udfs.sys
11:32:26.0086 0x02f0 udfs - ok
11:32:26.0179 0x02f0 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\windows\system32\UI0Detect.exe
11:32:26.0195 0x02f0 UI0Detect - ok
11:32:26.0257 0x02f0 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
11:32:26.0288 0x02f0 uliagpkx - ok
11:32:26.0351 0x02f0 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\windows\system32\DRIVERS\umbus.sys
11:32:26.0366 0x02f0 umbus - ok
11:32:26.0460 0x02f0 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\windows\system32\DRIVERS\umpass.sys
11:32:26.0460 0x02f0 UmPass - ok
11:32:26.0554 0x02f0 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\windows\System32\upnphost.dll
11:32:26.0585 0x02f0 upnphost - ok
11:32:26.0647 0x02f0 [ 4E93C8496359E97830C75AC36393654D, D0482257B019512D77484D92E4DEFEFE4FED53CB440ACB7AA879D6FD0574FA9A ] upperdev C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys
11:32:26.0647 0x02f0 upperdev - ok
11:32:26.0710 0x02f0 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
11:32:26.0741 0x02f0 usbccgp - ok
11:32:26.0803 0x02f0 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\windows\system32\drivers\usbcir.sys
11:32:26.0850 0x02f0 usbcir - ok
11:32:26.0897 0x02f0 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
11:32:26.0897 0x02f0 usbehci - ok
11:32:26.0975 0x02f0 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
11:32:27.0022 0x02f0 usbhub - ok
11:32:27.0068 0x02f0 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
11:32:27.0084 0x02f0 usbohci - ok
11:32:27.0131 0x02f0 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\windows\system32\drivers\usbprint.sys
11:32:27.0146 0x02f0 usbprint - ok
11:32:27.0209 0x02f0 [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser C:\windows\system32\drivers\usbser.sys
11:32:27.0209 0x02f0 usbser - ok
11:32:27.0256 0x02f0 [ 8844CB19A37B65E27049D4A7786726A9, 4D772174A320F02E2F87BDF8C6EBBFDE04C9763D3C21FE9557DE938521508A59 ] UsbserFilt C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys
11:32:27.0271 0x02f0 UsbserFilt - ok
11:32:27.0318 0x02f0 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
11:32:27.0334 0x02f0 USBSTOR - ok
11:32:27.0380 0x02f0 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
11:32:27.0396 0x02f0 usbuhci - ok
11:32:27.0490 0x02f0 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
11:32:27.0505 0x02f0 usbvideo - ok
11:32:27.0552 0x02f0 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\windows\System32\uxsms.dll
11:32:27.0583 0x02f0 UxSms - ok
11:32:27.0630 0x02f0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\windows\system32\lsass.exe
11:32:27.0646 0x02f0 VaultSvc - ok
11:32:27.0724 0x02f0 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
11:32:27.0724 0x02f0 vdrvroot - ok
11:32:27.0817 0x02f0 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\windows\System32\vds.exe
11:32:27.0864 0x02f0 vds - ok
11:32:27.0911 0x02f0 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
11:32:27.0942 0x02f0 vga - ok
11:32:27.0973 0x02f0 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\windows\System32\drivers\vga.sys
11:32:27.0973 0x02f0 VgaSave - ok
11:32:28.0036 0x02f0 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\windows\system32\drivers\vhdmp.sys
11:32:28.0051 0x02f0 vhdmp - ok
11:32:28.0098 0x02f0 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\windows\system32\drivers\viaide.sys
11:32:28.0145 0x02f0 viaide - ok
11:32:28.0210 0x02f0 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\windows\system32\drivers\volmgr.sys
11:32:28.0210 0x02f0 volmgr - ok
11:32:28.0288 0x02f0 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\windows\system32\drivers\volmgrx.sys
11:32:28.0304 0x02f0 volmgrx - ok
11:32:28.0366 0x02f0 [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap C:\windows\system32\drivers\volsnap.sys
11:32:28.0397 0x02f0 volsnap - ok
11:32:28.0460 0x02f0 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\windows\system32\drivers\vsmraid.sys
11:32:28.0522 0x02f0 vsmraid - ok
11:32:28.0709 0x02f0 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\windows\system32\vssvc.exe
11:32:28.0897 0x02f0 VSS - ok
11:32:28.0943 0x02f0 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
11:32:28.0943 0x02f0 vwifibus - ok
11:32:29.0006 0x02f0 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
11:32:29.0037 0x02f0 vwififlt - ok
11:32:29.0115 0x02f0 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\windows\system32\w32time.dll
11:32:29.0162 0x02f0 W32Time - ok
11:32:29.0209 0x02f0 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\windows\system32\drivers\wacompen.sys
11:32:29.0240 0x02f0 WacomPen - ok
11:32:29.0318 0x02f0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
11:32:29.0318 0x02f0 WANARP - ok
11:32:29.0349 0x02f0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
11:32:29.0365 0x02f0 Wanarpv6 - ok
11:32:29.0552 0x02f0 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
11:32:29.0692 0x02f0 WatAdminSvc - ok
11:32:29.0864 0x02f0 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\windows\system32\wbengine.exe
11:32:30.0020 0x02f0 wbengine - ok
11:32:30.0082 0x02f0 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\windows\System32\wbiosrvc.dll
11:32:30.0113 0x02f0 WbioSrvc - ok
11:32:30.0191 0x02f0 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\windows\System32\wcncsvc.dll
11:32:30.0238 0x02f0 wcncsvc - ok
11:32:30.0269 0x02f0 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
11:32:30.0285 0x02f0 WcsPlugInService - ok
11:32:30.0332 0x02f0 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\windows\system32\drivers\wd.sys
11:32:30.0379 0x02f0 Wd - ok
11:32:30.0488 0x02f0 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
11:32:30.0550 0x02f0 Wdf01000 - ok
11:32:30.0613 0x02f0 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\windows\system32\wdi.dll
11:32:30.0628 0x02f0 WdiServiceHost - ok
11:32:30.0659 0x02f0 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\windows\system32\wdi.dll
11:32:30.0675 0x02f0 WdiSystemHost - ok
11:32:30.0753 0x02f0 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\windows\System32\webclnt.dll
11:32:30.0784 0x02f0 WebClient - ok
11:32:30.0862 0x02f0 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\windows\system32\wecsvc.dll
11:32:30.0878 0x02f0 Wecsvc - ok
11:32:30.0925 0x02f0 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\windows\System32\wercplsupport.dll
11:32:30.0940 0x02f0 wercplsupport - ok
11:32:31.0003 0x02f0 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\windows\System32\WerSvc.dll
11:32:31.0018 0x02f0 WerSvc - ok
11:32:31.0096 0x02f0 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
11:32:31.0096 0x02f0 WfpLwf - ok
11:32:31.0143 0x02f0 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\windows\system32\drivers\wimmount.sys
11:32:31.0159 0x02f0 WIMMount - ok
11:32:31.0206 0x02f0 WinDefend - ok
11:32:31.0271 0x02f0 WinHttpAutoProxySvc - ok
11:32:31.0380 0x02f0 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
11:32:31.0395 0x02f0 Winmgmt - ok
11:32:31.0629 0x02f0 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\windows\system32\WsmSvc.dll
11:32:31.0754 0x02f0 WinRM - ok
11:32:31.0879 0x02f0 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
11:32:31.0895 0x02f0 WinUsb - ok
11:32:31.0988 0x02f0 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\windows\System32\wlansvc.dll
11:32:32.0066 0x02f0 Wlansvc - ok
11:32:32.0144 0x02f0 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:32:32.0144 0x02f0 wlcrasvc - ok
11:32:32.0409 0x02f0 [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:32:32.0550 0x02f0 wlidsvc - ok
11:32:32.0597 0x02f0 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
11:32:32.0612 0x02f0 WmiAcpi - ok
11:32:32.0690 0x02f0 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
11:32:32.0721 0x02f0 wmiApSrv - ok
11:32:32.0768 0x02f0 WMPNetworkSvc - ok
11:32:32.0831 0x02f0 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\windows\System32\wpcsvc.dll
11:32:32.0846 0x02f0 WPCSvc - ok
11:32:32.0893 0x02f0 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
11:32:32.0909 0x02f0 WPDBusEnum - ok
11:32:32.0955 0x02f0 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
11:32:32.0971 0x02f0 ws2ifsl - ok
11:32:33.0018 0x02f0 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\windows\System32\wscsvc.dll
11:32:33.0065 0x02f0 wscsvc - ok
11:32:33.0096 0x02f0 WSearch - ok
11:32:33.0361 0x02f0 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\windows\system32\wuaueng.dll
11:32:33.0564 0x02f0 wuauserv - ok
11:32:33.0657 0x02f0 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
11:32:33.0673 0x02f0 WudfPf - ok
11:32:33.0735 0x02f0 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
11:32:33.0767 0x02f0 WUDFRd - ok
11:32:33.0829 0x02f0 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\windows\System32\WUDFSvc.dll
11:32:33.0845 0x02f0 wudfsvc - ok
11:32:33.0907 0x02f0 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\windows\System32\wwansvc.dll
11:32:33.0938 0x02f0 WwanSvc - ok
11:32:34.0032 0x02f0 ================ Scan global ===============================
11:32:34.0063 0x02f0 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll
11:32:34.0141 0x02f0 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
11:32:34.0188 0x02f0 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
11:32:34.0250 0x02f0 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
11:32:34.0313 0x02f0 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\windows\system32\services.exe
11:32:34.0328 0x02f0 [ Global ] - ok
11:32:34.0344 0x02f0 ================ Scan MBR ==================================
11:32:34.0359 0x02f0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:32:34.0781 0x02f0 \Device\Harddisk0\DR0 - ok
11:32:34.0781 0x02f0 ================ Scan VBR ==================================
11:32:34.0812 0x02f0 [ E8BC09CF6AACC62AD0391A2947D984E0 ] \Device\Harddisk0\DR0\Partition1
11:32:34.0812 0x02f0 \Device\Harddisk0\DR0\Partition1 - ok
11:32:34.0859 0x02f0 [ 32F309BC7320630040E5223D1FF2C22E ] \Device\Harddisk0\DR0\Partition2
11:32:34.0859 0x02f0 \Device\Harddisk0\DR0\Partition2 - ok
11:32:34.0874 0x02f0 ================ Scan generic autorun ======================
11:32:34.0874 0x02f0 SynTPEnh - ok
11:32:34.0890 0x02f0 SynAsusAcpi - ok
11:32:34.0999 0x02f0 [ 58BC9B644E6B252C8337AD501B04692A, D78B436C86ACE190E275758A150D0296F55BC1407A90918916A7E085DF6C822D ] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe
11:32:35.0015 0x02f0 Trend Micro Client Framework - ok
11:32:35.0935 0x02f0 [ A042FB145907E867A19D5CAC06A9EFB1, 727A3D429E48D22D7D7BA573E8717D2786422A92FB1F5CCA591AF8AC36761701 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
11:32:36.0793 0x02f0 RtHDVCpl - ok
11:32:37.0261 0x02f0 [ 5CA0EB9538C6ACEBDC3593FC53527B9D, 35AC60899254C7414FF42BCDA4165FB58F6369BD5EDCAC24EBB1B5A095664CAC ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
11:32:37.0542 0x02f0 AvastUI.exe - ok
11:32:37.0729 0x02f0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:32:37.0807 0x02f0 Sidebar - ok
11:32:37.0869 0x02f0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:32:37.0869 0x02f0 mctadmin - ok
11:32:37.0994 0x02f0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:32:38.0057 0x02f0 Sidebar - ok
11:32:38.0103 0x02f0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:32:38.0119 0x02f0 mctadmin - ok
11:32:38.0259 0x02f0 AV detected via SS2: Trend Micro Titanium, C:\Program Files\Trend Micro\Titanium\wschandler.exe ( 3.0.0.1345 ), 0x40010 ( disabled : outofdate )
11:32:38.0322 0x02f0 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2018.391 ), 0x40000 ( disabled : updated )
11:32:38.0337 0x02f0 Win FW state via NFP2: disabled
11:32:41.0223 0x02f0 ============================================================
11:32:41.0223 0x02f0 Scan finished
11:32:41.0223 0x02f0 ============================================================
11:32:41.0255 0x1560 Detected object count: 0
11:32:41.0255 0x1560 Actual detected object count: 0
11:32:47.0058 0x0e58 Deinitialize success

[Reklama]

[Orcus]

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.

Pokud budou problémy , spusť v nouz. režimu.

[macwix]

ComboFix (by sUBs)

ComboFix 14-06-13.01 - Katka 14.06.2014 14:20:45.1.1 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.749.175 [GMT 2:00]
Spuštěný z: c:\users\Katka\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Trend Micro Titanium *Disabled/Outdated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Trend Micro Titanium *Disabled/Outdated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-05-14 do 2014-06-14 )))))))))))))))))))))))))))))))
.
.
2014-06-14 12:54 . 2014-06-14 12:54 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-06-14 05:42 . 2014-04-30 23:20 10702536 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{775D40C4-CAED-49A2-B1E9-56CAB83C2DC1}\mpengine.dll
2014-06-13 09:34 . 2014-06-13 09:34 0 ----a-w- c:\windows\SysWow64\sho84FC.tmp
2014-06-12 16:59 . 2014-06-12 16:59 -------- d-----w- c:\programdata\RogueKiller
2014-06-11 12:20 . 2014-06-11 12:20 -------- d-----w- c:\windows\ERUNT
2014-06-11 05:47 . 2014-04-25 02:34 801280 ----a-w- c:\windows\system32\usp10.dll
2014-06-11 05:47 . 2014-04-25 02:06 626688 ----a-w- c:\windows\SysWow64\usp10.dll
2014-06-11 05:47 . 2014-04-05 02:47 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2014-06-11 05:47 . 2014-04-05 02:47 288192 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2014-06-11 05:47 . 2014-03-26 14:44 2002432 ----a-w- c:\windows\system32\msxml6.dll
2014-06-11 05:47 . 2014-03-26 14:44 1882112 ----a-w- c:\windows\system32\msxml3.dll
2014-06-11 05:47 . 2014-03-26 14:27 1389056 ----a-w- c:\windows\SysWow64\msxml6.dll
2014-06-11 05:47 . 2014-03-26 14:27 1237504 ----a-w- c:\windows\SysWow64\msxml3.dll
2014-06-11 05:47 . 2014-03-26 14:41 2048 ----a-w- c:\windows\system32\msxml6r.dll
2014-06-11 05:47 . 2014-03-26 14:25 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll
2014-06-11 05:47 . 2014-03-26 14:41 2048 ----a-w- c:\windows\system32\msxml3r.dll
2014-06-11 05:47 . 2014-03-26 14:25 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2014-06-11 05:45 . 2014-05-30 09:11 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-06-11 05:45 . 2014-05-30 10:21 23414784 ----a-w- c:\windows\system32\mshtml.dll
2014-06-11 05:44 . 2014-06-08 09:13 506368 ----a-w- c:\windows\system32\aepdu.dll
2014-06-11 05:44 . 2014-06-08 09:08 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-06-10 13:00 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-06-10 12:57 . 2014-06-11 10:44 -------- d-----w- C:\AdwCleaner
2014-06-10 12:44 . 2014-06-10 12:44 -------- d-----w- c:\users\Katka\AppData\Local\ASUS
2014-06-10 11:54 . 2014-06-14 10:22 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-06-10 11:48 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-06-10 11:48 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-06-10 11:48 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-06-10 11:48 . 2014-06-10 11:49 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-06-10 11:48 . 2014-06-10 11:48 -------- d-----w- c:\programdata\Malwarebytes
2014-06-10 11:47 . 2014-06-10 11:47 -------- d-----w- c:\users\Katka\AppData\Local\Programs
2014-06-06 10:35 . 2014-06-06 10:38 -------- d-----w- c:\users\Katka\AppData\Roaming\Dropbox
2014-06-05 09:50 . 2014-06-05 09:50 -------- d-----w- c:\users\Katka\AppData\Roaming\AVAST Software
2014-06-05 09:40 . 2014-06-05 10:12 85328 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-06-05 09:40 . 2014-06-05 09:40 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-06-05 09:40 . 2014-06-05 09:40 43152 ----a-w- c:\windows\avastSS.scr
2014-06-05 09:29 . 2014-06-05 09:40 208416 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-06-05 09:29 . 2014-06-05 09:40 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-12 06:51 . 2012-03-18 19:16 95414520 ----a-w- c:\windows\system32\MRT.exe
2014-06-05 10:12 . 2011-12-30 12:40 423240 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-06-05 10:12 . 2011-12-30 12:40 1039096 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-06-05 09:40 . 2011-12-30 12:40 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-06-05 09:40 . 2011-12-30 12:40 334648 ----a-w- c:\windows\system32\aswBoot.exe
2014-06-05 09:40 . 2012-10-17 08:12 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-04-25 05:37 . 2014-04-25 05:37 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2014-04-25 05:36 . 2014-04-25 05:36 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2014-04-25 05:36 . 2014-04-25 05:36 235008 ----a-w- c:\windows\system32\elshyph.dll
2014-04-25 05:36 . 2014-04-25 05:36 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-04-25 05:36 . 2014-04-25 05:36 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2014-04-25 05:36 . 2014-04-25 05:36 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2014-04-25 05:36 . 2014-04-25 05:36 337408 ----a-w- c:\windows\SysWow64\html.iec
2014-04-25 05:36 . 2014-04-25 05:36 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2014-04-25 05:36 . 2014-04-25 05:36 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2014-04-25 05:36 . 2014-04-25 05:36 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2014-04-25 05:36 . 2014-04-25 05:36 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-04-25 05:36 . 2014-04-25 05:36 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2014-04-25 05:36 . 2014-04-25 05:36 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2014-04-25 05:36 . 2014-04-25 05:36 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2014-04-25 05:36 . 2014-04-25 05:36 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2014-04-25 05:36 . 2014-04-25 05:36 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2014-04-25 05:36 . 2014-04-25 05:36 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2014-04-25 05:36 . 2014-04-25 05:36 942592 ----a-w- c:\windows\system32\jsIntl.dll
2014-04-25 05:36 . 2014-04-25 05:36 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2014-04-25 05:36 . 2014-04-25 05:36 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2014-04-25 05:36 . 2014-04-25 05:36 247808 ----a-w- c:\windows\system32\msls31.dll
2014-04-25 05:36 . 2014-04-25 05:36 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2014-04-25 05:36 . 2014-04-25 05:36 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2014-04-25 05:36 . 2014-04-25 05:36 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2014-04-25 05:36 . 2014-04-25 05:36 48640 ----a-w- c:\windows\system32\mshtmler.dll
2014-04-25 05:36 . 2014-04-25 05:36 105984 ----a-w- c:\windows\system32\iesysprep.dll
2014-04-25 05:36 . 2014-04-25 05:36 77312 ----a-w- c:\windows\system32\tdc.ocx
2014-04-25 05:36 . 2014-04-25 05:36 81408 ----a-w- c:\windows\system32\icardie.dll
2014-04-25 05:36 . 2014-04-25 05:36 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2014-04-25 05:36 . 2014-04-25 05:36 413696 ----a-w- c:\windows\system32\html.iec
2014-04-25 05:36 . 2014-04-25 05:36 235520 ----a-w- c:\windows\system32\url.dll
2014-04-25 05:36 . 2014-04-25 05:36 30208 ----a-w- c:\windows\system32\licmgr10.dll
2014-04-25 05:36 . 2014-04-25 05:36 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2014-04-25 05:36 . 2014-04-25 05:36 243200 ----a-w- c:\windows\system32\webcheck.dll
2014-04-25 05:36 . 2014-04-25 05:36 101376 ----a-w- c:\windows\system32\inseng.dll
2014-04-25 05:36 . 2014-04-25 05:36 167424 ----a-w- c:\windows\system32\iexpress.exe
2014-04-25 05:36 . 2014-04-25 05:36 143872 ----a-w- c:\windows\system32\wextract.exe
2014-04-25 05:36 . 2014-04-25 05:36 147968 ----a-w- c:\windows\system32\occache.dll
2014-04-25 05:36 . 2014-04-25 05:36 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-04-25 05:36 . 2014-04-25 05:36 774144 ----a-w- c:\windows\system32\jscript.dll
2014-04-25 05:36 . 2014-04-25 05:36 62464 ----a-w- c:\windows\system32\pngfilt.dll
2014-04-25 05:36 . 2014-04-25 05:36 48128 ----a-w- c:\windows\system32\imgutil.dll
2014-04-25 05:36 . 2014-04-25 05:36 13824 ----a-w- c:\windows\system32\mshta.exe
2014-04-25 05:36 . 2014-04-25 05:36 135680 ----a-w- c:\windows\system32\iepeers.dll
2014-04-12 02:22 . 2014-05-15 07:17 155072 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-04-12 02:22 . 2014-05-15 07:17 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2014-04-12 02:19 . 2014-05-15 07:17 136192 ----a-w- c:\windows\system32\sspicli.dll
2014-04-12 02:19 . 2014-05-15 07:17 29184 ----a-w- c:\windows\system32\sspisrv.dll
2014-04-12 02:19 . 2014-05-15 07:17 28160 ----a-w- c:\windows\system32\secur32.dll
2014-04-12 02:19 . 2014-05-15 07:17 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-04-12 02:19 . 2014-05-15 07:17 31232 ----a-w- c:\windows\system32\lsass.exe
2014-04-12 02:12 . 2014-05-15 07:17 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-04-12 02:10 . 2014-05-15 07:17 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-03-31 07:35 . 2011-12-30 11:57 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-03-25 02:43 . 2014-05-15 07:22 14175744 ----a-w- c:\windows\system32\shell32.dll
2013-10-20 08:44 . 2013-10-20 08:44 50053120 ----a-w- c:\program files (x86)\GUTC24.tmp
2013-05-16 18:59 . 2013-05-16 18:59 4167680 ----a-w- c:\program files (x86)\GUTDA67.tmp
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-06-09 3890208]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
R3 RT-USB;Ross-Tech USB driver;c:\windows\system32\drivers\RT-USB64.SYS;c:\windows\SYSNATIVE\drivers\RT-USB64.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys;c:\windows\SYSNATIVE\drivers\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys;c:\windows\SYSNATIVE\drivers\amd_xata.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys;c:\windows\SYSNATIVE\DRIVERS\tmevtmgr.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\Common Files\InstantOn\InsOnSrv.exe;c:\program files (x86)\Common Files\InstantOn\InsOnSrv.exe [x]
S2 AsusService;Asus Launcher Service;c:\windows\SysWOW64\AsusService.exe;c:\windows\SysWOW64\AsusService.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 TiMiniService;TiMiniService;c:\program files\Trend Micro\Titanium\TiMiniService.exe;c:\program files\Trend Micro\Titanium\TiMiniService.exe [x]
S3 AiDriver;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiDriver.sys;c:\windows\SYSNATIVE\DRIVERS\AiDriver.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MBAMSWISSARMY
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-06-12 12:48 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-06-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-30 12:40]
.
2014-06-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-30 12:40]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-06-05 09:40 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\Asus\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\Asus\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2010-10-12 192520]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-18 11775592]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{EF349ED6-517D-4EB7-9314-CE8A9DAEBF80}: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\g9n85cx0.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SynAsusAcpi - c:\program files (x86)\Synaptics\SynTP\SynAsusAcpi.exe
AddRemove-ilividtoolbargaw - c:\progra~2\SEARCH~1\Datamngr\SRTOOL~1\uninstall.exe
AddRemove-VCDS Beta 11.10 - c:\ross-tech\VCDS-Beta\UnInstall.exe
AddRemove-VCDS Release 10.6 - c:\ross-tech\VCDS\UnInstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3386137688-3834716744-1325213857-1001\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{1CA1377B-DC1D-4A52-9585-6E06050FAC53}"=hex:51,66,7a,6c,4c,1d,3b,1b,6b,2a,b0,
0d,2c,8e,3e,00,8f,86,24,46,06,44,ea,4b
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,3b,1b,74,c9,21,
81,33,1e,d3,00,94,cf,1b,24,75,43,25,de
"{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}"=hex:51,66,7a,6c,4c,1d,3b,1b,ed,a7,bd,
aa,6f,a8,15,0a,91,30,4a,ab,9c,58,92,b4
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,3b,1b,79,45,91,
bf,6d,7c,b8,04,95,78,bb,b7,86,51,02,8f
"{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}"=hex:51,66,7a,6c,4c,1d,3b,1b,0e,1b,63,
ec,ef,cd,21,02,bf,89,41,eb,42,1a,8c,c0
"{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}"=hex:51,66,7a,6c,4c,1d,38,12,ab,c5,1e,
a0,e2,37,c6,09,de,93,cc,b9,8c,f1,55,01
"{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}"=hex:51,66,7a,6c,4c,1d,3b,1b,6b,3f,9b,
20,ae,0c,d1,0f,93,9a,35,cf,13,81,0a,ed
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,3b,1b,a1,df,09,
32,54,1b,b8,5b,81,1b,4a,d0,24,ee,8b,57
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-06-14 15:07:45
ComboFix-quarantined-files.txt 2014-06-14 13:07
.
Před spuštěním: Volných bajtů: 58 366 967 808
Po spuštění: Volných bajtů: 58 913 378 304
.
- - End Of File - - DBF589DA83FDDCF66CBAFE52259FD75B
A36C5E4F47E84449FF07ED3517B43A31

[jaro3]

AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Trend Micro Titanium *Disabled/Outdated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Trend Micro Titanium *Disabled/Outdated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}

odinstaluj jeden antivir , dva tam mít nemůžeš.
pak nový Combofix

[macwix]

Trend Micro Titanium smazán.


ComboFix (by sUBs) nový log:

ComboFix 14-06-16.01 - Katka 18.06.2014 8:20.3.1 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.749.170 [GMT 2:00]
Spuštěný z: c:\users\Katka\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-05-18 do 2014-06-18 )))))))))))))))))))))))))))))))
.
.
2014-06-18 07:44 . 2014-06-18 07:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-06-18 05:17 . 2014-04-30 23:20 10702536 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6EA27FF3-2213-4575-B1A3-627707CC5688}\mpengine.dll
2014-06-13 09:34 . 2014-06-13 09:34 0 ----a-w- c:\windows\SysWow64\sho84FC.tmp
2014-06-12 16:59 . 2014-06-12 16:59 -------- d-----w- c:\programdata\RogueKiller
2014-06-11 12:20 . 2014-06-11 12:20 -------- d-----w- c:\windows\ERUNT
2014-06-11 05:47 . 2014-04-25 02:34 801280 ----a-w- c:\windows\system32\usp10.dll
2014-06-11 05:47 . 2014-04-25 02:06 626688 ----a-w- c:\windows\SysWow64\usp10.dll
2014-06-11 05:47 . 2014-04-05 02:47 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2014-06-11 05:47 . 2014-04-05 02:47 288192 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2014-06-11 05:47 . 2014-03-26 14:44 2002432 ----a-w- c:\windows\system32\msxml6.dll
2014-06-11 05:47 . 2014-03-26 14:44 1882112 ----a-w- c:\windows\system32\msxml3.dll
2014-06-11 05:47 . 2014-03-26 14:27 1389056 ----a-w- c:\windows\SysWow64\msxml6.dll
2014-06-11 05:47 . 2014-03-26 14:27 1237504 ----a-w- c:\windows\SysWow64\msxml3.dll
2014-06-11 05:47 . 2014-03-26 14:41 2048 ----a-w- c:\windows\system32\msxml6r.dll
2014-06-11 05:47 . 2014-03-26 14:25 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll
2014-06-11 05:47 . 2014-03-26 14:41 2048 ----a-w- c:\windows\system32\msxml3r.dll
2014-06-11 05:47 . 2014-03-26 14:25 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2014-06-11 05:45 . 2014-05-30 09:11 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-06-11 05:45 . 2014-05-30 10:21 23414784 ----a-w- c:\windows\system32\mshtml.dll
2014-06-11 05:44 . 2014-06-08 09:13 506368 ----a-w- c:\windows\system32\aepdu.dll
2014-06-11 05:44 . 2014-06-08 09:08 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-06-10 13:00 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-06-10 12:57 . 2014-06-11 10:44 -------- d-----w- C:\AdwCleaner
2014-06-10 12:44 . 2014-06-10 12:44 -------- d-----w- c:\users\Katka\AppData\Local\ASUS
2014-06-10 11:54 . 2014-06-18 05:26 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-06-10 11:48 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-06-10 11:48 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-06-10 11:48 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-06-10 11:48 . 2014-06-10 11:49 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-06-10 11:48 . 2014-06-10 11:48 -------- d-----w- c:\programdata\Malwarebytes
2014-06-10 11:47 . 2014-06-10 11:47 -------- d-----w- c:\users\Katka\AppData\Local\Programs
2014-06-06 10:35 . 2014-06-06 10:38 -------- d-----w- c:\users\Katka\AppData\Roaming\Dropbox
2014-06-05 09:50 . 2014-06-05 09:50 -------- d-----w- c:\users\Katka\AppData\Roaming\AVAST Software
2014-06-05 09:40 . 2014-06-05 10:12 85328 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-06-05 09:40 . 2014-06-05 09:40 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-06-05 09:40 . 2014-06-05 09:40 43152 ----a-w- c:\windows\avastSS.scr
2014-06-05 09:29 . 2014-06-05 09:40 208416 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-06-05 09:29 . 2014-06-05 09:40 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-12 06:51 . 2012-03-18 19:16 95414520 ----a-w- c:\windows\system32\MRT.exe
2014-06-05 10:12 . 2011-12-30 12:40 423240 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-06-05 10:12 . 2011-12-30 12:40 1039096 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-06-05 09:40 . 2011-12-30 12:40 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-06-05 09:40 . 2011-12-30 12:40 334648 ----a-w- c:\windows\system32\aswBoot.exe
2014-06-05 09:40 . 2012-10-17 08:12 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-04-25 05:37 . 2014-04-25 05:37 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2014-04-25 05:36 . 2014-04-25 05:36 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2014-04-25 05:36 . 2014-04-25 05:36 235008 ----a-w- c:\windows\system32\elshyph.dll
2014-04-25 05:36 . 2014-04-25 05:36 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-04-25 05:36 . 2014-04-25 05:36 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2014-04-25 05:36 . 2014-04-25 05:36 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2014-04-25 05:36 . 2014-04-25 05:36 337408 ----a-w- c:\windows\SysWow64\html.iec
2014-04-25 05:36 . 2014-04-25 05:36 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2014-04-25 05:36 . 2014-04-25 05:36 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2014-04-25 05:36 . 2014-04-25 05:36 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2014-04-25 05:36 . 2014-04-25 05:36 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-04-25 05:36 . 2014-04-25 05:36 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2014-04-25 05:36 . 2014-04-25 05:36 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2014-04-25 05:36 . 2014-04-25 05:36 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2014-04-25 05:36 . 2014-04-25 05:36 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2014-04-25 05:36 . 2014-04-25 05:36 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2014-04-25 05:36 . 2014-04-25 05:36 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2014-04-25 05:36 . 2014-04-25 05:36 942592 ----a-w- c:\windows\system32\jsIntl.dll
2014-04-25 05:36 . 2014-04-25 05:36 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2014-04-25 05:36 . 2014-04-25 05:36 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2014-04-25 05:36 . 2014-04-25 05:36 247808 ----a-w- c:\windows\system32\msls31.dll
2014-04-25 05:36 . 2014-04-25 05:36 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2014-04-25 05:36 . 2014-04-25 05:36 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2014-04-25 05:36 . 2014-04-25 05:36 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2014-04-25 05:36 . 2014-04-25 05:36 48640 ----a-w- c:\windows\system32\mshtmler.dll
2014-04-25 05:36 . 2014-04-25 05:36 105984 ----a-w- c:\windows\system32\iesysprep.dll
2014-04-25 05:36 . 2014-04-25 05:36 77312 ----a-w- c:\windows\system32\tdc.ocx
2014-04-25 05:36 . 2014-04-25 05:36 81408 ----a-w- c:\windows\system32\icardie.dll
2014-04-25 05:36 . 2014-04-25 05:36 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2014-04-25 05:36 . 2014-04-25 05:36 413696 ----a-w- c:\windows\system32\html.iec
2014-04-25 05:36 . 2014-04-25 05:36 235520 ----a-w- c:\windows\system32\url.dll
2014-04-25 05:36 . 2014-04-25 05:36 30208 ----a-w- c:\windows\system32\licmgr10.dll
2014-04-25 05:36 . 2014-04-25 05:36 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2014-04-25 05:36 . 2014-04-25 05:36 243200 ----a-w- c:\windows\system32\webcheck.dll
2014-04-25 05:36 . 2014-04-25 05:36 101376 ----a-w- c:\windows\system32\inseng.dll
2014-04-25 05:36 . 2014-04-25 05:36 167424 ----a-w- c:\windows\system32\iexpress.exe
2014-04-25 05:36 . 2014-04-25 05:36 143872 ----a-w- c:\windows\system32\wextract.exe
2014-04-25 05:36 . 2014-04-25 05:36 147968 ----a-w- c:\windows\system32\occache.dll
2014-04-25 05:36 . 2014-04-25 05:36 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-04-25 05:36 . 2014-04-25 05:36 774144 ----a-w- c:\windows\system32\jscript.dll
2014-04-25 05:36 . 2014-04-25 05:36 62464 ----a-w- c:\windows\system32\pngfilt.dll
2014-04-25 05:36 . 2014-04-25 05:36 48128 ----a-w- c:\windows\system32\imgutil.dll
2014-04-25 05:36 . 2014-04-25 05:36 13824 ----a-w- c:\windows\system32\mshta.exe
2014-04-25 05:36 . 2014-04-25 05:36 135680 ----a-w- c:\windows\system32\iepeers.dll
2014-04-12 02:22 . 2014-05-15 07:17 155072 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-04-12 02:22 . 2014-05-15 07:17 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2014-04-12 02:19 . 2014-05-15 07:17 136192 ----a-w- c:\windows\system32\sspicli.dll
2014-04-12 02:19 . 2014-05-15 07:17 29184 ----a-w- c:\windows\system32\sspisrv.dll
2014-04-12 02:19 . 2014-05-15 07:17 28160 ----a-w- c:\windows\system32\secur32.dll
2014-04-12 02:19 . 2014-05-15 07:17 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-04-12 02:19 . 2014-05-15 07:17 31232 ----a-w- c:\windows\system32\lsass.exe
2014-04-12 02:12 . 2014-05-15 07:17 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-04-12 02:10 . 2014-05-15 07:17 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-03-31 07:35 . 2011-12-30 11:57 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-03-25 02:43 . 2014-05-15 07:22 14175744 ----a-w- c:\windows\system32\shell32.dll
2013-10-20 08:44 . 2013-10-20 08:44 50053120 ----a-w- c:\program files (x86)\GUTC24.tmp
2013-05-16 18:59 . 2013-05-16 18:59 4167680 ----a-w- c:\program files (x86)\GUTDA67.tmp
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-06-09 3890208]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
R3 RT-USB;Ross-Tech USB driver;c:\windows\system32\drivers\RT-USB64.SYS;c:\windows\SYSNATIVE\drivers\RT-USB64.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys;c:\windows\SYSNATIVE\drivers\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys;c:\windows\SYSNATIVE\drivers\amd_xata.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\Common Files\InstantOn\InsOnSrv.exe;c:\program files (x86)\Common Files\InstantOn\InsOnSrv.exe [x]
S2 AsusService;Asus Launcher Service;c:\windows\SysWOW64\AsusService.exe;c:\windows\SysWOW64\AsusService.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S3 AiDriver;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiDriver.sys;c:\windows\SYSNATIVE\DRIVERS\AiDriver.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MBAMSWISSARMY
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-06-12 12:48 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-06-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-30 12:40]
.
2014-06-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-30 12:40]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-06-05 09:40 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\Asus\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\Asus\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SynAsusAcpi"="c:\program files (x86)\Synaptics\SynTP\SynAsusAcpi.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-18 11775592]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{EF349ED6-517D-4EB7-9314-CE8A9DAEBF80}: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\g9n85cx0.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
AddRemove-ilividtoolbargaw - c:\progra~2\SEARCH~1\Datamngr\SRTOOL~1\uninstall.exe
AddRemove-VCDS Beta 11.10 - c:\ross-tech\VCDS-Beta\UnInstall.exe
AddRemove-VCDS Release 10.6 - c:\ross-tech\VCDS\UnInstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3386137688-3834716744-1325213857-1001\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{1CA1377B-DC1D-4A52-9585-6E06050FAC53}"=hex:51,66,7a,6c,4c,1d,3b,1b,6b,2a,b0,
0d,2c,8e,3e,00,8f,86,24,46,06,44,ea,4b
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,3b,1b,74,c9,21,
81,33,1e,d3,00,94,cf,1b,24,75,43,25,de
"{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}"=hex:51,66,7a,6c,4c,1d,3b,1b,ed,a7,bd,
aa,6f,a8,15,0a,91,30,4a,ab,9c,58,92,b4
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,3b,1b,79,45,91,
bf,6d,7c,b8,04,95,78,bb,b7,86,51,02,8f
"{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}"=hex:51,66,7a,6c,4c,1d,3b,1b,0e,1b,63,
ec,ef,cd,21,02,bf,89,41,eb,42,1a,8c,c0
"{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}"=hex:51,66,7a,6c,4c,1d,38,12,ab,c5,1e,
a0,e2,37,c6,09,de,93,cc,b9,8c,f1,55,01
"{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}"=hex:51,66,7a,6c,4c,1d,3b,1b,6b,3f,9b,
20,ae,0c,d1,0f,93,9a,35,cf,13,81,0a,ed
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,3b,1b,a1,df,09,
32,54,1b,b8,5b,81,1b,4a,d0,24,ee,8b,57
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-06-18 09:54:50
ComboFix-quarantined-files.txt 2014-06-18 07:54
.
Před spuštěním: Volných bajtů: 59 394 859 008
Po spuštění: Volných bajtů: 58 922 692 608
.
- - End Of File - - 48A61D99755D6D124635CCD4EA60F7DC
A36C5E4F47E84449FF07ED3517B43A31

[jaro3]

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
File::
c:\windows\SysWow64\sho84FC.tmp
c:\program files (x86)\GUTC24.tmp
c:\program files (x86)\GUTDA67.tmp
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Google\Update

Driver::
SkypeUpdate

RegLock::
[HKEY_USERS\S-1-5-21-3386137688-3834716744-1325213857-1001\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{1CA1377B-DC1D-4A52-9585-6E06050FAC53}"=hex:51,66,7a,6c,4c,1d,3b,1b,6b,2a,b0,
 0d,2c,8e,3e,00,8f,86,24,46,06,44,ea,4b
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,3b,1b,74,c9,21,
 81,33,1e,d3,00,94,cf,1b,24,75,43,25,de
"{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}"=hex:51,66,7a,6c,4c,1d,3b,1b,ed,a7,bd,
 aa,6f,a8,15,0a,91,30,4a,ab,9c,58,92,b4
"{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}"=hex:51,66,7a,6c,4c,1d,3b,1b,79,45,91,
 bf,6d,7c,b8,04,95,78,bb,b7,86,51,02,8f
"{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}"=hex:51,66,7a,6c,4c,1d,3b,1b,0e,1b,63,
 ec,ef,cd,21,02,bf,89,41,eb,42,1a,8c,c0
"{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}"=hex:51,66,7a,6c,4c,1d,38,12,ab,c5,1e,
 a0,e2,37,c6,09,de,93,cc,b9,8c,f1,55,01
"{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}"=hex:51,66,7a,6c,4c,1d,3b,1b,6b,3f,9b,
 20,ae,0c,d1,0f,93,9a,35,cf,13,81,0a,ed
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"=hex:51,66,7a,6c,4c,1d,3b,1b,a1,df,09,
 32,54,1b,b8,5b,81,1b,4a,d0,24,ee,8b,57
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

[macwix]

Combofix

ComboFix 14-06-16.01 - Katka 19.06.2014 8:27.4.1 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.749.163 [GMT 2:00]
Spuštěný z: c:\users\Katka\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Katka\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\program files (x86)\GUTC24.tmp"
"c:\program files (x86)\GUTDA67.tmp"
"c:\windows\SysWow64\sho84FC.tmp"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-05-19 do 2014-06-19 )))))))))))))))))))))))))))))))
.
.
2014-06-19 06:47 . 2014-06-19 06:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-06-19 04:48 . 2014-06-19 06:54 122584 ----a-w- c:\windows\system32\drivers\48230029.sys
2014-06-18 11:51 . 2014-06-18 11:51 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6EA27FF3-2213-4575-B1A3-627707CC5688}\offreg.dll
2014-06-18 05:17 . 2014-04-30 23:20 10702536 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6EA27FF3-2213-4575-B1A3-627707CC5688}\mpengine.dll
2014-06-13 09:34 . 2014-06-13 09:34 0 ----a-w- c:\windows\SysWow64\sho84FC.tmp
2014-06-12 16:59 . 2014-06-12 16:59 -------- d-----w- c:\programdata\RogueKiller
2014-06-11 12:20 . 2014-06-11 12:20 -------- d-----w- c:\windows\ERUNT
2014-06-11 05:47 . 2014-04-25 02:34 801280 ----a-w- c:\windows\system32\usp10.dll
2014-06-11 05:47 . 2014-04-25 02:06 626688 ----a-w- c:\windows\SysWow64\usp10.dll
2014-06-11 05:47 . 2014-04-05 02:47 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2014-06-11 05:47 . 2014-04-05 02:47 288192 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2014-06-11 05:47 . 2014-03-26 14:44 2002432 ----a-w- c:\windows\system32\msxml6.dll
2014-06-11 05:47 . 2014-03-26 14:44 1882112 ----a-w- c:\windows\system32\msxml3.dll
2014-06-11 05:47 . 2014-03-26 14:27 1389056 ----a-w- c:\windows\SysWow64\msxml6.dll
2014-06-11 05:47 . 2014-03-26 14:27 1237504 ----a-w- c:\windows\SysWow64\msxml3.dll
2014-06-11 05:47 . 2014-03-26 14:41 2048 ----a-w- c:\windows\system32\msxml6r.dll
2014-06-11 05:47 . 2014-03-26 14:25 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll
2014-06-11 05:47 . 2014-03-26 14:41 2048 ----a-w- c:\windows\system32\msxml3r.dll
2014-06-11 05:47 . 2014-03-26 14:25 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2014-06-11 05:45 . 2014-05-30 09:11 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-06-11 05:45 . 2014-05-30 10:21 23414784 ----a-w- c:\windows\system32\mshtml.dll
2014-06-11 05:44 . 2014-06-08 09:13 506368 ----a-w- c:\windows\system32\aepdu.dll
2014-06-11 05:44 . 2014-06-08 09:08 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-06-10 13:00 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-06-10 12:57 . 2014-06-11 10:44 -------- d-----w- C:\AdwCleaner
2014-06-10 12:44 . 2014-06-10 12:44 -------- d-----w- c:\users\Katka\AppData\Local\ASUS
2014-06-10 11:54 . 2014-06-19 04:48 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-06-10 11:48 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-06-10 11:48 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-06-10 11:48 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-06-10 11:48 . 2014-06-10 11:49 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-06-10 11:48 . 2014-06-10 11:48 -------- d-----w- c:\programdata\Malwarebytes
2014-06-10 11:47 . 2014-06-10 11:47 -------- d-----w- c:\users\Katka\AppData\Local\Programs
2014-06-06 10:35 . 2014-06-06 10:38 -------- d-----w- c:\users\Katka\AppData\Roaming\Dropbox
2014-06-05 09:50 . 2014-06-05 09:50 -------- d-----w- c:\users\Katka\AppData\Roaming\AVAST Software
2014-06-05 09:40 . 2014-06-05 10:12 85328 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-06-05 09:40 . 2014-06-05 09:40 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-06-05 09:40 . 2014-06-05 09:40 43152 ----a-w- c:\windows\avastSS.scr
2014-06-05 09:29 . 2014-06-05 09:40 208416 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-06-05 09:29 . 2014-06-05 09:40 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-12 06:51 . 2012-03-18 19:16 95414520 ----a-w- c:\windows\system32\MRT.exe
2014-06-05 10:12 . 2011-12-30 12:40 423240 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-06-05 10:12 . 2011-12-30 12:40 1039096 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-06-05 09:40 . 2011-12-30 12:40 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-06-05 09:40 . 2011-12-30 12:40 334648 ----a-w- c:\windows\system32\aswBoot.exe
2014-06-05 09:40 . 2012-10-17 08:12 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-04-25 05:37 . 2014-04-25 05:37 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2014-04-25 05:36 . 2014-04-25 05:36 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2014-04-25 05:36 . 2014-04-25 05:36 235008 ----a-w- c:\windows\system32\elshyph.dll
2014-04-25 05:36 . 2014-04-25 05:36 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-04-25 05:36 . 2014-04-25 05:36 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2014-04-25 05:36 . 2014-04-25 05:36 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2014-04-25 05:36 . 2014-04-25 05:36 337408 ----a-w- c:\windows\SysWow64\html.iec
2014-04-25 05:36 . 2014-04-25 05:36 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2014-04-25 05:36 . 2014-04-25 05:36 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2014-04-25 05:36 . 2014-04-25 05:36 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2014-04-25 05:36 . 2014-04-25 05:36 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-04-25 05:36 . 2014-04-25 05:36 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2014-04-25 05:36 . 2014-04-25 05:36 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2014-04-25 05:36 . 2014-04-25 05:36 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2014-04-25 05:36 . 2014-04-25 05:36 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2014-04-25 05:36 . 2014-04-25 05:36 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2014-04-25 05:36 . 2014-04-25 05:36 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2014-04-25 05:36 . 2014-04-25 05:36 942592 ----a-w- c:\windows\system32\jsIntl.dll
2014-04-25 05:36 . 2014-04-25 05:36 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2014-04-25 05:36 . 2014-04-25 05:36 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2014-04-25 05:36 . 2014-04-25 05:36 247808 ----a-w- c:\windows\system32\msls31.dll
2014-04-25 05:36 . 2014-04-25 05:36 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2014-04-25 05:36 . 2014-04-25 05:36 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2014-04-25 05:36 . 2014-04-25 05:36 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2014-04-25 05:36 . 2014-04-25 05:36 48640 ----a-w- c:\windows\system32\mshtmler.dll
2014-04-25 05:36 . 2014-04-25 05:36 105984 ----a-w- c:\windows\system32\iesysprep.dll
2014-04-25 05:36 . 2014-04-25 05:36 77312 ----a-w- c:\windows\system32\tdc.ocx
2014-04-25 05:36 . 2014-04-25 05:36 81408 ----a-w- c:\windows\system32\icardie.dll
2014-04-25 05:36 . 2014-04-25 05:36 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2014-04-25 05:36 . 2014-04-25 05:36 413696 ----a-w- c:\windows\system32\html.iec
2014-04-25 05:36 . 2014-04-25 05:36 235520 ----a-w- c:\windows\system32\url.dll
2014-04-25 05:36 . 2014-04-25 05:36 30208 ----a-w- c:\windows\system32\licmgr10.dll
2014-04-25 05:36 . 2014-04-25 05:36 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2014-04-25 05:36 . 2014-04-25 05:36 243200 ----a-w- c:\windows\system32\webcheck.dll
2014-04-25 05:36 . 2014-04-25 05:36 101376 ----a-w- c:\windows\system32\inseng.dll
2014-04-25 05:36 . 2014-04-25 05:36 167424 ----a-w- c:\windows\system32\iexpress.exe
2014-04-25 05:36 . 2014-04-25 05:36 143872 ----a-w- c:\windows\system32\wextract.exe
2014-04-25 05:36 . 2014-04-25 05:36 147968 ----a-w- c:\windows\system32\occache.dll
2014-04-25 05:36 . 2014-04-25 05:36 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-04-25 05:36 . 2014-04-25 05:36 774144 ----a-w- c:\windows\system32\jscript.dll
2014-04-25 05:36 . 2014-04-25 05:36 62464 ----a-w- c:\windows\system32\pngfilt.dll
2014-04-25 05:36 . 2014-04-25 05:36 48128 ----a-w- c:\windows\system32\imgutil.dll
2014-04-25 05:36 . 2014-04-25 05:36 13824 ----a-w- c:\windows\system32\mshta.exe
2014-04-25 05:36 . 2014-04-25 05:36 135680 ----a-w- c:\windows\system32\iepeers.dll
2014-04-12 02:22 . 2014-05-15 07:17 155072 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-04-12 02:22 . 2014-05-15 07:17 95680 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2014-04-12 02:19 . 2014-05-15 07:17 136192 ----a-w- c:\windows\system32\sspicli.dll
2014-04-12 02:19 . 2014-05-15 07:17 29184 ----a-w- c:\windows\system32\sspisrv.dll
2014-04-12 02:19 . 2014-05-15 07:17 28160 ----a-w- c:\windows\system32\secur32.dll
2014-04-12 02:19 . 2014-05-15 07:17 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-04-12 02:19 . 2014-05-15 07:17 31232 ----a-w- c:\windows\system32\lsass.exe
2014-04-12 02:12 . 2014-05-15 07:17 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-04-12 02:10 . 2014-05-15 07:17 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-03-31 07:35 . 2011-12-30 11:57 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-03-25 02:43 . 2014-05-15 07:22 14175744 ----a-w- c:\windows\system32\shell32.dll
2013-10-20 08:44 . 2013-10-20 08:44 50053120 ----a-w- c:\program files (x86)\GUTC24.tmp
2013-05-16 18:59 . 2013-05-16 18:59 4167680 ----a-w- c:\program files (x86)\GUTDA67.tmp
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-06-09 3890208]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ew_usbenumfilter.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_juwwanecm.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
R3 RT-USB;Ross-Tech USB driver;c:\windows\system32\drivers\RT-USB64.SYS;c:\windows\SYSNATIVE\drivers\RT-USB64.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys;c:\windows\SYSNATIVE\drivers\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys;c:\windows\SYSNATIVE\drivers\amd_xata.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\Common Files\InstantOn\InsOnSrv.exe;c:\program files (x86)\Common Files\InstantOn\InsOnSrv.exe [x]
S2 AsusService;Asus Launcher Service;c:\windows\SysWOW64\AsusService.exe;c:\windows\SysWOW64\AsusService.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S3 AiDriver;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiDriver.sys;c:\windows\SYSNATIVE\DRIVERS\AiDriver.sys [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\48230029.sys;c:\windows\SYSNATIVE\drivers\48230029.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MBAMSWISSARMY
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-06-12 12:48 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-06-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-30 12:40]
.
2014-06-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-30 12:40]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-06-05 09:40 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\Asus\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\Asus\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"SynAsusAcpi"="c:\program files (x86)\Synaptics\SynTP\SynAsusAcpi.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-01-18 11775592]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 10.0.0.138
TCP: Interfaces\{EF349ED6-517D-4EB7-9314-CE8A9DAEBF80}: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Katka\AppData\Roaming\Mozilla\Firefox\Profiles\g9n85cx0.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
AddRemove-ilividtoolbargaw - c:\progra~2\SEARCH~1\Datamngr\SRTOOL~1\uninstall.exe
AddRemove-VCDS Beta 11.10 - c:\ross-tech\VCDS-Beta\UnInstall.exe
AddRemove-VCDS Release 10.6 - c:\ross-tech\VCDS\UnInstall.exe
.
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\InstantOn\InsOnWMI.exe
c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\program files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files (x86)\Malwarebytes Anti-Malware\mbam.exe
.
**************************************************************************
.
Celkový čas: 2014-06-19 09:08:39 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-06-19 07:08
ComboFix2.txt 2014-06-18 07:54
.
Před spuštěním: Volných bajtů: 56 122 798 080
Po spuštění: Volných bajtů: 56 122 130 432
.
- - End Of File - - 93D0D5D5EA631CD8A65F773BFA508DEA
A36C5E4F47E84449FF07ED3517B43A31

HJT

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:33:10, on 19.6.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)

FIREFOX: 30.0 (cs)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Katka\Desktop\HijackThis(2).exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe
O23 - Service: Asus Launcher Service (AsusService) - Unknown owner - C:\windows\SysWOW64\AsusService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8770 bytes


aswMBR

aswMBR version 1.0.1.2041 Copyright(c) 2014 AVAST Software
Run date: 2014-06-19 09:14:59
-----------------------------
09:14:59.725 OS Version: Windows x64 6.1.7601 Service Pack 1
09:14:59.725 Number of processors: 1 586 0x100
09:14:59.756 ComputerName: KATKA-PC UserName: Katka
09:15:02.860 Initialize success
09:15:02.860 VM: initialized successfully
09:15:02.907 VM: outdated driver version !
09:15:10.083 AVAST engine defs: 14061800
09:15:17.883 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000072
09:15:17.899 Disk 0 Vendor: Hitachi_ ES2O Size: 305245MB BusType: 11
09:15:17.930 Disk 0 MBR read successfully
09:15:17.946 Disk 0 MBR scan
09:15:18.258 Disk 0 Windows 7 default MBR code
09:15:18.273 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 102400 MB offset 2048
09:15:18.289 Disk 0 default boot code
09:15:18.460 Disk 0 Partition 2 00 1B Hidd FAT32 MSDOS5.0 15360 MB offset 209717248
09:15:18.538 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 187468 MB offset 241174528
09:15:18.585 Disk 0 Partition 4 00 EF EFI FAT 16 MB offset 625108992
09:15:18.772 Disk 0 scanning C:\windows\system32\drivers
09:15:38.350 Service scanning
09:16:35.384 Modules scanning
09:16:35.400 Disk 0 trace - called modules:
09:16:35.447 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa800093d2c0]<<sptd.sys amd_xata.sys storport.sys hal.dll amd_sata.sys
09:16:35.462 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800193b060]
09:16:35.478 3 CLASSPNP.SYS[fffff88001aae43f] -> nt!IofCallDriver -> [0xfffffa800185fac0]
09:16:35.493 \Driver\amd_xata[0xfffffa8001341e70] -> IRP_MJ_CREATE -> 0xfffffa800093d2c0
09:16:35.509 5 amd_xata.sys[fffff88000eae8b4] -> nt!IofCallDriver -> \Device\00000072[0xfffffa80013689c0]
09:16:35.525 \Driver\amd_sata[0xfffffa8001340570] -> IRP_MJ_CREATE -> 0xfffffa800093b2c0
09:16:36.071 AVAST engine scan C:\windows
09:16:39.643 AVAST engine scan C:\windows\system32
09:20:58.572 AVAST engine scan C:\windows\system32\drivers
09:21:19.305 AVAST engine scan C:\Users\Katka
09:23:26.242 Disk 0 MBR has been saved successfully to "C:\Users\Katka\Desktop\MBR.dat"
09:23:26.289 The log file has been saved successfully to "C:\Users\Katka\Desktop\aswMBR.txt"

[jaro3]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)

Co problémy?

[macwix]

Notebook teď běhá docela dobře, hlavně internet je o dost rychlejší ale pořád mě trápí strašně zdlouhavé nabíhání po spuštění. Nebrzdí to nějaké zbytečné programy hned po spuštění?

[Orcus]

Stáhni si Memtest:

Do políčka vlož největší velikost Tvé jednotlivé paměti RAM (256,512 nebo 1024,2048) dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.

====================================================

Je třeba zkontrolovat HDD na chyby , zkusit jeho defragmentaci ..

Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

Nemáš málo volného místa na disku?