Prosím o kontrolu logu - pomalý start PC

Cheaterboy · Příspěvekod **Cheaterboy** » 19 črc 2012 14:25

Jedná se o to že PC startuje strašně pomalu více info viewtopic.php?f=46&t=89594&p=670921#p670921

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:25:18, on 19.7.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16447)
Boot mode: Normal

Running processes:
C:\Windows\vsnp325.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe
C:\Windows\tsnp325.exe
C:\Windows\FixCamera.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\CrystalDiskInfo\DiskInfo.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Stahování\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: Splashtop Connect VisualBookmark - {0E5680D1-BF44-4929-94AF-FD30D784AD1D} - C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [STCAgent] "C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files (x86)\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [tsnp325] C:\Windows\tsnp325.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [FixCamera] C:\Windows\FixCamera.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [ZyngaGamesAgent] "C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stáhnout s IDM všechny odkazy - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: QIP Infium - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files (x86)\QIP Infium\infium.exe (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.line6.net
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Unknown owner - C:\Program Files (x86)\TP-LINK\TL-WN321G\COMMON\RegistryWriter.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung AllShare PC (SamsungAllShareV2.0) - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
O23 - Service: Splashtop Connect Service (SCBackService) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe
O23 - Service: SimpleSlideShowServer - Samsung Electronics Co., Ltd. - C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Splashtop Connect IE Software Updater Service (WCUService_STC_IE) - Splashtop Inc. - C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14121 bytes

Reklama

Příspěvekod **Žbeky** » 19 črc 2012 14:34

Fixni:

Kód: Vybrat vše

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ZyngaGamesAgent] "C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe"
O9 - Extra button: QIP Infium - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - C:\Program Files (x86)\QIP Infium\infium.exe (file missing) (HKCU)
O15 - Trusted Zone: *.line6.net
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.

Cheaterboy · Příspěvekod **Cheaterboy** » 19 črc 2012 15:49

HiJackThis - fixnuto
ATF Cleaner - odstraněno
Malwarebytes' Anti-Malware log:

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Verze databáze: v2012.07.19.10

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Cheaterboy :: CHEATERBOY-PC [administrátor]

19.7.2012 15:43:47
mbam-log-2012-07-19 (15-47-34).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 197002
Uplynulý čas: 3 minut, 34 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 1
HKCU\SOFTWARE\XTREMERAT (Malware.Trace) -> Žádná instrukce nebyla provedena.

Nalezené hodnoty v registru: 1
HKCU\Software\XtremeRAT|Mutex (Malware.Trace) -> Data: iuhte4v95zbwehuzb9hu8wbz359bzn9vn7zve9 -> Žádná instrukce nebyla provedena.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

Příspěvekod **Žbeky** » 19 črc 2012 17:19

Znovu spusť MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.

Cheaterboy · Příspěvekod **Cheaterboy** » 19 črc 2012 19:42

MbAM log

Malwarebytes Anti-Malware 1.62.0.1300
http://www.malwarebytes.org

Verze databáze: v2012.07.19.10

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Cheaterboy :: CHEATERBOY-PC [administrátor]

19.7.2012 19:12:15
mbam-log-2012-07-19 (19-12-15).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 197233
Uplynulý čas: 1 minut, 48 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 1
HKCU\SOFTWARE\XTREMERAT (Malware.Trace) -> Umístnění do karantény a smazání se zdařilo.

Nalezené hodnoty v registru: 1
HKCU\Software\XtremeRAT|Mutex (Malware.Trace) -> Data: iuhte4v95zbwehuzb9hu8wbz359bzn9vn7zve9 -> Umístnění do karantény a smazání se zdařilo.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

Log z "TDSS Killer" není k dispozici jelikož program po mě nevyžadoval restart tak jsem udělal manuální restart a i přesto po zkontrollování PC programem, nevyhodil žádný log.

ComboFix log

ComboFix 12-07-19.02 - Cheaterboy 19.07.2012 19:32:21.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8175.6304 [GMT 2:00]
Spuštěný z: c:\users\Cheaterboy\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ntuser.dat
c:\users\Cheaterboy\AppData\Roaming\Love
c:\users\Cheaterboy\AppData\Roaming\Love\mari0\options.txt
c:\users\Cheaterboy\AppData\Roaming\Microsoft\Windows\1hpWH80Xp2.cfg
c:\users\Cheaterboy\AppData\Roaming\Microsoft\Windows\1hpWH80Xp2.xtr
c:\windows\msxml4-KB2721691-enu.LOG
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SysWow64\muzapp.exe
c:\windows\usgwmt
c:\windows\usgwmt\BReWErS.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-19 do 2012-07-19 )))))))))))))))))))))))))))))))
.
.
2012-07-19 17:37 . 2012-07-19 17:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-19 17:35 . 2012-07-19 17:35 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8230FDBB-CE1C-4CFC-B480-59CA004DA922}\offreg.dll
2012-07-19 14:01 . 2012-07-19 14:01 -------- d-----w- c:\users\Cheaterboy\AppData\Local\ATI
2012-07-19 13:43 . 2012-07-19 13:43 -------- d-----w- c:\users\Cheaterboy\AppData\Roaming\Malwarebytes
2012-07-19 13:43 . 2012-07-19 13:43 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-19 13:43 . 2012-07-19 13:43 -------- d-----w- c:\programdata\Malwarebytes
2012-07-19 13:43 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-19 12:17 . 2012-07-19 12:18 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2012-07-17 19:16 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8230FDBB-CE1C-4CFC-B480-59CA004DA922}\mpengine.dll
2012-07-15 08:01 . 2012-07-15 08:02 -------- d-----w- c:\users\Cheaterboy\AppData\Roaming\Unified Remote
2012-07-15 08:01 . 2012-07-15 08:01 -------- d-----w- c:\program files (x86)\Unified Remote
2012-07-11 14:47 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-11 12:27 . 2012-06-06 06:06 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-07-10 16:41 . 2012-07-10 16:41 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-07-10 16:39 . 2012-07-10 16:39 -------- d-----w- c:\program files (x86)\Oracle
2012-07-10 16:39 . 2012-05-04 17:29 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-07-10 16:39 . 2012-07-10 16:39 -------- d-----w- c:\program files (x86)\Java
2012-07-10 16:38 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2012-07-10 14:00 . 2012-07-10 14:00 -------- d-----w- C:\Download
2012-07-10 13:59 . 2012-07-10 13:59 -------- d-----w- C:\AllShare
2012-07-10 13:49 . 2012-07-10 13:49 -------- d-----w- c:\program files (x86)\MyFree Codec
2012-07-10 13:38 . 2011-06-02 05:47 177640 ----a-w- c:\windows\system32\drivers\ssadmdm.sys
2012-07-10 13:38 . 2011-06-02 05:47 16872 ----a-w- c:\windows\system32\drivers\ssadmdfl.sys
2012-07-10 13:38 . 2011-06-02 05:47 157672 ----a-w- c:\windows\system32\drivers\ssadbus.sys
2012-07-10 13:38 . 2011-06-02 05:47 13800 ----a-w- c:\windows\system32\drivers\ssadwhnt.sys
2012-07-10 13:38 . 2011-06-02 05:47 13288 ----a-w- c:\windows\system32\drivers\ssadcmnt.sys
2012-07-10 13:38 . 2010-12-21 05:55 36328 ----a-w- c:\windows\system32\drivers\ssadadb.sys
2012-07-10 13:38 . 2011-06-02 05:47 146920 ----a-w- c:\windows\system32\drivers\ssadserd.sys
2012-07-10 13:32 . 2012-06-26 14:02 821824 ----a-w- c:\windows\SysWow64\dgderapi.dll
2012-06-26 14:02 . 2012-06-26 14:02 90112 ----a-w- c:\windows\MAMCityDownload.ocx
2012-06-26 14:02 . 2012-06-26 14:02 330240 ----a-w- c:\windows\MASetupCaller.dll
2012-06-26 14:02 . 2012-06-26 14:02 30568 ----a-w- c:\windows\MusiccityDownload.exe
2012-06-26 14:02 . 2012-06-26 14:02 45320 ----a-w- c:\windows\SysWow64\MAMACExtract.dll
2012-06-25 19:19 . 2012-07-19 12:03 -------- d-----w- c:\users\Cheaterboy\AppData\Roaming\.techniclauncher
2012-06-25 14:04 . 2012-06-25 14:04 1394248 ----a-w- c:\windows\SysWow64\msxml4.dll
2012-06-24 00:07 . 2012-07-03 21:22 -------- d-----w- c:\users\Cheaterboy\AppData\Roaming\esmska
2012-06-24 00:07 . 2012-06-24 00:07 -------- d--h--w- c:\program files (x86)\InstallJammer Registry
2012-06-24 00:07 . 2012-06-24 00:07 -------- d-----w- c:\program files (x86)\Esmska
2012-06-22 10:43 . 2012-06-22 10:43 -------- d-----w- c:\program files (x86)\WB Games
2012-06-22 10:29 . 2012-06-22 10:29 530488 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-06-21 09:29 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-21 09:29 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-21 09:29 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-21 09:29 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-21 09:29 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-21 09:29 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-21 09:29 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-21 09:28 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-21 09:28 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-19 21:17 . 2012-06-19 21:17 -------- d-----w- c:\programdata\Battle.net
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-15 07:53 . 2012-03-31 03:32 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-15 07:53 . 2011-12-12 17:40 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-11 14:45 . 2011-12-13 22:58 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-07-03 16:21 . 2012-04-01 21:06 355856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-07-03 16:21 . 2012-04-01 21:06 958400 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-07-03 16:21 . 2012-04-01 21:06 71064 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-07-03 16:21 . 2012-04-01 21:06 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-07-03 16:21 . 2012-04-01 21:06 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-07-03 16:21 . 2012-04-01 21:06 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-07-03 16:21 . 2012-04-01 21:06 41224 ----a-w- c:\windows\avastSS.scr
2012-07-03 16:21 . 2012-04-01 21:06 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-07-03 16:21 . 2011-12-12 18:23 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-06-26 14:03 . 2012-02-10 17:27 4659712 ----a-w- c:\windows\SysWow64\Redemption.dll
2012-06-15 13:41 . 2012-06-15 13:41 268720 ----a-w- c:\windows\system32\javaws.exe
2012-06-15 13:41 . 2012-06-15 13:41 189360 ----a-w- c:\windows\system32\javaw.exe
2012-06-15 13:41 . 2012-06-15 13:41 188840 ----a-w- c:\windows\system32\java.exe
2012-06-15 13:41 . 2012-04-23 08:40 955840 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-06-15 13:41 . 2011-12-13 14:51 839096 ----a-w- c:\windows\system32\deployJava1.dll
2012-06-10 09:53 . 2012-06-06 20:12 30528 ----a-w- c:\windows\GVTDrv64.sys
2012-06-10 09:53 . 2012-06-06 10:55 25640 ----a-w- c:\windows\gdrv.sys
2012-06-09 17:30 . 2012-06-06 20:55 25640 ----a-w- c:\windows\etdrv.sys
2012-06-03 00:01 . 2012-01-04 22:35 282472 ------w- c:\windows\SysWow64\PnkBstrB.xtr
2012-06-03 00:01 . 2012-01-04 02:01 282472 ------w- c:\windows\SysWow64\PnkBstrB.exe
2012-06-02 05:45 . 2012-07-11 12:27 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 04:40 . 2012-07-11 12:27 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-06-01 16:10 . 2011-12-21 11:58 419840 ----a-w- c:\windows\system32\wrap_oal.dll
2012-06-01 16:10 . 2011-12-21 11:58 413696 ------w- c:\windows\SysWow64\wrap_oal.dll
2012-06-01 16:10 . 2011-12-21 11:58 133632 ----a-w- c:\windows\system32\OpenAL32.dll
2012-06-01 16:10 . 2011-12-21 11:58 110592 ------w- c:\windows\SysWow64\OpenAL32.dll
2012-05-31 10:25 . 2010-11-21 03:27 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-05-30 21:07 . 2012-01-04 02:01 282472 ------w- c:\windows\SysWow64\PnkBstrB.ex0
2012-05-30 10:21 . 2012-01-04 02:01 76888 ------w- c:\windows\SysWow64\PnkBstrA.exe
2012-05-30 06:17 . 2012-05-30 06:17 71680 ----a-w- c:\windows\system32\frapsv64.dll
2012-05-30 06:17 . 2012-05-30 06:17 65536 ----a-w- c:\windows\SysWow64\frapsvid.dll
2012-05-04 17:29 . 2011-12-12 19:07 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-05-04 11:06 . 2012-06-13 23:29 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 10:03 . 2012-06-13 23:29 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03 . 2012-06-13 23:29 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40 . 2012-06-13 23:29 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-04-28 03:55 . 2012-06-13 23:29 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-26 05:41 . 2012-06-13 23:29 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-04-26 05:41 . 2012-06-13 23:29 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-04-26 05:34 . 2012-06-13 23:29 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-04-24 05:37 . 2012-06-13 23:29 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-04-24 05:37 . 2012-06-13 23:29 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-04-24 05:37 . 2012-06-13 23:29 1462272 ----a-w- c:\windows\system32\crypt32.dll
2012-04-24 04:36 . 2012-06-13 23:29 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-04-24 04:36 . 2012-06-13 23:28 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-04-24 04:36 . 2012-06-13 23:28 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-04-23 11:26 . 2012-06-07 06:18 154272 ----a-w- c:\windows\system32\drivers\idmwfp.sys
2012-04-22 21:31 . 2012-05-31 16:58 64384 ----a-w- c:\windows\system32\drivers\EtronHub3.sys
2012-04-22 21:31 . 2011-11-03 14:30 87168 ----a-w- c:\windows\system32\drivers\EtronXHCI.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="c:\program files (x86)\Internet Download Manager\IDMan.exe" [2012-06-07 3491264]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176]
"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2011-07-28 393216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"STCAgent"="c:\program files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe" [2011-01-21 776064]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-11-05 283160]
"CTSysVol"="c:\program files (x86)\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe" [2003-09-17 57344]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"tsnp325"="c:\windows\tsnp325.exe" [2007-04-21 270336]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"FixCamera"="c:\windows\FixCamera.exe" [2007-07-11 20480]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-04-05 641664]
"ZyngaGamesAgent"="c:\program files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe" [2010-11-15 841544]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-12 136176]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-15 250056]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2010-12-21 36328]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-12-12 79360]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys [2012-06-09 25640]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-12 136176]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys [2012-06-10 30528]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2011-08-30 160256]
R3 ksaud;Creative USB Audio Driver;c:\windows\system32\drivers\ksaud.sys [2011-07-06 1148288]
R3 L6GX;Service - Line 6 GX;c:\windows\system32\Drivers\L6GX64.sys [2012-03-26 772224]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 SimpleSlideShowServer;SimpleSlideShowServer;c:\program files (x86)\Samsung\AllShare\AllShareSlideShowService.exe [2012-03-02 27584]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-06-02 157672]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 177640]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-06-02 146920]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2012-04-12 147248]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\DRIVERS\vcsvad.sys [2008-12-26 21504]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-12 1255736]
R3 wod0205;WeOnlyDo Network Adapter 2.5;c:\windows\system32\DRIVERS\wod0205.sys [2011-04-23 33160]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-14 279616]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-04-06 236544]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-07-03 71064]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [2011-09-21 21992]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2012-04-23 154272]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-03-07 629984]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2010-02-26 5017600]
S2 SamsungAllShareV2.0;Samsung AllShare PC;c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [2012-03-02 25504]
S2 SCBackService;Splashtop Connect Service;c:\program files (x86)\Splashtop\Splashtop Connect\BackService.exe [2010-11-15 477000]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 WCUService_STC_IE;Splashtop Connect IE Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe [2011-03-22 497480]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-04-06 11174400]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-04-06 343040]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-02-23 95760]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys [2012-04-22 64384]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys [2012-04-22 87168]
S3 MEIx64;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [2011-11-09 60184]
S3 netr7364;RT73 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr7364.sys [2011-10-05 729152]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-04-11 708200]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 SNP325;USB PC Camera (SNPSTD325);c:\windows\system32\DRIVERS\snp325.sys [2007-04-03 10549248]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 91430813
*Deregistered* - 91430813
.
Obsah adresáře 'Naplánované úlohy'
.
2012-07-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 07:53]
.
2012-07-18 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1888276911-1174949287-1229178209-1000Core.job
- c:\users\Cheaterboy\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-04-04 14:54]
.
2012-07-18 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1888276911-1174949287-1229178209-1000UA.job
- c:\users\Cheaterboy\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-04-04 14:54]
.
2012-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-12 18:59]
.
2012-07-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-12 18:59]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2012-02-08 00:49 23432 ----a-w- c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"snp325"="c:\windows\vsnp325.exe" [2006-10-10 827392]
"Creative SB Monitoring Utility"="sbavmon.dll" [2009-12-16 109056]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-03-27 12459112]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-05-03 324096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL =
mLocal Page = c:\windows\SYSTEM32\blank.htm
uSearchAssistant =
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Stáhnout s IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm
IE: Stáhnout s IDM všechny odkazy - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
TCP: DhcpNameServer = 176.102.128.2 176.102.128.3
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-Driver Genius - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*m*p*3*´Ćf\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000\Software\SecuROM\License information*]
"datasecu"=hex:ee,7a,5a,dc,d2,1b,0f,df,07,6c,da,22,a7,1d,9d,d9,5e,d7,34,ca,9c,
e1,55,27,d4,b6,33,2c,07,35,6c,fd,ab,c4,ed,a3,64,b6,1f,0a,1e,01,d3,a9,c8,a3,\
"rkeysecu"=hex:e0,9b,27,f9,14,43,a1,74,28,b9,6b,d5,09,45,7b,c7
.
[HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000_Classes\Wow6432Node\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):88,f3,e5,aa,ff,d1,32,c4,16,04,6c,ab,78,a2,d8,fd,ff,ce,e1,9d,d6,
7e,fd,d6,53,81,e5,43,86,e3,64,4a,50,1a,dc,29,6e,0a,ad,e2,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000_Classes\Wow6432Node\CLSID\{7463a9cd-a121-4c08-81d4-0c54c2bf16f1}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000066
"Therad"=dword:0000001b
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):7b,ee,91,ec,4b,f0,2a,59,8e,33,34,a6,82,9d,6a,12,d3,7f,e3,91,c8,
5b,03,15,ac,21,e2,56,bd,3c,c0,69,4e,cc,24,f1,b9,f1,f7,c2,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000_Classes\Wow6432Node\CLSID\{e1eac0b9-03bf-4526-a023-fec5dd93ce07}]
@Denied: (Full) (Everyone)
"Model"=dword:00000039
"Therad"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-07-19 19:38:51
ComboFix-quarantined-files.txt 2012-07-19 17:38
.
Před spuštěním: Volných bajtů: 1 297 926 475 776
Po spuštění: Volných bajtů: 1 297 760 747 520
.
- - End Of File - - 1A6A47A56BC48DA4AF95E3CD8A63CEFB

PC už šlape plynule, restart trvé podstatně méně ale i přesto pro jistotu doděláme kompletní čistku PC.

Příspěvekod **Žbeky** » 19 črc 2012 23:19

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::

Folder::
c:\program files (x86)\Google\Update

File::
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1888276911-1174949287-1229178209-1000Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1888276911-1174949287-1229178209-1000UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Driver::
gupdate
gupdatem

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=-

DDS::
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = 
mLocal Page = c:\windows\SYSTEM32\blank.htm
uSearchAssistant =

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\PCW\Security]

RegNull::
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

Příspěvekod **jaro3** » 20 črc 2012 10:54

+
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Cheaterboy · Příspěvekod **Cheaterboy** » 20 črc 2012 15:00

ComboFix log

ComboFix 12-07-20.01 - Cheaterboy 20.07.2012 14:29:41.2.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8175.6231 [GMT 2:00]
Spuštěný z: c:\users\Cheaterboy\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Cheaterboy\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1888276911-1174949287-1229178209-1000Core.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1888276911-1174949287-1229178209-1000UA.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.21.115\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.21.115\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.21.115\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.21.115\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.21.115\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.21.115\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.21.115\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.21.115\goopdate.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.21.115\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.21.115\psmachine.dll
c:\program files (x86)\Google\Update\1.3.21.115\psuser.dll
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.115\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\20.0.1132.57\20.0.1132.57_20.0.1132.47_chrome_updater.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1888276911-1174949287-1229178209-1000Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1888276911-1174949287-1229178209-1000UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-20 do 2012-07-20 )))))))))))))))))))))))))))))))
.
.
2012-07-20 12:33 . 2012-07-20 12:33 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-20 09:12 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7FA07FC4-42F4-4824-A007-15D928FA83DD}\mpengine.dll
2012-07-20 01:35 . 2012-07-20 01:35 -------- d-----w- c:\users\Cheaterboy\AppData\Roaming\Sinvise Systems
2012-07-19 14:01 . 2012-07-19 14:01 -------- d-----w- c:\users\Cheaterboy\AppData\Local\ATI
2012-07-19 13:43 . 2012-07-19 13:43 -------- d-----w- c:\users\Cheaterboy\AppData\Roaming\Malwarebytes
2012-07-19 13:43 . 2012-07-19 13:43 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-19 13:43 . 2012-07-19 13:43 -------- d-----w- c:\programdata\Malwarebytes
2012-07-19 13:43 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-19 12:17 . 2012-07-19 12:18 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2012-07-15 08:01 . 2012-07-15 08:02 -------- d-----w- c:\users\Cheaterboy\AppData\Roaming\Unified Remote
2012-07-15 08:01 . 2012-07-15 08:01 -------- d-----w- c:\program files (x86)\Unified Remote
2012-07-11 14:47 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-11 12:27 . 2012-06-06 06:06 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-07-10 16:41 . 2012-07-10 16:41 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-07-10 16:39 . 2012-07-10 16:39 -------- d-----w- c:\program files (x86)\Oracle
2012-07-10 16:39 . 2012-05-04 17:29 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-07-10 16:39 . 2012-07-10 16:39 -------- d-----w- c:\program files (x86)\Java
2012-07-10 16:38 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2012-07-10 14:00 . 2012-07-10 14:00 -------- d-----w- C:\Download
2012-07-10 13:59 . 2012-07-10 13:59 -------- d-----w- C:\AllShare
2012-07-10 13:49 . 2012-07-10 13:49 -------- d-----w- c:\program files (x86)\MyFree Codec
2012-07-10 13:38 . 2011-06-02 05:47 177640 ----a-w- c:\windows\system32\drivers\ssadmdm.sys
2012-07-10 13:38 . 2011-06-02 05:47 16872 ----a-w- c:\windows\system32\drivers\ssadmdfl.sys
2012-07-10 13:38 . 2011-06-02 05:47 157672 ----a-w- c:\windows\system32\drivers\ssadbus.sys
2012-07-10 13:38 . 2011-06-02 05:47 13800 ----a-w- c:\windows\system32\drivers\ssadwhnt.sys
2012-07-10 13:38 . 2011-06-02 05:47 13288 ----a-w- c:\windows\system32\drivers\ssadcmnt.sys
2012-07-10 13:38 . 2010-12-21 05:55 36328 ----a-w- c:\windows\system32\drivers\ssadadb.sys
2012-07-10 13:38 . 2011-06-02 05:47 146920 ----a-w- c:\windows\system32\drivers\ssadserd.sys
2012-07-10 13:32 . 2012-06-26 14:02 821824 ----a-w- c:\windows\SysWow64\dgderapi.dll
2012-06-26 14:02 . 2012-06-26 14:02 90112 ----a-w- c:\windows\MAMCityDownload.ocx
2012-06-26 14:02 . 2012-06-26 14:02 330240 ----a-w- c:\windows\MASetupCaller.dll
2012-06-26 14:02 . 2012-06-26 14:02 30568 ----a-w- c:\windows\MusiccityDownload.exe
2012-06-26 14:02 . 2012-06-26 14:02 45320 ----a-w- c:\windows\SysWow64\MAMACExtract.dll
2012-06-25 19:19 . 2012-07-19 22:40 -------- d-----w- c:\users\Cheaterboy\AppData\Roaming\.techniclauncher
2012-06-25 14:04 . 2012-06-25 14:04 1394248 ----a-w- c:\windows\SysWow64\msxml4.dll
2012-06-24 00:07 . 2012-07-03 21:22 -------- d-----w- c:\users\Cheaterboy\AppData\Roaming\esmska
2012-06-24 00:07 . 2012-06-24 00:07 -------- d--h--w- c:\program files (x86)\InstallJammer Registry
2012-06-24 00:07 . 2012-06-24 00:07 -------- d-----w- c:\program files (x86)\Esmska
2012-06-22 10:43 . 2012-06-22 10:43 -------- d-----w- c:\program files (x86)\WB Games
2012-06-22 10:29 . 2012-06-22 10:29 530488 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-06-21 09:29 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-21 09:29 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-21 09:29 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-21 09:29 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-21 09:29 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-21 09:29 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-21 09:29 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-21 09:28 . 2012-06-02 13:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-21 09:28 . 2012-06-02 13:15 36864 ----a-w- c:\windows\system32\wuapp.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-15 07:53 . 2012-03-31 03:32 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-15 07:53 . 2011-12-12 17:40 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-11 14:45 . 2011-12-13 22:58 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-07-03 16:21 . 2012-04-01 21:06 355856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-07-03 16:21 . 2012-04-01 21:06 958400 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-07-03 16:21 . 2012-04-01 21:06 71064 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-07-03 16:21 . 2012-04-01 21:06 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-07-03 16:21 . 2012-04-01 21:06 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-07-03 16:21 . 2012-04-01 21:06 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-07-03 16:21 . 2012-04-01 21:06 41224 ----a-w- c:\windows\avastSS.scr
2012-07-03 16:21 . 2012-04-01 21:06 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-07-03 16:21 . 2011-12-12 18:23 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-06-26 14:03 . 2012-02-10 17:27 4659712 ----a-w- c:\windows\SysWow64\Redemption.dll
2012-06-15 13:41 . 2012-06-15 13:41 268720 ----a-w- c:\windows\system32\javaws.exe
2012-06-15 13:41 . 2012-06-15 13:41 189360 ----a-w- c:\windows\system32\javaw.exe
2012-06-15 13:41 . 2012-06-15 13:41 188840 ----a-w- c:\windows\system32\java.exe
2012-06-15 13:41 . 2012-04-23 08:40 955840 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-06-15 13:41 . 2011-12-13 14:51 839096 ----a-w- c:\windows\system32\deployJava1.dll
2012-06-10 09:53 . 2012-06-06 20:12 30528 ----a-w- c:\windows\GVTDrv64.sys
2012-06-10 09:53 . 2012-06-06 10:55 25640 ----a-w- c:\windows\gdrv.sys
2012-06-09 17:30 . 2012-06-06 20:55 25640 ----a-w- c:\windows\etdrv.sys
2012-06-03 00:01 . 2012-01-04 22:35 282472 ------w- c:\windows\SysWow64\PnkBstrB.xtr
2012-06-03 00:01 . 2012-01-04 02:01 282472 ------w- c:\windows\SysWow64\PnkBstrB.exe
2012-06-02 05:45 . 2012-07-11 12:27 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 04:40 . 2012-07-11 12:27 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-06-01 16:10 . 2011-12-21 11:58 419840 ----a-w- c:\windows\system32\wrap_oal.dll
2012-06-01 16:10 . 2011-12-21 11:58 413696 ------w- c:\windows\SysWow64\wrap_oal.dll
2012-06-01 16:10 . 2011-12-21 11:58 133632 ----a-w- c:\windows\system32\OpenAL32.dll
2012-06-01 16:10 . 2011-12-21 11:58 110592 ------w- c:\windows\SysWow64\OpenAL32.dll
2012-05-31 10:25 . 2010-11-21 03:27 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-05-30 21:07 . 2012-01-04 02:01 282472 ------w- c:\windows\SysWow64\PnkBstrB.ex0
2012-05-30 10:21 . 2012-01-04 02:01 76888 ------w- c:\windows\SysWow64\PnkBstrA.exe
2012-05-30 06:17 . 2012-05-30 06:17 71680 ----a-w- c:\windows\system32\frapsv64.dll
2012-05-30 06:17 . 2012-05-30 06:17 65536 ----a-w- c:\windows\SysWow64\frapsvid.dll
2012-05-04 17:29 . 2011-12-12 19:07 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-05-04 11:06 . 2012-06-13 23:29 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 10:03 . 2012-06-13 23:29 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03 . 2012-06-13 23:29 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40 . 2012-06-13 23:29 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-04-28 03:55 . 2012-06-13 23:29 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-26 05:41 . 2012-06-13 23:29 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-04-26 05:41 . 2012-06-13 23:29 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-04-26 05:34 . 2012-06-13 23:29 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-04-24 05:37 . 2012-06-13 23:29 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-04-24 05:37 . 2012-06-13 23:29 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-04-24 05:37 . 2012-06-13 23:29 1462272 ----a-w- c:\windows\system32\crypt32.dll
2012-04-24 04:36 . 2012-06-13 23:29 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-04-24 04:36 . 2012-06-13 23:28 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-04-24 04:36 . 2012-06-13 23:28 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-04-23 11:26 . 2012-06-07 06:18 154272 ----a-w- c:\windows\system32\drivers\idmwfp.sys
2012-04-22 21:31 . 2012-05-31 16:58 64384 ----a-w- c:\windows\system32\drivers\EtronHub3.sys
2012-04-22 21:31 . 2011-11-03 14:30 87168 ----a-w- c:\windows\system32\drivers\EtronXHCI.sys
.
.
((((((((((((((((((((((((((((( SnapShot@2012-07-19_17.37.37 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2012-07-19 17:24 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-07-20 09:25 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-07-19 17:24 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-07-20 09:25 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-07-20 09:25 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-07-19 17:24 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-01-15 14:43 . 2012-01-15 14:43 65536 c:\windows\Installer\{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}\UNINST_Uninstall_S_246E9B4BFCE548DEB10B5A2FCFCD5DE4.exe
+ 2012-07-20 01:35 . 2012-07-20 01:35 65536 c:\windows\Installer\{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}\UNINST_Uninstall_S_246E9B4BFCE548DEB10B5A2FCFCD5DE4.exe
- 2012-01-15 14:43 . 2012-01-15 14:43 73728 c:\windows\Installer\{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}\Shutdown_Timer.exe_7641D143429F4822946A61137A8E321D.exe
+ 2012-07-20 01:35 . 2012-07-20 01:35 73728 c:\windows\Installer\{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}\Shutdown_Timer.exe_7641D143429F4822946A61137A8E321D.exe
- 2012-01-15 14:43 . 2012-01-15 14:43 73728 c:\windows\Installer\{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}\Shutdown_Timer.exe_1679CE734515425E8E8CCB32956A82D7.exe
+ 2012-07-20 01:35 . 2012-07-20 01:35 73728 c:\windows\Installer\{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}\Shutdown_Timer.exe_1679CE734515425E8E8CCB32956A82D7.exe
- 2012-01-15 14:43 . 2012-01-15 14:43 73728 c:\windows\Installer\{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}\ARPPRODUCTICON.exe
+ 2012-07-20 01:35 . 2012-07-20 01:35 73728 c:\windows\Installer\{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}\ARPPRODUCTICON.exe
+ 2012-07-20 12:36 . 2012-07-20 12:36 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-07-19 17:22 . 2012-07-19 17:22 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-07-20 12:36 . 2012-07-20 12:36 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-07-19 17:22 . 2012-07-19 17:22 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-11-04 06:48 . 2012-07-19 19:02 291536 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_FastS4.bin
- 2009-07-14 02:36 . 2012-07-19 17:28 656102 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-07-19 22:15 656102 c:\windows\system32\perfh009.dat
- 2010-11-21 09:27 . 2012-07-19 17:28 671942 c:\windows\system32\perfh005.dat
+ 2010-11-21 09:27 . 2012-07-19 22:15 671942 c:\windows\system32\perfh005.dat
- 2009-07-14 02:36 . 2012-07-19 17:28 122716 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2012-07-19 22:15 122716 c:\windows\system32\perfc009.dat
- 2010-11-21 09:27 . 2012-07-19 17:28 142268 c:\windows\system32\perfc005.dat
+ 2010-11-21 09:27 . 2012-07-19 22:15 142268 c:\windows\system32\perfc005.dat
+ 2011-11-04 09:47 . 2012-07-20 12:33 371880 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2011-11-04 09:47 . 2012-07-19 17:21 371880 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2009-07-14 05:01 . 2012-07-20 12:33 417792 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2009-07-14 05:01 . 2012-07-19 17:21 417792 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2012-01-15 14:43 . 2012-01-15 14:43 139264 c:\windows\Installer\{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}\Updater.exe_E20B2B5FC4F041B78CF7696254CCF80B.exe
+ 2012-07-20 01:35 . 2012-07-20 01:35 139264 c:\windows\Installer\{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}\Updater.exe_E20B2B5FC4F041B78CF7696254CCF80B.exe
- 2011-12-12 18:13 . 2012-07-19 17:21 9715600 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1888276911-1174949287-1229178209-1000-12288.dat
+ 2011-12-12 18:13 . 2012-07-20 12:33 9715600 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1888276911-1174949287-1229178209-1000-12288.dat
+ 2012-07-20 01:34 . 2012-07-20 01:34 3270656 c:\windows\Installer\1c2941a.msi
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="c:\program files (x86)\Internet Download Manager\IDMan.exe" [2012-06-07 3491264]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176]
"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2011-07-28 393216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"STCAgent"="c:\program files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe" [2011-01-21 776064]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-11-05 283160]
"CTSysVol"="c:\program files (x86)\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe" [2003-09-17 57344]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"tsnp325"="c:\windows\tsnp325.exe" [2007-04-21 270336]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"FixCamera"="c:\windows\FixCamera.exe" [2007-07-11 20480]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-04-05 641664]
"ZyngaGamesAgent"="c:\program files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe" [2010-11-15 841544]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-15 250056]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2010-12-21 36328]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-12-12 79360]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys [2012-06-09 25640]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys [2012-06-10 30528]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2011-08-30 160256]
R3 ksaud;Creative USB Audio Driver;c:\windows\system32\drivers\ksaud.sys [2011-07-06 1148288]
R3 L6GX;Service - Line 6 GX;c:\windows\system32\Drivers\L6GX64.sys [2012-03-26 772224]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 SimpleSlideShowServer;SimpleSlideShowServer;c:\program files (x86)\Samsung\AllShare\AllShareSlideShowService.exe [2012-03-02 27584]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-06-02 157672]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 177640]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-06-02 146920]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2012-04-12 147248]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\DRIVERS\vcsvad.sys [2008-12-26 21504]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-12 1255736]
R3 wod0205;WeOnlyDo Network Adapter 2.5;c:\windows\system32\DRIVERS\wod0205.sys [2011-04-23 33160]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-14 279616]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-04-06 236544]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-07-03 71064]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [2011-09-21 21992]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2012-04-23 154272]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-03-07 629984]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2010-02-26 5017600]
S2 SamsungAllShareV2.0;Samsung AllShare PC;c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [2012-03-02 25504]
S2 SCBackService;Splashtop Connect Service;c:\program files (x86)\Splashtop\Splashtop Connect\BackService.exe [2010-11-15 477000]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 WCUService_STC_IE;Splashtop Connect IE Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe [2011-03-22 497480]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-04-06 11174400]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-04-06 343040]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-02-23 95760]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys [2012-04-22 64384]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys [2012-04-22 87168]
S3 MEIx64;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [2011-11-09 60184]
S3 netr7364;RT73 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr7364.sys [2011-10-05 729152]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-04-11 708200]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 SNP325;USB PC Camera (SNPSTD325);c:\windows\system32\DRIVERS\snp325.sys [2007-04-03 10549248]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2012-07-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 07:53]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2012-02-08 00:49 23432 ----a-w- c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"snp325"="c:\windows\vsnp325.exe" [2006-10-10 827392]
"Creative SB Monitoring Utility"="sbavmon.dll" [2009-12-16 109056]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-03-27 12459112]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-05-03 324096]
"combofix"="c:\combofix\CF30195.3XE" [2010-11-21 345088]
.
------- Doplňkový sken -------
.
uLocal Page = %SystemRoot%\system32\blank.htm
mLocal Page = %SystemRoot%\system32\blank.htm
uSearchAssistant =
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Stáhnout s IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm
IE: Stáhnout s IDM všechny odkazy - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
TCP: DhcpNameServer = 176.102.128.2 176.102.128.3
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*m*p*3*´Ćf\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000\Software\SecuROM\License information*]
"datasecu"=hex:ee,7a,5a,dc,d2,1b,0f,df,07,6c,da,22,a7,1d,9d,d9,5e,d7,34,ca,9c,
e1,55,27,d4,b6,33,2c,07,35,6c,fd,ab,c4,ed,a3,64,b6,1f,0a,1e,01,d3,a9,c8,a3,\
"rkeysecu"=hex:e0,9b,27,f9,14,43,a1,74,28,b9,6b,d5,09,45,7b,c7
.
[HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000_Classes\Wow6432Node\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):88,f3,e5,aa,ff,d1,32,c4,16,04,6c,ab,78,a2,d8,fd,ff,ce,e1,9d,d6,
7e,fd,d6,53,81,e5,43,86,e3,64,4a,50,1a,dc,29,6e,0a,ad,e2,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000_Classes\Wow6432Node\CLSID\{7463a9cd-a121-4c08-81d4-0c54c2bf16f1}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000066
"Therad"=dword:0000001b
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):7b,ee,91,ec,4b,f0,2a,59,8e,33,34,a6,82,9d,6a,12,d3,7f,e3,91,c8,
5b,03,15,ac,21,e2,56,bd,3c,c0,69,4e,cc,24,f1,b9,f1,f7,c2,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000_Classes\Wow6432Node\CLSID\{e1eac0b9-03bf-4526-a023-fec5dd93ce07}]
@Denied: (Full) (Everyone)
"Model"=dword:00000039
"Therad"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\TP-LINK\TL-WN321G\COMMON\RegistryWriter.exe
.
**************************************************************************
.
Celkový čas: 2012-07-20 14:39:42 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-07-20 12:39
ComboFix2.txt 2012-07-19 17:38
.
Před spuštěním: Volných bajtů: 1 295 331 098 624
Po spuštění: Volných bajtů: 1 296 579 596 288
.
- - End Of File - - 5B7D90A953285E3A1AEE51F40A6FE523

aswMBR log

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-07-20 14:41:16
-----------------------------
14:41:16.502 OS Version: Windows x64 6.1.7601 Service Pack 1
14:41:16.502 Number of processors: 8 586 0x2A07
14:41:16.502 ComputerName: CHEATERBOY-PC UserName: Cheaterboy
14:41:18.936 Initialize success
14:41:18.967 AVAST engine defs: 12071902
14:41:31.790 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:41:31.790 Disk 0 Vendor: WDC_WD20 05.0 Size: 1907729MB BusType: 3
14:41:31.790 Disk 0 MBR read successfully
14:41:31.790 Disk 0 MBR scan
14:41:32.024 Disk 0 Windows 7 default MBR code
14:41:32.040 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 1899723 MB offset 2048
14:41:32.180 Disk 0 Partition 2 00 27 Hidden NTFS WinRE NTFS 8000 MB offset 3890634752
14:41:32.305 Disk 0 scanning C:\Windows\system32\drivers
14:41:38.482 Service scanning
14:41:46.438 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
14:41:48.435 Modules scanning
14:41:48.435 Disk 0 trace - called modules:
14:41:48.435 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys sptd.sys hal.dll
14:41:48.950 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8009048790]
14:41:48.950 3 CLASSPNP.SYS[fffff88001b9d43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007531050]
14:41:50.104 AVAST engine scan C:\Windows
14:41:52.788 AVAST engine scan C:\Windows\system32
14:43:11.100 AVAST engine scan C:\Windows\system32\drivers
14:43:24.656 AVAST engine scan C:\Users\Cheaterboy
14:49:14.206 AVAST engine scan C:\ProgramData
14:49:52.863 Scan finished successfully
14:59:32.742 Disk 0 MBR has been saved successfully to "C:\Users\Cheaterboy\Desktop\MBR.dat"
14:59:32.746 The log file has been saved successfully to "C:\Users\Cheaterboy\Desktop\aswMBR.txt"

Tak bohužel mám špatné zprávy ten restart systému pořád trvá stejně dlouho. Abych Vám problém trochu usnadnil tak, začalo to dělat když jsem si koupil zvukovou kartu "Alesis guitarlink pro USB" (nebo tak nějak) a pokaždé když jsem zapínal PC a byl kabel od zvukové karty připojen, tak to právě načítalo tak dlouho. Tak jsem tedy kabel začal odpojovat při nepoužívání, ale dělá to pořád stejnou prodlevu. Jestli by to třeba nemohlo být ovlivněno připojeným HW?

Příspěvekod **jaro3** » 21 črc 2012 11:32

Odinstaluj:
MyFree Codec

Tak bohužel mám špatné zprávy ten restart systému pořád trvá stejně dlouho. Abych Vám problém trochu usnadnil tak, začalo to dělat když jsem si koupil zvukovou kartu "Alesis guitarlink pro USB" (nebo tak nějak) a pokaždé když jsem zapínal PC a byl kabel od zvukové karty připojen, tak to právě načítalo tak dlouho. Tak jsem tedy kabel začal odpojovat při nepoužívání, ale dělá to pořád stejnou prodlevu. Jestli by to třeba nemohlo být ovlivněno připojeným HW?

Může , systém může tu kartu a ovladače ap. hledat , tím se start může zpožďovat.

Odinstaluj:
MyFree Codec

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

KillAll::
File::
c:\windows\system32\perfh009.dat
c:\windows\system32\perfh009.dat
c:\windows\system32\perfh005.dat
c:\windows\system32\perfh005.dat
c:\windows\system32\perfc009.dat
c:\windows\system32\perfc009.dat
c:\windows\system32\perfc005.dat
c:\windows\system32\perfc005.dat
c:\program files (x86)\Skype\Updater\Updater.exe


Folder::
c:\program files (x86)\MyFree Codec

Driver::
SkypeUpdate

RegLock::
[HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000_Classes\Wow6432Node\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):88,f3,e5,aa,ff,d1,32,c4,16,04,6c,ab,78,a2,d8,fd,ff,ce,e1,9d,d6,
 7e,fd,d6,53,81,e5,43,86,e3,64,4a,50,1a,dc,29,6e,0a,ad,e2,00,00,00,00,00,00,\
[HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000_Classes\Wow6432Node\CLSID\{7463a9cd-a121-4c08-81d4-0c54c2bf16f1}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000066
"Therad"=dword:0000001b
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
 1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
[HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):7b,ee,91,ec,4b,f0,2a,59,8e,33,34,a6,82,9d,6a,12,d3,7f,e3,91,c8,
 5b,03,15,ac,21,e2,56,bd,3c,c0,69,4e,cc,24,f1,b9,f1,f7,c2,00,00,00,00,00,00,\
[HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000_Classes\Wow6432Node\CLSID\{e1eac0b9-03bf-4526-a023-fec5dd93ce07}]
@Denied: (Full) (Everyone)
"Model"=dword:00000039
"Therad"=dword:00000001

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si TDSSKiller

Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Cheaterboy · Příspěvekod **Cheaterboy** » 22 črc 2012 13:53

ComboFix

ComboFix 12-07-20.01 - Cheaterboy 22.07.2012 13:38:45.3.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8175.6215 [GMT 2:00]
Spuštěný z: c:\users\Cheaterboy\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Cheaterboy\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\program files (x86)\Skype\Updater\Updater.exe"
"c:\windows\system32\perfc005.dat"
"c:\windows\system32\perfc009.dat"
"c:\windows\system32\perfh005.dat"
"c:\windows\system32\perfh009.dat"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\MyFree Codec
c:\program files (x86)\Skype\Updater\Updater.exe
c:\windows\system32\perfc005.dat
c:\windows\system32\perfh005.dat
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-22 do 2012-07-22 )))))))))))))))))))))))))))))))
.
.
2012-07-22 11:44 . 2012-07-22 11:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-21 00:53 . 2012-07-21 00:53 -------- d-----w- c:\program files (x86)\CountDown ShutDown PC
2012-07-20 09:12 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7FA07FC4-42F4-4824-A007-15D928FA83DD}\mpengine.dll
2012-07-20 01:35 . 2012-07-20 01:35 -------- d-----w- c:\users\Cheaterboy\AppData\Roaming\Sinvise Systems
2012-07-19 14:01 . 2012-07-19 14:01 -------- d-----w- c:\users\Cheaterboy\AppData\Local\ATI
2012-07-19 13:43 . 2012-07-19 13:43 -------- d-----w- c:\users\Cheaterboy\AppData\Roaming\Malwarebytes
2012-07-19 13:43 . 2012-07-19 13:43 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-19 13:43 . 2012-07-19 13:43 -------- d-----w- c:\programdata\Malwarebytes
2012-07-19 13:43 . 2012-07-03 11:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-19 12:17 . 2012-07-19 12:18 -------- d-----w- c:\program files (x86)\CrystalDiskInfo
2012-07-15 08:01 . 2012-07-15 08:02 -------- d-----w- c:\users\Cheaterboy\AppData\Roaming\Unified Remote
2012-07-15 08:01 . 2012-07-15 08:01 -------- d-----w- c:\program files (x86)\Unified Remote
2012-07-11 14:47 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-07-11 12:27 . 2012-06-06 06:06 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-07-10 16:41 . 2012-07-10 16:41 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-07-10 16:39 . 2012-07-10 16:39 -------- d-----w- c:\program files (x86)\Oracle
2012-07-10 16:39 . 2012-05-04 17:29 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-07-10 16:39 . 2012-07-10 16:39 -------- d-----w- c:\program files (x86)\Java
2012-07-10 16:38 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2012-07-10 14:00 . 2012-07-10 14:00 -------- d-----w- C:\Download
2012-07-10 13:59 . 2012-07-10 13:59 -------- d-----w- C:\AllShare
2012-07-10 13:38 . 2011-06-02 05:47 177640 ----a-w- c:\windows\system32\drivers\ssadmdm.sys
2012-07-10 13:38 . 2011-06-02 05:47 16872 ----a-w- c:\windows\system32\drivers\ssadmdfl.sys
2012-07-10 13:38 . 2011-06-02 05:47 157672 ----a-w- c:\windows\system32\drivers\ssadbus.sys
2012-07-10 13:38 . 2011-06-02 05:47 13800 ----a-w- c:\windows\system32\drivers\ssadwhnt.sys
2012-07-10 13:38 . 2011-06-02 05:47 13288 ----a-w- c:\windows\system32\drivers\ssadcmnt.sys
2012-07-10 13:38 . 2010-12-21 05:55 36328 ----a-w- c:\windows\system32\drivers\ssadadb.sys
2012-07-10 13:38 . 2011-06-02 05:47 146920 ----a-w- c:\windows\system32\drivers\ssadserd.sys
2012-07-10 13:32 . 2012-06-26 14:02 821824 ----a-w- c:\windows\SysWow64\dgderapi.dll
2012-06-26 14:02 . 2012-06-26 14:02 90112 ----a-w- c:\windows\MAMCityDownload.ocx
2012-06-26 14:02 . 2012-06-26 14:02 330240 ----a-w- c:\windows\MASetupCaller.dll
2012-06-26 14:02 . 2012-06-26 14:02 30568 ----a-w- c:\windows\MusiccityDownload.exe
2012-06-26 14:02 . 2012-06-26 14:02 45320 ----a-w- c:\windows\SysWow64\MAMACExtract.dll
2012-06-25 19:19 . 2012-07-19 22:40 -------- d-----w- c:\users\Cheaterboy\AppData\Roaming\.techniclauncher
2012-06-25 14:04 . 2012-06-25 14:04 1394248 ----a-w- c:\windows\SysWow64\msxml4.dll
2012-06-24 00:07 . 2012-07-03 21:22 -------- d-----w- c:\users\Cheaterboy\AppData\Roaming\esmska
2012-06-24 00:07 . 2012-06-24 00:07 -------- d--h--w- c:\program files (x86)\InstallJammer Registry
2012-06-24 00:07 . 2012-06-24 00:07 -------- d-----w- c:\program files (x86)\Esmska
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-15 07:53 . 2012-03-31 03:32 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-15 07:53 . 2011-12-12 17:40 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-07-11 14:45 . 2011-12-13 22:58 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-07-03 16:21 . 2012-04-01 21:06 355856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-07-03 16:21 . 2012-04-01 21:06 958400 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-07-03 16:21 . 2012-04-01 21:06 71064 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-07-03 16:21 . 2012-04-01 21:06 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-07-03 16:21 . 2012-04-01 21:06 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-07-03 16:21 . 2012-04-01 21:06 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-07-03 16:21 . 2012-04-01 21:06 41224 ----a-w- c:\windows\avastSS.scr
2012-07-03 16:21 . 2012-04-01 21:06 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-07-03 16:21 . 2011-12-12 18:23 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-06-26 14:03 . 2012-02-10 17:27 4659712 ----a-w- c:\windows\SysWow64\Redemption.dll
2012-06-15 13:41 . 2012-06-15 13:41 268720 ----a-w- c:\windows\system32\javaws.exe
2012-06-15 13:41 . 2012-06-15 13:41 189360 ----a-w- c:\windows\system32\javaw.exe
2012-06-15 13:41 . 2012-06-15 13:41 188840 ----a-w- c:\windows\system32\java.exe
2012-06-15 13:41 . 2012-04-23 08:40 955840 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-06-15 13:41 . 2011-12-13 14:51 839096 ----a-w- c:\windows\system32\deployJava1.dll
2012-06-10 09:53 . 2012-06-06 20:12 30528 ----a-w- c:\windows\GVTDrv64.sys
2012-06-10 09:53 . 2012-06-06 10:55 25640 ----a-w- c:\windows\gdrv.sys
2012-06-09 17:30 . 2012-06-06 20:55 25640 ----a-w- c:\windows\etdrv.sys
2012-06-03 00:01 . 2012-01-04 22:35 282472 ------w- c:\windows\SysWow64\PnkBstrB.xtr
2012-06-03 00:01 . 2012-01-04 02:01 282472 ------w- c:\windows\SysWow64\PnkBstrB.exe
2012-06-02 22:19 . 2012-06-21 09:29 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-21 09:29 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-21 09:29 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-21 09:29 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-21 09:29 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-21 09:29 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-21 09:29 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-06-21 09:28 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-06-21 09:28 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 05:45 . 2012-07-11 12:27 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 04:40 . 2012-07-11 12:27 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-06-01 16:10 . 2011-12-21 11:58 419840 ----a-w- c:\windows\system32\wrap_oal.dll
2012-06-01 16:10 . 2011-12-21 11:58 413696 ------w- c:\windows\SysWow64\wrap_oal.dll
2012-06-01 16:10 . 2011-12-21 11:58 133632 ----a-w- c:\windows\system32\OpenAL32.dll
2012-06-01 16:10 . 2011-12-21 11:58 110592 ------w- c:\windows\SysWow64\OpenAL32.dll
2012-05-31 10:25 . 2010-11-21 03:27 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-05-30 21:07 . 2012-01-04 02:01 282472 ------w- c:\windows\SysWow64\PnkBstrB.ex0
2012-05-30 10:21 . 2012-01-04 02:01 76888 ------w- c:\windows\SysWow64\PnkBstrA.exe
2012-05-30 06:17 . 2012-05-30 06:17 71680 ----a-w- c:\windows\system32\frapsv64.dll
2012-05-30 06:17 . 2012-05-30 06:17 65536 ----a-w- c:\windows\SysWow64\frapsvid.dll
2012-05-04 17:29 . 2011-12-12 19:07 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-05-04 11:06 . 2012-06-13 23:29 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 10:03 . 2012-06-13 23:29 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:03 . 2012-06-13 23:29 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-01 05:40 . 2012-06-13 23:29 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-04-28 03:55 . 2012-06-13 23:29 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-04-26 05:41 . 2012-06-13 23:29 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-04-26 05:41 . 2012-06-13 23:29 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-04-26 05:34 . 2012-06-13 23:29 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-04-24 05:37 . 2012-06-13 23:29 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-04-24 05:37 . 2012-06-13 23:29 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-04-24 05:37 . 2012-06-13 23:29 1462272 ----a-w- c:\windows\system32\crypt32.dll
2012-04-24 04:36 . 2012-06-13 23:29 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-04-24 04:36 . 2012-06-13 23:28 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-04-24 04:36 . 2012-06-13 23:28 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-07-19_17.37.37 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2012-07-19 17:24 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-07-22 10:07 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-07-19 17:24 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-07-22 10:07 49152 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-07-19 17:24 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-07-22 10:07 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2010-11-21 03:09 . 2012-07-22 10:07 63566 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-07-22 10:07 37472 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
- 2011-12-12 18:18 . 2012-07-19 17:24 14338 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1888276911-1174949287-1229178209-1000_UserData.bin
+ 2011-12-12 18:18 . 2012-07-22 10:07 14338 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1888276911-1174949287-1229178209-1000_UserData.bin
+ 2011-12-12 17:40 . 2012-07-22 10:29 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-12-12 17:40 . 2012-07-19 10:15 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2012-04-14 09:22 . 2012-07-19 10:15 49152 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2012-04-14 09:22 . 2012-07-22 10:29 49152 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-07-19 10:15 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-07-22 10:29 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-07-20 01:35 . 2012-07-20 01:35 65536 c:\windows\Installer\{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}\UNINST_Uninstall_S_246E9B4BFCE548DEB10B5A2FCFCD5DE4.exe
- 2012-01-15 14:43 . 2012-01-15 14:43 65536 c:\windows\Installer\{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}\UNINST_Uninstall_S_246E9B4BFCE548DEB10B5A2FCFCD5DE4.exe
- 2012-01-15 14:43 . 2012-01-15 14:43 73728 c:\windows\Installer\{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}\Shutdown_Timer.exe_7641D143429F4822946A61137A8E321D.exe
+ 2012-07-20 01:35 . 2012-07-20 01:35 73728 c:\windows\Installer\{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}\Shutdown_Timer.exe_7641D143429F4822946A61137A8E321D.exe
- 2012-01-15 14:43 . 2012-01-15 14:43 73728 c:\windows\Installer\{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}\Shutdown_Timer.exe_1679CE734515425E8E8CCB32956A82D7.exe
+ 2012-07-20 01:35 . 2012-07-20 01:35 73728 c:\windows\Installer\{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}\Shutdown_Timer.exe_1679CE734515425E8E8CCB32956A82D7.exe
+ 2012-07-20 01:35 . 2012-07-20 01:35 73728 c:\windows\Installer\{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}\ARPPRODUCTICON.exe
- 2012-01-15 14:43 . 2012-01-15 14:43 73728 c:\windows\Installer\{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}\ARPPRODUCTICON.exe
+ 2012-07-22 11:46 . 2012-07-22 11:46 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-07-19 17:22 . 2012-07-19 17:22 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-07-19 17:22 . 2012-07-19 17:22 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-07-22 11:46 . 2012-07-22 11:46 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-11-04 06:48 . 2012-07-19 19:02 291536 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_FastS4.bin
- 2009-07-14 02:36 . 2012-07-19 17:28 656102 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-07-22 10:49 656102 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-07-19 17:28 122716 c:\windows\system32\perfc009.dat
+ 2009-07-14 02:36 . 2012-07-22 10:49 122716 c:\windows\system32\perfc009.dat
- 2011-11-04 09:47 . 2012-07-19 17:21 371880 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
+ 2011-11-04 09:47 . 2012-07-22 11:44 371880 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2009-07-14 05:01 . 2012-07-19 17:21 417792 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-07-22 11:44 417792 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-07-20 01:35 . 2012-07-20 01:35 139264 c:\windows\Installer\{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}\Updater.exe_E20B2B5FC4F041B78CF7696254CCF80B.exe
- 2012-01-15 14:43 . 2012-01-15 14:43 139264 c:\windows\Installer\{0B1BBEE3-C10D-44BE-A6BE-EEC867315F87}\Updater.exe_E20B2B5FC4F041B78CF7696254CCF80B.exe
+ 2011-12-12 18:13 . 2012-07-22 11:44 9715600 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1888276911-1174949287-1229178209-1000-12288.dat
- 2011-12-12 18:13 . 2012-07-19 17:21 9715600 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1888276911-1174949287-1229178209-1000-12288.dat
+ 2012-07-20 01:34 . 2012-07-20 01:34 3270656 c:\windows\Installer\1c2941a.msi
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IDMan"="c:\program files (x86)\Internet Download Manager\IDMan.exe" [2012-06-07 3491264]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"STCAgent"="c:\program files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe" [2011-01-21 776064]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-11-05 283160]
"CTSysVol"="c:\program files (x86)\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe" [2003-09-17 57344]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"tsnp325"="c:\windows\tsnp325.exe" [2007-04-21 270336]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"FixCamera"="c:\windows\FixCamera.exe" [2007-07-11 20480]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-04-05 641664]
"ZyngaGamesAgent"="c:\program files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe" [2010-11-15 841544]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-15 250056]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2010-12-21 36328]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-12-12 79360]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys [2012-06-09 25640]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys [2012-06-10 30528]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2011-08-30 160256]
R3 ksaud;Creative USB Audio Driver;c:\windows\system32\drivers\ksaud.sys [2011-07-06 1148288]
R3 L6GX;Service - Line 6 GX;c:\windows\system32\Drivers\L6GX64.sys [2012-03-26 772224]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 netr7364;RT73 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr7364.sys [2011-10-05 729152]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 SimpleSlideShowServer;SimpleSlideShowServer;c:\program files (x86)\Samsung\AllShare\AllShareSlideShowService.exe [2012-03-02 27584]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-06-02 157672]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 177640]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-06-02 146920]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2012-04-12 147248]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\DRIVERS\vcsvad.sys [2008-12-26 21504]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-12 1255736]
R3 wod0205;WeOnlyDo Network Adapter 2.5;c:\windows\system32\DRIVERS\wod0205.sys [2011-04-23 33160]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-14 279616]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-04-06 236544]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-07-03 71064]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [2011-09-21 21992]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-05 13336]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2012-04-23 154272]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-03-07 629984]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2010-02-26 5017600]
S2 SamsungAllShareV2.0;Samsung AllShare PC;c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [2012-03-02 25504]
S2 SCBackService;Splashtop Connect Service;c:\program files (x86)\Splashtop\Splashtop Connect\BackService.exe [2010-11-15 477000]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 WCUService_STC_IE;Splashtop Connect IE Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe [2011-03-22 497480]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-04-06 11174400]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-04-06 343040]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-02-23 95760]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys [2012-04-22 64384]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys [2012-04-22 87168]
S3 MEIx64;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [2011-11-09 60184]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-04-11 708200]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 SNP325;USB PC Camera (SNPSTD325);c:\windows\system32\DRIVERS\snp325.sys [2007-04-03 10549248]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-07-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-31 07:53]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2012-02-08 00:49 23432 ----a-w- c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"snp325"="c:\windows\vsnp325.exe" [2006-10-10 827392]
"Creative SB Monitoring Utility"="sbavmon.dll" [2009-12-16 109056]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-03-27 12459112]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-05-03 324096]
"combofix"="c:\combofix\CF27301.3XE" [2010-11-21 345088]
.
------- Doplňkový sken -------
.
uLocal Page = %SystemRoot%\system32\blank.htm
mLocal Page = %SystemRoot%\system32\blank.htm
uSearchAssistant =
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Stáhnout s IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm
IE: Stáhnout s IDM všechny odkazy - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
TCP: DhcpNameServer = 176.102.128.2 176.102.128.3
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*m*p*3*´Ćf\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*m*ĺ(]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*m*ĺ(\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\.*m*ĺ(]
"0"=hex:66,69,6c,65,3a,2f,2f,2f,43,3a,2f,48,55,44,42,41,2f,48,49,4d,2f,41,6c,
62,61,2f,4c,6f,76,65,25,32,30,6d,65,74,61,6c,2f,30,32,2d,68,69,6d,2d,74,68,\
"MRUListEx"=hex:00,00,00,00,ff,ff,ff,ff
.
[HKEY_USERS\S-1-5-21-1888276911-1174949287-1229178209-1000\Software\SecuROM\License information*]
"datasecu"=hex:ee,7a,5a,dc,d2,1b,0f,df,07,6c,da,22,a7,1d,9d,d9,5e,d7,34,ca,9c,
e1,55,27,d4,b6,33,2c,07,35,6c,fd,ab,c4,ed,a3,64,b6,1f,0a,1e,01,d3,a9,c8,a3,\
"rkeysecu"=hex:e0,9b,27,f9,14,43,a1,74,28,b9,6b,d5,09,45,7b,c7
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\TP-LINK\TL-WN321G\COMMON\RegistryWriter.exe
.
**************************************************************************
.
Celkový čas: 2012-07-22 13:49:57 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-07-22 11:49
ComboFix2.txt 2012-07-20 12:39
ComboFix3.txt 2012-07-19 17:38
.
Před spuštěním: Volných bajtů: 1 287 409 778 688
Po spuštění: Volných bajtů: 1 287 862 046 720
.
- - End Of File - - 4537532C71EF59697071D5B86E9BA440

Cheaterboy · Příspěvekod **Cheaterboy** » 22 črc 2012 13:55

TDSS Killer 1/2

13:52:21.0375 4748 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
13:52:21.0453 4748 ============================================================
13:52:21.0453 4748 Current date / time: 2012/07/22 13:52:21.0453
13:52:21.0453 4748 SystemInfo:
13:52:21.0453 4748
13:52:21.0453 4748 OS Version: 6.1.7601 ServicePack: 1.0
13:52:21.0453 4748 Product type: Workstation
13:52:21.0453 4748 ComputerName: CHEATERBOY-PC
13:52:21.0453 4748 UserName: Cheaterboy
13:52:21.0453 4748 Windows directory: C:\Windows
13:52:21.0453 4748 System windows directory: C:\Windows
13:52:21.0453 4748 Running under WOW64
13:52:21.0453 4748 Processor architecture: Intel x64
13:52:21.0453 4748 Number of processors: 8
13:52:21.0453 4748 Page size: 0x1000
13:52:21.0453 4748 Boot type: Normal boot
13:52:21.0453 4748 ============================================================
13:52:21.0718 4748 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:52:21.0734 4748 ============================================================
13:52:21.0734 4748 \Device\Harddisk0\DR0:
13:52:21.0734 4748 MBR partitions:
13:52:21.0734 4748 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE7E65800
13:52:21.0734 4748 ============================================================
13:52:21.0750 4748 C: <-> \Device\Harddisk0\DR0\Partition0
13:52:21.0750 4748 ============================================================
13:52:21.0750 4748 Initialize success
13:52:21.0750 4748 ============================================================
13:52:22.0752 5464 ============================================================
13:52:22.0752 5464 Scan started
13:52:22.0752 5464 Mode: Manual;
13:52:22.0752 5464 ============================================================
13:52:22.0944 5464 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
13:52:22.0944 5464 1394ohci - ok
13:52:22.0991 5464 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
13:52:22.0991 5464 ACPI - ok
13:52:23.0007 5464 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
13:52:23.0007 5464 AcpiPmi - ok
13:52:23.0069 5464 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:52:23.0069 5464 AdobeARMservice - ok
13:52:23.0163 5464 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:52:23.0163 5464 AdobeFlashPlayerUpdateSvc - ok
13:52:23.0194 5464 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
13:52:23.0210 5464 adp94xx - ok
13:52:23.0210 5464 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
13:52:23.0210 5464 adpahci - ok
13:52:23.0225 5464 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
13:52:23.0225 5464 adpu320 - ok
13:52:23.0241 5464 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
13:52:23.0241 5464 AeLookupSvc - ok
13:52:23.0334 5464 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
13:52:23.0334 5464 AFD - ok
13:52:23.0363 5464 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
13:52:23.0363 5464 agp440 - ok
13:52:23.0379 5464 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
13:52:23.0380 5464 ALG - ok
13:52:23.0382 5464 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
13:52:23.0382 5464 aliide - ok
13:52:23.0411 5464 AMD External Events Utility (20c8a3e435a47f0408a1ea674afa6194) C:\Windows\system32\atiesrxx.exe
13:52:23.0412 5464 AMD External Events Utility - ok
13:52:23.0414 5464 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
13:52:23.0414 5464 amdide - ok
13:52:23.0417 5464 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
13:52:23.0418 5464 AmdK8 - ok
13:52:23.0684 5464 amdkmdag (0b45c18b0f3ee996d25baa4e74884b83) C:\Windows\system32\DRIVERS\atikmdag.sys
13:52:23.0721 5464 amdkmdag - ok
13:52:23.0833 5464 amdkmdap (0e57258e5cc4cc7a9a9a877afdf0cec6) C:\Windows\system32\DRIVERS\atikmpag.sys
13:52:23.0834 5464 amdkmdap - ok
13:52:23.0837 5464 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
13:52:23.0838 5464 AmdPPM - ok
13:52:23.0855 5464 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
13:52:23.0856 5464 amdsata - ok
13:52:23.0862 5464 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
13:52:23.0863 5464 amdsbs - ok
13:52:23.0869 5464 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
13:52:23.0870 5464 amdxata - ok
13:52:23.0976 5464 androidusb (4de0d5d747a73797c95a97dcce5018b5) C:\Windows\system32\Drivers\ssadadb.sys
13:52:23.0977 5464 androidusb - ok
13:52:23.0980 5464 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
13:52:23.0980 5464 AppID - ok
13:52:23.0996 5464 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
13:52:23.0996 5464 AppIDSvc - ok
13:52:24.0008 5464 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
13:52:24.0009 5464 Appinfo - ok
13:52:24.0048 5464 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
13:52:24.0048 5464 arc - ok
13:52:24.0055 5464 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
13:52:24.0056 5464 arcsas - ok
13:52:24.0106 5464 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:52:24.0106 5464 aspnet_state - ok
13:52:24.0122 5464 aswFsBlk (df59b8e8df0bd2e0e303778a3806a17d) C:\Windows\system32\drivers\aswFsBlk.sys
13:52:24.0123 5464 aswFsBlk - ok
13:52:24.0135 5464 aswMonFlt (f8e6ab4f876feff69250f2e0c29ef004) C:\Windows\system32\drivers\aswMonFlt.sys
13:52:24.0136 5464 aswMonFlt - ok
13:52:24.0141 5464 aswRdr (aa92bc4bcba40ca3aa3ffd1be24f0c09) C:\Windows\System32\Drivers\aswrdr2.sys
13:52:24.0142 5464 aswRdr - ok
13:52:24.0197 5464 aswSnx (f06e230e1e8ca9437a6474b7b551cd37) C:\Windows\system32\drivers\aswSnx.sys
13:52:24.0200 5464 aswSnx - ok
13:52:24.0224 5464 aswSP (3610ca74a69e380424f0452dec5c1317) C:\Windows\system32\drivers\aswSP.sys
13:52:24.0226 5464 aswSP - ok
13:52:24.0240 5464 aswTdi (87de3e31cb0091d22351349869324065) C:\Windows\system32\drivers\aswTdi.sys
13:52:24.0241 5464 aswTdi - ok
13:52:24.0248 5464 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
13:52:24.0248 5464 AsyncMac - ok
13:52:24.0259 5464 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
13:52:24.0259 5464 atapi - ok
13:52:24.0308 5464 AtiHDAudioService (24464b908e143d2561e9e452fee97309) C:\Windows\system32\drivers\AtihdW76.sys
13:52:24.0309 5464 AtiHDAudioService - ok
13:52:24.0341 5464 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
13:52:24.0342 5464 AudioEndpointBuilder - ok
13:52:24.0342 5464 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
13:52:24.0342 5464 AudioSrv - ok
13:52:24.0389 5464 avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
13:52:24.0389 5464 avast! Antivirus - ok
13:52:24.0404 5464 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
13:52:24.0404 5464 AxInstSV - ok
13:52:24.0420 5464 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
13:52:24.0420 5464 b06bdrv - ok
13:52:24.0451 5464 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
13:52:24.0451 5464 b57nd60a - ok
13:52:24.0451 5464 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
13:52:24.0451 5464 BDESVC - ok
13:52:24.0498 5464 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
13:52:24.0498 5464 Beep - ok
13:52:24.0545 5464 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
13:52:24.0545 5464 BFE - ok
13:52:24.0592 5464 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
13:52:24.0592 5464 BITS - ok
13:52:24.0638 5464 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
13:52:24.0638 5464 blbdrive - ok
13:52:24.0701 5464 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
13:52:24.0701 5464 bowser - ok
13:52:24.0701 5464 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
13:52:24.0701 5464 BrFiltLo - ok
13:52:24.0701 5464 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
13:52:24.0701 5464 BrFiltUp - ok
13:52:24.0748 5464 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
13:52:24.0748 5464 BridgeMP - ok
13:52:24.0763 5464 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
13:52:24.0763 5464 Browser - ok
13:52:24.0779 5464 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
13:52:24.0779 5464 Brserid - ok
13:52:24.0779 5464 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
13:52:24.0779 5464 BrSerWdm - ok
13:52:24.0779 5464 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:52:24.0779 5464 BrUsbMdm - ok
13:52:24.0779 5464 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
13:52:24.0779 5464 BrUsbSer - ok
13:52:24.0810 5464 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
13:52:24.0810 5464 BthEnum - ok
13:52:24.0810 5464 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
13:52:24.0810 5464 BTHMODEM - ok
13:52:24.0841 5464 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
13:52:24.0841 5464 BthPan - ok
13:52:24.0888 5464 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
13:52:24.0888 5464 BTHPORT - ok
13:52:24.0909 5464 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
13:52:24.0910 5464 bthserv - ok
13:52:24.0929 5464 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
13:52:24.0930 5464 BTHUSB - ok
13:52:24.0959 5464 catchme - ok
13:52:24.0981 5464 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
13:52:24.0982 5464 cdfs - ok
13:52:25.0004 5464 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
13:52:25.0005 5464 cdrom - ok
13:52:25.0017 5464 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
13:52:25.0018 5464 CertPropSvc - ok
13:52:25.0021 5464 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
13:52:25.0022 5464 circlass - ok
13:52:25.0069 5464 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
13:52:25.0071 5464 CLFS - ok
13:52:25.0107 5464 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:52:25.0108 5464 clr_optimization_v2.0.50727_32 - ok
13:52:25.0131 5464 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:52:25.0132 5464 clr_optimization_v2.0.50727_64 - ok
13:52:25.0160 5464 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:52:25.0161 5464 clr_optimization_v4.0.30319_32 - ok
13:52:25.0179 5464 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:52:25.0179 5464 clr_optimization_v4.0.30319_64 - ok
13:52:25.0182 5464 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
13:52:25.0182 5464 CmBatt - ok
13:52:25.0184 5464 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
13:52:25.0184 5464 cmdide - ok
13:52:25.0211 5464 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
13:52:25.0213 5464 CNG - ok
13:52:25.0223 5464 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
13:52:25.0223 5464 Compbatt - ok
13:52:25.0229 5464 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
13:52:25.0230 5464 CompositeBus - ok
13:52:25.0231 5464 COMSysApp - ok
13:52:25.0248 5464 cpuz135 (c08063f052308b6f5882482615387f30) C:\Windows\system32\drivers\cpuz135_x64.sys
13:52:25.0248 5464 cpuz135 - ok
13:52:25.0250 5464 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
13:52:25.0250 5464 crcdisk - ok
13:52:25.0282 5464 Creative Audio Engine Licensing Service (c0ead9f8ab83d41ff07303c75589c2b8) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
13:52:25.0283 5464 Creative Audio Engine Licensing Service - ok
13:52:25.0299 5464 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
13:52:25.0300 5464 CryptSvc - ok
13:52:25.0352 5464 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
13:52:25.0355 5464 cvhsvc - ok
13:52:25.0383 5464 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
13:52:25.0386 5464 DcomLaunch - ok
13:52:25.0420 5464 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
13:52:25.0421 5464 defragsvc - ok
13:52:25.0461 5464 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
13:52:25.0462 5464 DfsC - ok
13:52:25.0486 5464 dgderdrv - ok
13:52:25.0507 5464 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
13:52:25.0509 5464 Dhcp - ok
13:52:25.0518 5464 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
13:52:25.0518 5464 discache - ok
13:52:25.0522 5464 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
13:52:25.0522 5464 Disk - ok
13:52:25.0547 5464 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
13:52:25.0548 5464 Dnscache - ok
13:52:25.0567 5464 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
13:52:25.0569 5464 dot3svc - ok
13:52:25.0575 5464 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
13:52:25.0576 5464 DPS - ok
13:52:25.0614 5464 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
13:52:25.0614 5464 drmkaud - ok
13:52:25.0645 5464 dtsoftbus01 (400582b09e0bb557d0ec28a945150eeb) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
13:52:25.0647 5464 dtsoftbus01 - ok
13:52:25.0682 5464 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
13:52:25.0686 5464 DXGKrnl - ok
13:52:25.0707 5464 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
13:52:25.0708 5464 EapHost - ok
13:52:25.0800 5464 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
13:52:25.0811 5464 ebdrv - ok
13:52:25.0860 5464 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
13:52:25.0861 5464 EFS - ok
13:52:25.0911 5464 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
13:52:25.0911 5464 ehRecvr - ok
13:52:25.0927 5464 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
13:52:25.0927 5464 ehSched - ok
13:52:25.0958 5464 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
13:52:25.0958 5464 elxstor - ok
13:52:25.0958 5464 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
13:52:25.0958 5464 ErrDev - ok
13:52:26.0005 5464 etdrv (84486624268e078255bc7aa47f0960bc) C:\Windows\etdrv.sys
13:52:26.0005 5464 etdrv - ok
13:52:26.0052 5464 EtronHub3 (21023b3ff378d73a3483134dfd061246) C:\Windows\system32\Drivers\EtronHub3.sys
13:52:26.0052 5464 EtronHub3 - ok
13:52:26.0083 5464 EtronXHCI (8d77b1e4abab5243172c24159d14e0f2) C:\Windows\system32\Drivers\EtronXHCI.sys
13:52:26.0083 5464 EtronXHCI - ok
13:52:26.0130 5464 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
13:52:26.0130 5464 EventSystem - ok
13:52:26.0130 5464 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
13:52:26.0130 5464 exfat - ok
13:52:26.0176 5464 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
13:52:26.0176 5464 fastfat - ok
13:52:26.0192 5464 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
13:52:26.0192 5464 Fax - ok
13:52:26.0208 5464 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
13:52:26.0208 5464 fdc - ok
13:52:26.0208 5464 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
13:52:26.0208 5464 fdPHost - ok
13:52:26.0223 5464 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
13:52:26.0223 5464 FDResPub - ok
13:52:26.0254 5464 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
13:52:26.0254 5464 FileInfo - ok
13:52:26.0254 5464 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
13:52:26.0254 5464 Filetrace - ok
13:52:26.0254 5464 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
13:52:26.0254 5464 flpydisk - ok
13:52:26.0301 5464 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
13:52:26.0301 5464 FltMgr - ok
13:52:26.0348 5464 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
13:52:26.0364 5464 FontCache - ok
13:52:26.0395 5464 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:52:26.0395 5464 FontCache3.0.0.0 - ok
13:52:26.0395 5464 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
13:52:26.0395 5464 FsDepends - ok
13:52:26.0426 5464 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
13:52:26.0426 5464 fssfltr - ok
13:52:26.0518 5464 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
13:52:26.0523 5464 fsssvc - ok
13:52:26.0618 5464 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
13:52:26.0619 5464 Fs_Rec - ok
13:52:26.0627 5464 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
13:52:26.0628 5464 fvevol - ok
13:52:26.0644 5464 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
13:52:26.0644 5464 gagp30kx - ok
13:52:26.0675 5464 gdrv (7907e14f9bcf3a4689c9a74a1a873cb6) C:\Windows\gdrv.sys
13:52:26.0675 5464 gdrv - ok
13:52:26.0693 5464 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:52:26.0693 5464 GEARAspiWDM - ok
13:52:26.0721 5464 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
13:52:26.0725 5464 gpsvc - ok
13:52:26.0771 5464 GVTDrv64 (8126331fbd4ed29eb3b356f9c905064d) C:\Windows\GVTDrv64.sys
13:52:26.0771 5464 GVTDrv64 - ok
13:52:26.0785 5464 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
13:52:26.0785 5464 hamachi - ok
13:52:26.0797 5464 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
13:52:26.0798 5464 hcw85cir - ok
13:52:26.0822 5464 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
13:52:26.0823 5464 HdAudAddService - ok
13:52:26.0841 5464 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
13:52:26.0842 5464 HDAudBus - ok
13:52:26.0844 5464 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
13:52:26.0845 5464 HidBatt - ok
13:52:26.0850 5464 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
13:52:26.0850 5464 HidBth - ok
13:52:26.0853 5464 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
13:52:26.0853 5464 HidIr - ok
13:52:26.0868 5464 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
13:52:26.0869 5464 hidserv - ok
13:52:26.0878 5464 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
13:52:26.0878 5464 HidUsb - ok
13:52:26.0900 5464 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
13:52:26.0902 5464 hkmsvc - ok
13:52:26.0917 5464 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
13:52:26.0919 5464 HomeGroupListener - ok
13:52:26.0944 5464 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
13:52:26.0946 5464 HomeGroupProvider - ok
13:52:26.0957 5464 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
13:52:26.0957 5464 HpSAMD - ok
13:52:26.0989 5464 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
13:52:26.0992 5464 HTTP - ok
13:52:26.0995 5464 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
13:52:26.0996 5464 hwpolicy - ok
13:52:27.0000 5464 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
13:52:27.0001 5464 i8042prt - ok
13:52:27.0013 5464 iaStor (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\drivers\iaStor.sys
13:52:27.0015 5464 iaStor - ok
13:52:27.0051 5464 IAStorDataMgrSvc (8fff9083252c16fe3960173722605e9e) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
13:52:27.0052 5464 IAStorDataMgrSvc - ok
13:52:27.0076 5464 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
13:52:27.0077 5464 iaStorV - ok
13:52:27.0107 5464 ICCS (33d4d4a24791587e83f7ee05a446fb7e) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
13:52:27.0108 5464 ICCS - ok
13:52:27.0151 5464 IDMWFP (2a63036283b36b3b68cdc6f85a7d53ed) C:\Windows\system32\DRIVERS\idmwfp.sys
13:52:27.0152 5464 IDMWFP - ok
13:52:27.0239 5464 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
13:52:27.0239 5464 IDriverT - ok
13:52:27.0295 5464 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:52:27.0298 5464 idsvc - ok
13:52:27.0310 5464 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
13:52:27.0311 5464 iirsp - ok
13:52:27.0348 5464 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
13:52:27.0351 5464 IKEEXT - ok
13:52:27.0481 5464 IntcAzAudAddService (5f6a3ea5bd7ca861863a3a06cecc115c) C:\Windows\system32\drivers\RTKVHD64.sys
13:52:27.0481 5464 IntcAzAudAddService - ok
13:52:27.0543 5464 Intel(R) Capability Licensing Service Interface (0043ec20c06fd9fe339b5d37474b731e) C:\Program Files\Intel\iCLS Client\HeciServer.exe
13:52:27.0543 5464 Intel(R) Capability Licensing Service Interface - ok
13:52:27.0605 5464 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
13:52:27.0605 5464 intelide - ok
13:52:27.0637 5464 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
13:52:27.0637 5464 intelppm - ok
13:52:27.0652 5464 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
13:52:27.0652 5464 IPBusEnum - ok
13:52:27.0668 5464 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:52:27.0668 5464 IpFilterDriver - ok
13:52:27.0699 5464 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
13:52:27.0699 5464 iphlpsvc - ok
13:52:27.0699 5464 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
13:52:27.0699 5464 IPMIDRV - ok
13:52:27.0746 5464 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
13:52:27.0746 5464 IPNAT - ok
13:52:27.0793 5464 iPod Service (755e4ba6dce627a2683bb7640553c8d6) C:\Program Files\iPod\bin\iPodService.exe
13:52:27.0793 5464 iPod Service - ok
13:52:27.0808 5464 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
13:52:27.0808 5464 IRENUM - ok
13:52:27.0824 5464 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
13:52:27.0824 5464 isapnp - ok
13:52:27.0839 5464 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
13:52:27.0839 5464 iScsiPrt - ok
13:52:27.0855 5464 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
13:52:27.0855 5464 kbdclass - ok
13:52:27.0855 5464 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
13:52:27.0855 5464 kbdhid - ok
13:52:27.0871 5464 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:52:27.0871 5464 KeyIso - ok
13:52:27.0917 5464 ksaud (64801398a9ea492548703cc5f0109f87) C:\Windows\system32\drivers\ksaud.sys
13:52:27.0917 5464 ksaud - ok
13:52:27.0949 5464 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
13:52:27.0949 5464 KSecDD - ok
13:52:27.0964 5464 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
13:52:27.0964 5464 KSecPkg - ok
13:52:27.0980 5464 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
13:52:27.0980 5464 ksthunk - ok
13:52:28.0020 5464 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
13:52:28.0022 5464 KtmRm - ok
13:52:28.0091 5464 L6GX (07265e0b1a6d30453539f7dfb4942bf2) C:\Windows\system32\Drivers\L6GX64.sys
13:52:28.0094 5464 L6GX - ok
13:52:28.0151 5464 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
13:52:28.0153 5464 LanmanServer - ok
13:52:28.0167 5464 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
13:52:28.0170 5464 LanmanWorkstation - ok
13:52:28.0195 5464 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
13:52:28.0196 5464 lltdio - ok
13:52:28.0226 5464 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
13:52:28.0228 5464 lltdsvc - ok
13:52:28.0231 5464 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
13:52:28.0232 5464 lmhosts - ok
13:52:28.0244 5464 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
13:52:28.0244 5464 LSI_FC - ok
13:52:28.0250 5464 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
13:52:28.0250 5464 LSI_SAS - ok
13:52:28.0255 5464 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
13:52:28.0255 5464 LSI_SAS2 - ok
13:52:28.0260 5464 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
13:52:28.0261 5464 LSI_SCSI - ok
13:52:28.0276 5464 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
13:52:28.0276 5464 luafv - ok
13:52:28.0289 5464 MarvinBus (024da28053d57e9e32bee52600576bbb) C:\Windows\system32\DRIVERS\MarvinBus64.sys
13:52:28.0290 5464 MarvinBus - ok
13:52:28.0306 5464 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
13:52:28.0308 5464 Mcx2Svc - ok
13:52:28.0311 5464 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
13:52:28.0311 5464 megasas - ok
13:52:28.0321 5464 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
13:52:28.0322 5464 MegaSR - ok
13:52:28.0354 5464 MEIx64 (6b01b7414a105b9e51652089a03027cf) C:\Windows\system32\DRIVERS\HECIx64.sys
13:52:28.0354 5464 MEIx64 - ok
13:52:28.0411 5464 Microsoft SharePoint Workspace Audit Service - ok
13:52:28.0426 5464 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:52:28.0428 5464 MMCSS - ok
13:52:28.0435 5464 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
13:52:28.0435 5464 Modem - ok
13:52:28.0465 5464 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
13:52:28.0466 5464 monitor - ok
13:52:28.0470 5464 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
13:52:28.0470 5464 mouclass - ok
13:52:28.0478 5464 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
13:52:28.0478 5464 mouhid - ok
13:52:28.0483 5464 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
13:52:28.0484 5464 mountmgr - ok
13:52:28.0494 5464 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
13:52:28.0495 5464 mpio - ok
13:52:28.0505 5464 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
13:52:28.0506 5464 mpsdrv - ok
13:52:28.0536 5464 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
13:52:28.0540 5464 MpsSvc - ok
13:52:28.0567 5464 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
13:52:28.0567 5464 MRxDAV - ok
13:52:28.0591 5464 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:52:28.0592 5464 mrxsmb - ok
13:52:28.0645 5464 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:52:28.0647 5464 mrxsmb10 - ok
13:52:28.0655 5464 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:52:28.0656 5464 mrxsmb20 - ok
13:52:28.0682 5464 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
13:52:28.0683 5464 msahci - ok
13:52:28.0693 5464 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
13:52:28.0693 5464 msdsm - ok
13:52:28.0703 5464 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
13:52:28.0705 5464 MSDTC - ok
13:52:28.0721 5464 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
13:52:28.0721 5464 Msfs - ok
13:52:28.0734 5464 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
13:52:28.0734 5464 mshidkmdf - ok
13:52:28.0743 5464 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
13:52:28.0743 5464 msisadrv - ok
13:52:28.0764 5464 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
13:52:28.0765 5464 MSiSCSI - ok
13:52:28.0767 5464 msiserver - ok
13:52:28.0807 5464 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
13:52:28.0808 5464 MSKSSRV - ok
13:52:28.0815 5464 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
13:52:28.0816 5464 MSPCLOCK - ok
13:52:28.0821 5464 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
13:52:28.0821 5464 MSPQM - ok
13:52:28.0838 5464 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
13:52:28.0840 5464 MsRPC - ok
13:52:28.0870 5464 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
13:52:28.0871 5464 mssmbios - ok
13:52:28.0879 5464 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
13:52:28.0879 5464 MSTEE - ok
13:52:28.0885 5464 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
13:52:28.0886 5464 MTConfig - ok
13:52:28.0895 5464 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
13:52:28.0895 5464 Mup - ok
13:52:28.0942 5464 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
13:52:28.0945 5464 napagent - ok
13:52:28.0990 5464 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
13:52:28.0991 5464 NativeWifiP - ok
13:52:29.0034 5464 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
13:52:29.0034 5464 NDIS - ok
13:52:29.0065 5464 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
13:52:29.0065 5464 NdisCap - ok
13:52:29.0081 5464 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
13:52:29.0081 5464 NdisTapi - ok
13:52:29.0081 5464 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
13:52:29.0081 5464 Ndisuio - ok
13:52:29.0097 5464 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
13:52:29.0097 5464 NdisWan - ok
13:52:29.0143 5464 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
13:52:29.0143 5464 NDProxy - ok
13:52:29.0175 5464 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
13:52:29.0175 5464 NetBIOS - ok
13:52:29.0190 5464 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
13:52:29.0190 5464 NetBT - ok
13:52:29.0206 5464 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:52:29.0206 5464 Netlogon - ok
13:52:29.0237 5464 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
13:52:29.0237 5464 Netman - ok
13:52:29.0284 5464 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:52:29.0284 5464 NetMsmqActivator - ok
13:52:29.0284 5464 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:52:29.0284 5464 NetPipeActivator - ok
13:52:29.0315 5464 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
13:52:29.0331 5464 netprofm - ok
13:52:29.0409 5464 netr7364 (f3a1d8b7317939813568992d1bfdde37) C:\Windows\system32\DRIVERS\netr7364.sys
13:52:29.0409 5464 netr7364 - ok
13:52:29.0409 5464 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:52:29.0424 5464 NetTcpActivator - ok
13:52:29.0424 5464 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:52:29.0424 5464 NetTcpPortSharing - ok
13:52:29.0440 5464 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
13:52:29.0440 5464 nfrd960 - ok
13:52:29.0638 5464 NIHardwareService (de7a5ad69e0d9a40867a5e8a9675cc26) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
13:52:29.0655 5464 NIHardwareService - ok
13:52:29.0707 5464 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
13:52:29.0709 5464 NlaSvc - ok
13:52:29.0727 5464 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
13:52:29.0727 5464 Npfs - ok
13:52:29.0745 5464 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
13:52:29.0747 5464 nsi - ok
13:52:29.0755 5464 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
13:52:29.0756 5464 nsiproxy - ok
13:52:29.0831 5464 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
13:52:29.0836 5464 Ntfs - ok
13:52:29.0863 5464 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
13:52:29.0864 5464 Null - ok
13:52:29.0877 5464 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
13:52:29.0877 5464 nvraid - ok
13:52:29.0891 5464 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
13:52:29.0892 5464 nvstor - ok
13:52:29.0906 5464 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
13:52:29.0907 5464 nv_agp - ok
13:52:29.0911 5464 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
13:52:29.0912 5464 ohci1394 - ok
13:52:29.0945 5464 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:52:29.0945 5464 ose - ok
13:52:30.0079 5464 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:52:30.0095 5464 osppsvc - ok
13:52:30.0145 5464 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:52:30.0147 5464 p2pimsvc - ok
13:52:30.0173 5464 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
13:52:30.0175 5464 p2psvc - ok
13:52:30.0190 5464 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
13:52:30.0191 5464 Parport - ok
13:52:30.0210 5464 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
13:52:30.0210 5464 partmgr - ok
13:52:30.0225 5464 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
13:52:30.0227 5464 PcaSvc - ok
13:52:30.0257 5464 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
13:52:30.0258 5464 pci - ok
13:52:30.0270 5464 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
13:52:30.0271 5464 pciide - ok
13:52:30.0279 5464 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
13:52:30.0281 5464 pcmcia - ok
13:52:30.0285 5464 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
13:52:30.0285 5464 pcw - ok
13:52:30.0302 5464 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
13:52:30.0305 5464 PEAUTH - ok
13:52:30.0359 5464 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
13:52:30.0360 5464 PerfHost - ok
13:52:30.0427 5464 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
13:52:30.0433 5464 pla - ok
13:52:30.0464 5464 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
13:52:30.0467 5464 PlugPlay - ok
13:52:30.0492 5464 PnkBstrA - ok
13:52:30.0513 5464 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
13:52:30.0514 5464 PNRPAutoReg - ok
13:52:30.0531 5464 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:52:30.0533 5464 PNRPsvc - ok
13:52:30.0563 5464 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
13:52:30.0565 5464 PolicyAgent - ok
13:52:30.0591 5464 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
13:52:30.0593 5464 Power - ok
13:52:30.0609 5464 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
13:52:30.0610 5464 PptpMiniport - ok
13:52:30.0624 5464 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
13:52:30.0624 5464 Processor - ok
13:52:30.0644 5464 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
13:52:30.0646 5464 ProfSvc - ok
13:52:30.0656 5464 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:52:30.0658 5464 ProtectedStorage - ok
13:52:30.0700 5464 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
13:52:30.0701 5464 Psched - ok
13:52:30.0750 5464 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
13:52:30.0755 5464 ql2300 - ok
13:52:30.0778 5464 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
13:52:30.0779 5464 ql40xx - ok
13:52:30.0798 5464 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
13:52:30.0800 5464 QWAVE - ok
13:52:30.0814 5464 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
13:52:30.0814 5464 QWAVEdrv - ok
13:52:30.0863 5464 RalinkRegistryWriter (cb6849a0f18a49e694762e93a58a853b) C:\Program Files (x86)\TP-LINK\TL-WN321G\COMMON\RegistryWriter.exe
13:52:30.0864 5464 RalinkRegistryWriter - ok
13:52:30.0868 5464 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
13:52:30.0868 5464 RasAcd - ok
13:52:30.0878 5464 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:52:30.0878 5464 RasAgileVpn - ok
13:52:30.0896 5464 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
13:52:30.0898 5464 RasAuto - ok
13:52:30.0904 5464 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:52:30.0905 5464 Rasl2tp - ok
13:52:30.0939 5464 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
13:52:30.0942 5464 RasMan - ok
13:52:30.0950 5464 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
13:52:30.0951 5464 RasPppoe - ok
13:52:30.0955 5464 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
13:52:30.0956 5464 RasSstp - ok
13:52:30.0993 5464 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
13:52:30.0994 5464 rdbss - ok
13:52:31.0006 5464 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
13:52:31.0006 5464 rdpbus - ok
13:52:31.0013 5464 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:52:31.0014 5464 RDPCDD - ok
13:52:31.0019 5464 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
13:52:31.0019 5464 RDPENCDD - ok
13:52:31.0027 5464 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
13:52:31.0027 5464 RDPREFMP - ok
13:52:31.0057 5464 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
13:52:31.0058 5464 RDPWD - ok
13:52:31.0079 5464 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
13:52:31.0080 5464 rdyboost - ok
13:52:31.0126 5464 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
13:52:31.0128 5464 RemoteAccess - ok
13:52:31.0145 5464 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
13:52:31.0148 5464 RemoteRegistry - ok
13:52:31.0189 5464 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
13:52:31.0189 5464 RFCOMM - ok
13:52:31.0211 5464 RMCAST (caf88d6573d21cd2aa27001ddbfdc74d) C:\Windows\system32\DRIVERS\RMCAST.sys
13:52:31.0212 5464 RMCAST - ok
13:52:31.0235 5464 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
13:52:31.0237 5464 RpcEptMapper - ok
13:52:31.0259 5464 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
13:52:31.0260 5464 RpcLocator - ok
13:52:31.0287 5464 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\System32\rpcss.dll
13:52:31.0291 5464 RpcSs - ok
13:52:31.0342 5464 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
13:52:31.0343 5464 rspndr - ok
13:52:31.0403 5464 RTHDMIAzAudService (c20f64fcd5e2b40310a1774495877acd) C:\Windows\system32\drivers\RtHDMIVX.sys
13:52:31.0404 5464 RTHDMIAzAudService - ok
13:52:31.0443 5464 RTL8167 (bd9ba262cf26efe9a9867ebe32d12164) C:\Windows\system32\DRIVERS\Rt64win7.sys
13:52:31.0446 5464 RTL8167 - ok
13:52:31.0460 5464 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:52:31.0461 5464 SamSs - ok
13:52:31.0504 5464 SamsungAllShareV2.0 (328100af2efd951eab657384ec361b6f) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
13:52:31.0505 5464 SamsungAllShareV2.0 - ok
13:52:31.0517 5464 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
13:52:31.0517 5464 sbp2port - ok
13:52:31.0535 5464 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
13:52:31.0537 5464 SCardSvr - ok
13:52:31.0586 5464 SCBackService (8475e746eb72d04f1015e6f091f50e09) C:\Program Files (x86)\Splashtop\Splashtop Connect\BackService.exe
13:52:31.0588 5464 SCBackService - ok
13:52:31.0598 5464 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
13:52:31.0599 5464 scfilter - ok
13:52:31.0641 5464 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
13:52:31.0646 5464 Schedule - ok
13:52:31.0667 5464 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
13:52:31.0668 5464 SCPolicySvc - ok
13:52:31.0685 5464 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
13:52:31.0687 5464 SDRSVC - ok
13:52:31.0726 5464 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
13:52:31.0727 5464 secdrv - ok
13:52:31.0735 5464 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
13:52:31.0737 5464 seclogon - ok
13:52:31.0751 5464 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
13:52:31.0753 5464 SENS - ok
13:52:31.0767 5464 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
13:52:31.0769 5464 SensrSvc - ok
13:52:31.0785 5464 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
13:52:31.0785 5464 Serenum - ok
13:52:31.0807 5464 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
13:52:31.0808 5464 Serial - ok
13:52:31.0811 5464 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
13:52:31.0812 5464 sermouse - ok
13:52:31.0828 5464 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
13:52:31.0830 5464 SessionEnv - ok
13:52:31.0833 5464 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
13:52:31.0834 5464 sffdisk - ok
13:52:31.0837 5464 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
13:52:31.0837 5464 sffp_mmc - ok
13:52:31.0841 5464 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
13:52:31.0841 5464 sffp_sd - ok
13:52:31.0844 5464 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
13:52:31.0845 5464 sfloppy - ok
13:52:31.0915 5464 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
13:52:31.0917 5464 Sftfs - ok
13:52:31.0978 5464 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
13:52:31.0980 5464 sftlist - ok
13:52:32.0074 5464 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
13:52:32.0075 5464 Sftplay - ok
13:52:32.0109 5464 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
13:52:32.0110 5464 Sftredir - ok
13:52:32.0116 5464 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
13:52:32.0117 5464 Sftvol - ok
13:52:32.0125 5464 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
13:52:32.0126 5464 sftvsa - ok
13:52:32.0182 5464 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
13:52:32.0184 5464 SharedAccess - ok
13:52:32.0214 5464 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
13:52:32.0217 5464 ShellHWDetection - ok
13:52:32.0229 5464 SimpleSlideShowServer (1980fe1f5a32067dad1d8776b63c2669) C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe
13:52:32.0229 5464 SimpleSlideShowServer - ok
13:52:32.0234 5464 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
13:52:32.0234 5464 SiSRaid2 - ok
13:52:32.0240 5464 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
13:52:32.0241 5464 SiSRaid4 - ok
13:52:32.0246 5464 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
13:52:32.0247 5464 Smb - ok
13:52:32.0266 5464 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
13:52:32.0267 5464 SNMPTRAP - ok
13:52:32.0531 5464 SNP325 (115d940921278acae8416dd9c8714747) C:\Windows\system32\DRIVERS\snp325.sys
13:52:32.0565 5464 SNP325 - ok
13:52:32.0622 5464 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
13:52:32.0623 5464 spldr - ok
13:52:32.0654 5464 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
13:52:32.0658 5464 Spooler - ok
13:52:32.0756 5464 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
13:52:32.0769 5464 sppsvc - ok
13:52:32.0798 5464 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
13:52:32.0800 5464 sppuinotify - ok
13:52:32.0830 5464 sptd (d519ad2de7968cd2b47fea807c5b29b2) C:\Windows\System32\Drivers\sptd.sys
13:52:32.0831 5464 Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: d519ad2de7968cd2b47fea807c5b29b2
13:52:32.0832 5464 sptd ( LockedFile.Multi.Generic ) - warning
13:52:32.0832 5464 sptd - detected LockedFile.Multi.Generic (1)
13:52:32.0859 5464 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
13:52:32.0861 5464 srv - ok
13:52:32.0875 5464 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
13:52:32.0877 5464 srv2 - ok
13:52:32.0885 5464 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
13:52:32.0886 5464 srvnet - ok
13:52:32.0928 5464 ssadbus (8f8324ed1de63ffc7b1a02cd2d963c72) C:\Windows\system32\DRIVERS\ssadbus.sys
13:52:32.0929 5464 ssadbus - ok
13:52:32.0938 5464 ssadmdfl (58221efcb74167b73667f0024c661ce0) C:\Windows\system32\DRIVERS\ssadmdfl.sys
13:52:32.0938 5464 ssadmdfl - ok
13:52:32.0954 5464 ssadmdm (4da7c71bfac5ad71255b7e4cab980163) C:\Windows\system32\DRIVERS\ssadmdm.sys
13:52:32.0955 5464 ssadmdm - ok
13:52:32.0976 5464 ssadserd (d33d1bd3ec0e766211a234f56a12726d) C:\Windows\system32\DRIVERS\ssadserd.sys
13:52:32.0977 5464 ssadserd - ok
13:52:32.0994 5464 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
13:52:32.0996 5464 SSDPSRV - ok
13:52:33.0012 5464 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
13:52:33.0014 5464 SstpSvc - ok
13:52:33.0017 5464 StarOpen - ok
13:52:33.0053 5464 Steam Client Service - ok
13:52:33.0061 5464 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
13:52:33.0062 5464 stexstor - ok
13:52:33.0104 5464 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
13:52:33.0108 5464 stisvc - ok
13:52:33.0117 5464 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
13:52:33.0118 5464 swenum - ok
13:52:33.0145 5464 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
13:52:33.0149 5464 swprv - ok
13:52:33.0205 5464 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
13:52:33.0212 5464 SysMain - ok
13:52:33.0243 5464 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
13:52:33.0245 5464 TabletInputService - ok
13:52:33.0257 5464 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
13:52:33.0259 5464 TapiSrv - ok
13:52:33.0274 5464 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
13:52:33.0276 5464 TBS - ok
13:52:33.0364 5464 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
13:52:33.0371 5464 Tcpip - ok
13:52:33.0443 5464 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
13:52:33.0450 5464 TCPIP6 - ok
13:52:33.0478 5464 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
13:52:33.0479 5464 tcpipreg - ok
13:52:33.0494 5464 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
13:52:33.0495 5464 TDPIPE - ok
13:52:33.0504 5464 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
13:52:33.0504 5464 TDTCP - ok
13:52:33.0541 5464 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
13:52:33.0542 5464 tdx - ok
13:52:33.0576 5464 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
13:52:33.0576 5464 TermDD - ok
13:52:33.0605 5464 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
13:52:33.0609 5464 TermService - ok
13:52:33.0625 5464 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
13:52:33.0627 5464 Themes - ok
13:52:33.0644 5464 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:52:33.0646 5464 THREADORDER - ok
13:52:33.0660 5464 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
13:52:33.0662 5464 TrkWks - ok

Cheaterboy · Příspěvekod **Cheaterboy** » 22 črc 2012 13:56

13:52:33.0691 5464 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
13:52:33.0692 5464 TrustedInstaller - ok
13:52:33.0705 5464 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:52:33.0705 5464 tssecsrv - ok
13:52:33.0717 5464 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
13:52:33.0718 5464 TsUsbFlt - ok
13:52:33.0728 5464 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
13:52:33.0729 5464 TsUsbGD - ok
13:52:33.0737 5464 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
13:52:33.0738 5464 tunnel - ok
13:52:33.0743 5464 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
13:52:33.0744 5464 uagp35 - ok
13:52:33.0776 5464 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
13:52:33.0777 5464 udfs - ok
13:52:33.0797 5464 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
13:52:33.0799 5464 UI0Detect - ok
13:52:33.0804 5464 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
13:52:33.0805 5464 uliagpkx - ok
13:52:33.0817 5464 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
13:52:33.0818 5464 umbus - ok
13:52:33.0821 5464 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
13:52:33.0822 5464 UmPass - ok
13:52:33.0841 5464 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
13:52:33.0844 5464 upnphost - ok
13:52:33.0890 5464 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
13:52:33.0891 5464 usbaudio - ok
13:52:33.0904 5464 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
13:52:33.0905 5464 usbccgp - ok
13:52:33.0911 5464 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
13:52:33.0912 5464 usbcir - ok
13:52:33.0925 5464 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
13:52:33.0926 5464 usbehci - ok
13:52:33.0944 5464 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
13:52:33.0946 5464 usbhub - ok
13:52:33.0956 5464 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
13:52:33.0956 5464 usbohci - ok
13:52:33.0970 5464 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
13:52:33.0971 5464 usbprint - ok
13:52:34.0001 5464 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
13:52:34.0001 5464 usbscan - ok
13:52:34.0021 5464 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:52:34.0021 5464 USBSTOR - ok
13:52:34.0037 5464 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
13:52:34.0038 5464 usbuhci - ok
13:52:34.0066 5464 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
13:52:34.0068 5464 UxSms - ok
13:52:34.0085 5464 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:52:34.0086 5464 VaultSvc - ok
13:52:34.0105 5464 VBoxNetAdp (e705a3a384e7569fa2f1a3a29bdc5240) C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
13:52:34.0106 5464 VBoxNetAdp - ok
13:52:34.0109 5464 VBoxNetFlt - ok
13:52:34.0147 5464 VCSVADHWSer (3a4b01c2bdb07dfef29b0b369487503a) C:\Windows\system32\DRIVERS\vcsvad.sys
13:52:34.0148 5464 VCSVADHWSer - ok
13:52:34.0152 5464 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
13:52:34.0153 5464 vdrvroot - ok
13:52:34.0190 5464 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
13:52:34.0194 5464 vds - ok
13:52:34.0207 5464 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
13:52:34.0207 5464 vga - ok
13:52:34.0215 5464 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
13:52:34.0215 5464 VgaSave - ok
13:52:34.0225 5464 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
13:52:34.0226 5464 vhdmp - ok
13:52:34.0230 5464 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
13:52:34.0231 5464 viaide - ok
13:52:34.0237 5464 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
13:52:34.0238 5464 volmgr - ok
13:52:34.0263 5464 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
13:52:34.0264 5464 volmgrx - ok
13:52:34.0279 5464 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
13:52:34.0281 5464 volsnap - ok
13:52:34.0291 5464 vpcbus (abd9b4a7e2d0ae51a3b8df1af3152d61) C:\Windows\system32\DRIVERS\vpchbus.sys
13:52:34.0292 5464 vpcbus - ok
13:52:34.0311 5464 vpcnfltr (8acda395841538ce9713a67fe8b2a3eb) C:\Windows\system32\DRIVERS\vpcnfltr.sys
13:52:34.0312 5464 vpcnfltr - ok
13:52:34.0326 5464 vpcusb (31924e31bc315773e6d149b157db46d5) C:\Windows\system32\DRIVERS\vpcusb.sys
13:52:34.0327 5464 vpcusb - ok
13:52:34.0340 5464 vpcvmm (c5b651e52540e6f46da66574c74b4898) C:\Windows\system32\drivers\vpcvmm.sys
13:52:34.0342 5464 vpcvmm - ok
13:52:34.0363 5464 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
13:52:34.0364 5464 vsmraid - ok
13:52:34.0423 5464 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
13:52:34.0430 5464 VSS - ok
13:52:34.0494 5464 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
13:52:34.0494 5464 vwifibus - ok
13:52:34.0500 5464 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
13:52:34.0501 5464 vwififlt - ok
13:52:34.0525 5464 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
13:52:34.0529 5464 W32Time - ok
13:52:34.0536 5464 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
13:52:34.0536 5464 WacomPen - ok
13:52:34.0542 5464 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:52:34.0543 5464 WANARP - ok
13:52:34.0546 5464 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:52:34.0547 5464 Wanarpv6 - ok
13:52:34.0605 5464 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
13:52:34.0609 5464 WatAdminSvc - ok
13:52:34.0662 5464 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
13:52:34.0669 5464 wbengine - ok
13:52:34.0700 5464 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
13:52:34.0702 5464 WbioSrvc - ok
13:52:34.0730 5464 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
13:52:34.0733 5464 wcncsvc - ok
13:52:34.0748 5464 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
13:52:34.0750 5464 WcsPlugInService - ok
13:52:34.0797 5464 WCUService_STC_IE (147c60622cb53e901efd8bb6d44a4c46) C:\Program Files (x86)\Splashtop\Splashtop Connect IE Software Updater\WCUService.exe
13:52:34.0799 5464 WCUService_STC_IE - ok
13:52:34.0807 5464 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
13:52:34.0808 5464 Wd - ok
13:52:34.0827 5464 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
13:52:34.0830 5464 Wdf01000 - ok
13:52:34.0843 5464 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:52:34.0846 5464 WdiServiceHost - ok
13:52:34.0849 5464 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:52:34.0851 5464 WdiSystemHost - ok
13:52:34.0892 5464 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
13:52:34.0895 5464 WebClient - ok
13:52:34.0915 5464 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
13:52:34.0918 5464 Wecsvc - ok
13:52:34.0934 5464 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
13:52:34.0936 5464 wercplsupport - ok
13:52:34.0945 5464 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
13:52:34.0948 5464 WerSvc - ok
13:52:34.0985 5464 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
13:52:34.0985 5464 WfpLwf - ok
13:52:34.0989 5464 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
13:52:34.0990 5464 WIMMount - ok
13:52:35.0005 5464 WinDefend - ok
13:52:35.0013 5464 WinHttpAutoProxySvc - ok
13:52:35.0054 5464 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
13:52:35.0055 5464 Winmgmt - ok
13:52:35.0124 5464 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
13:52:35.0133 5464 WinRM - ok
13:52:35.0191 5464 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
13:52:35.0196 5464 Wlansvc - ok
13:52:35.0243 5464 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:52:35.0244 5464 wlcrasvc - ok
13:52:35.0321 5464 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:52:35.0328 5464 wlidsvc - ok
13:52:35.0351 5464 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
13:52:35.0351 5464 WmiAcpi - ok
13:52:35.0378 5464 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
13:52:35.0380 5464 wmiApSrv - ok
13:52:35.0390 5464 WMPNetworkSvc - ok
13:52:35.0405 5464 wod0205 (92c6184e6f62d542b8dcdc93bd73cb7e) C:\Windows\system32\DRIVERS\wod0205.sys
13:52:35.0406 5464 wod0205 - ok
13:52:35.0419 5464 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
13:52:35.0421 5464 WPCSvc - ok
13:52:35.0437 5464 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
13:52:35.0439 5464 WPDBusEnum - ok
13:52:35.0452 5464 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
13:52:35.0453 5464 ws2ifsl - ok
13:52:35.0471 5464 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
13:52:35.0474 5464 wscsvc - ok
13:52:35.0477 5464 WSearch - ok
13:52:35.0569 5464 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
13:52:35.0579 5464 wuauserv - ok
13:52:35.0609 5464 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
13:52:35.0610 5464 WudfPf - ok
13:52:35.0645 5464 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:52:35.0646 5464 WUDFRd - ok
13:52:35.0658 5464 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
13:52:35.0660 5464 wudfsvc - ok
13:52:35.0676 5464 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
13:52:35.0679 5464 WwanSvc - ok
13:52:35.0699 5464 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
13:52:35.0829 5464 \Device\Harddisk0\DR0 - ok
13:52:35.0830 5464 Boot (0x1200) (c2074a0f22de8d4c419f8d82772bcdf9) \Device\Harddisk0\DR0\Partition0
13:52:35.0831 5464 \Device\Harddisk0\DR0\Partition0 - ok
13:52:35.0831 5464 ============================================================
13:52:35.0831 5464 Scan finished
13:52:35.0831 5464 ============================================================
13:52:35.0835 3840 Detected object count: 1
13:52:35.0835 3840 Actual detected object count: 1
13:52:36.0735 3840 sptd ( LockedFile.Multi.Generic ) - skipped by user
13:52:36.0735 3840 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
13:52:38.0047 4508 Deinitialize success

TDSS Killer 2/2

Prosím o kontrolu logu - pomalý start PC Vyřešeno

Prosím o kontrolu logu - pomalý start PC

Re: Prosím o kontrolu logu - pomalý start PC

Re: Prosím o kontrolu logu - pomalý start PC

Re: Prosím o kontrolu logu - pomalý start PC

Re: Prosím o kontrolu logu - pomalý start PC

Re: Prosím o kontrolu logu - pomalý start PC

Re: Prosím o kontrolu logu - pomalý start PC

Re: Prosím o kontrolu logu - pomalý start PC

Re: Prosím o kontrolu logu - pomalý start PC

Re: Prosím o kontrolu logu - pomalý start PC

Re: Prosím o kontrolu logu - pomalý start PC

Re: Prosím o kontrolu logu - pomalý start PC

Kdo je online