prosim o kontrolu logu

[xwarrr]

ahoj prosil bych o kontrolu logu, dekuju.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:21:48, on 23.7.2012
Platform: Windows 7 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\trend micro\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://downloads.phpnuke.org/en/index.p ... gle&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://downloads.phpnuke.org/en/index.php?rvs=google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://downloads.phpnuke.org/en/index.p ... gle&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://downloads.phpnuke.org/en/index.php?rvs=google
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll
R3 - URLSearchHook: AF-HSS Toolbar - {f0381dbd-e018-4e07-ae40-d96ab15083f0} - C:\Program Files\AF-HSS\prxtbAF-0.dll
O2 - BHO: script helper for ie - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files\BrowserCompanion\jsloader.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\9.0.0.21\AVG Secure Search_toolbar.dll
O2 - BHO: Update Timer - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files\BrowserCompanion\updatebhoWin32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JSLoader BHO - {E887F06F-565D-42e5-AA80-63EB0D465202} - C:\ProgramData\Plugin\Plugin.dll
O2 - BHO: AF-HSS - {f0381dbd-e018-4e07-ae40-d96ab15083f0} - C:\Program Files\AF-HSS\prxtbAF-0.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: AF-HSS Toolbar - {f0381dbd-e018-4e07-ae40-d96ab15083f0} - C:\Program Files\AF-HSS\prxtbAF-0.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\9.0.0.21\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\9.0.1\ViProtocol.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe (file missing)
O23 - Service: Mp3Tube Toolbar Updater Service (Mp3Tube Toolbar Service) - Unknown owner - C:\Program Files\Mp3Tube Toolbar\Mp3TubeSvc.exe (file missing)
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe

--
End of file - 8045 bytes

[Reklama]

[memphisto]

Odinstaluj:
Spybot
ICQ Toolbar
AF-HSS Toolbar

v logu fixni:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://downloads.phpnuke.org/en/index.p ... gle&amp;q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://downloads.phpnuke.org/en/index.php?rvs=google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://downloads.phpnuke.org/en/index.p ... gle&amp;q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://downloads.phpnuke.org/en/index.php?rvs=google
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = plimus.com,www.plimus.com,regnow.com,www.regnow.com,
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: AF-HSS Toolbar - {f0381dbd-e018-4e07-ae40-d96ab15083f0} - C:\Program Files\AF-HSS\prxtbAF-0.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: AF-HSS - {f0381dbd-e018-4e07-ae40-d96ab15083f0} - C:\Program Files\AF-HSS\prxtbAF-0.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: AF-HSS Toolbar - {f0381dbd-e018-4e07-ae40-d96ab15083f0} - C:\Program Files\AF-HSS\prxtbAF-0.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab

dej start - spustit - services.msc - najdi a ukonči/zakaž tyto služby:
O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe (file missing)
O23 - Service: Mp3Tube Toolbar Updater Service (Mp3Tube Toolbar Service) - Unknown owner - C:\Program Files\Mp3Tube Toolbar\Mp3TubeSvc.exe (file missing)

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.

[xwarrr]

jsem se chtel prosim te zeptat, jak to mam vlogu fixnout ?

[memphisto]

Zaškrtneš to políčko před položkama, co jsem napsal nahoře a dole klikneš na Fix checked

[xwarrr]

tady to je

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Verze databáze: v2012.07.24.04

Windows 7 x86 NTFS
Internet Explorer 8.0.7601.17514
Peta :: PETA-PC [administrátor]

24.7.2012 13:12:46
mbam-log-2012-07-24 (13-20-53).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 190443
Uplynulý čas: 7 minut, 47 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 1
C:\Program Files\BrowserCompanion\updatebhoWin32.dll (PUP.Blabbers) -> Žádná instrukce nebyla provedena.

Nalezené klíče v registru: 27
HKCR\CLSID\{00cbb66b-1d3b-46d3-9577-323a336acb50} (PUP.Blabbers) -> Žádná instrukce nebyla provedena.
HKCR\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833} (PUP.Blabbers) -> Žádná instrukce nebyla provedena.
HKCR\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767} (PUP.Blabbers) -> Žádná instrukce nebyla provedena.
HKCR\wit4ie.WitBHO.2 (PUP.Blabbers) -> Žádná instrukce nebyla provedena.
HKCR\wit4ie.WitBHO (PUP.Blabbers) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Žádná instrukce nebyla provedena.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Žádná instrukce nebyla provedena.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Žádná instrukce nebyla provedena.
HKCR\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} (PUP.Blabbers) -> Žádná instrukce nebyla provedena.
HKCR\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D} (PUP.Blabbers) -> Žádná instrukce nebyla provedena.
HKCR\tdataprotocol.CTData.1 (PUP.Blabbers) -> Žádná instrukce nebyla provedena.
HKCR\tdataprotocol.CTData (PUP.Blabbers) -> Žádná instrukce nebyla provedena.
HKCR\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Žádná instrukce nebyla provedena.
HKCR\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A} (PUP.Blabbers) -> Žádná instrukce nebyla provedena.
HKCR\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} (PUP.Blabbers) -> Žádná instrukce nebyla provedena.
HKCR\updatebho.TimerBHO.1 (PUP.Blabbers) -> Žádná instrukce nebyla provedena.
HKCR\updatebho.TimerBHO (PUP.Blabbers) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Žádná instrukce nebyla provedena.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Žádná instrukce nebyla provedena.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Žádná instrukce nebyla provedena.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{46897C77-E7A6-4C33-BFFB-E9C2E2718942} (Adware.Mp3Tube) -> Žádná instrukce nebyla provedena.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{46897C77-E7A6-4C33-BFFB-E9C2E2718942} (Adware.Mp3Tube) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrowserCompanion (PUP.Blabbers) -> Žádná instrukce nebyla provedena.
HKCR\PROTOCOLS\HANDLER\BASE64 (PUP.Blabbers) -> Žádná instrukce nebyla provedena.
HKCR\PROTOCOLS\HANDLER\CHROME (PUP.Blabbers) -> Žádná instrukce nebyla provedena.
HKCR\PROTOCOLS\HANDLER\PROX (PUP.Blabbers) -> Žádná instrukce nebyla provedena.
HKLM\SOFTWARE\Mp3Tube (Adware.Mp3Tube) -> Žádná instrukce nebyla provedena.

Nalezené hodnoty v registru: 5
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{46897C77-E7A6-4C33-BFFB-E9C2E2718942} (Adware.Mp3Tube) -> Data: w|‰F¦ç3LżűéÂâq‰B -> Žádná instrukce nebyla provedena.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{46897C77-E7A6-4C33-BFFB-E9C2E2718942} (Adware.Mp3Tube) -> Data: -> Žádná instrukce nebyla provedena.
HKCR\protocols\Handler\base64|CLSID (PUP.Blabbers) -> Data: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Žádná instrukce nebyla provedena.
HKCR\protocols\Handler\chrome|CLSID (PUP.Blabbers) -> Data: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Žádná instrukce nebyla provedena.
HKCR\protocols\Handler\prox|CLSID (PUP.Blabbers) -> Data: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Žádná instrukce nebyla provedena.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 1
C:\Program Files\BrowserCompanion (PUP.Blabbers) -> Žádná instrukce nebyla provedena.

Nalezené soubory: 17
C:\Program Files\BrowserCompanion\jsloader.dll (PUP.Blabbers) -> Žádná instrukce nebyla provedena.
C:\Program Files\BrowserCompanion\tdataprotocol.dll (PUP.Blabbers) -> Žádná instrukce nebyla provedena.
C:\Program Files\BrowserCompanion\updatebhoWin32.dll (PUP.Blabbers) -> Žádná instrukce nebyla provedena.
C:\Program Files\Mozilla Firefox\plugins\npclntax_ClickPotatoLiteSA.dll (Adware.ClickPotato) -> Žádná instrukce nebyla provedena.
C:\Program Files\Mozilla Firefox\searchplugins\Mp3Tube.xml (Adware.Mp3Tube) -> Žádná instrukce nebyla provedena.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> Žádná instrukce nebyla provedena.
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> Žádná instrukce nebyla provedena.
C:\Program Files\BrowserCompanion\blabbers-ff-full.xpi (PUP.Blabbers) -> Žádná instrukce nebyla provedena.
C:\Program Files\BrowserCompanion\BCHelper.exe (PUP.Blabbers) -> Žádná instrukce nebyla provedena.
C:\Program Files\BrowserCompanion\blabbers-ch.crx (PUP.Blabbers) -> Žádná instrukce nebyla provedena.
C:\Program Files\BrowserCompanion\logo.ico (PUP.Blabbers) -> Žádná instrukce nebyla provedena.
C:\Program Files\BrowserCompanion\sqlite3.dll (PUP.Blabbers) -> Žádná instrukce nebyla provedena.
C:\Program Files\BrowserCompanion\toolbar.dll (PUP.Blabbers) -> Žádná instrukce nebyla provedena.
C:\Program Files\BrowserCompanion\uninstall.exe (PUP.Blabbers) -> Žádná instrukce nebyla provedena.
C:\Program Files\BrowserCompanion\updatebhoWin32.dll_1 (PUP.Blabbers) -> Žádná instrukce nebyla provedena.
C:\Program Files\BrowserCompanion\updater.ini (PUP.Blabbers) -> Žádná instrukce nebyla provedena.
C:\Program Files\BrowserCompanion\widgetserv.exe (PUP.Blabbers) -> Žádná instrukce nebyla provedena.

(konec)

[Žbeky]

Znovu spusť MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.

[xwarrr]

18:56:32.0907 3392 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
18:56:34.0919 3392 ============================================================
18:56:34.0919 3392 Current date / time: 2012/07/24 18:56:34.0919
18:56:34.0919 3392 SystemInfo:
18:56:34.0919 3392
18:56:34.0919 3392 OS Version: 6.1.7601 ServicePack: 0.0
18:56:34.0919 3392 Product type: Workstation
18:56:34.0919 3392 ComputerName: PETA-PC
18:56:34.0919 3392 UserName: Peta
18:56:34.0919 3392 Windows directory: C:\Windows
18:56:34.0919 3392 System windows directory: C:\Windows
18:56:34.0919 3392 Processor architecture: Intel x86
18:56:34.0919 3392 Number of processors: 4
18:56:34.0919 3392 Page size: 0x1000
18:56:34.0919 3392 Boot type: Normal boot
18:56:34.0919 3392 ============================================================
18:56:37.0213 3392 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1F8B1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
18:56:37.0213 3392 ============================================================
18:56:37.0213 3392 \Device\Harddisk0\DR0:
18:56:37.0213 3392 MBR partitions:
18:56:37.0213 3392 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:56:37.0213 3392 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
18:56:37.0213 3392 ============================================================
18:56:37.0228 3392 C: <-> \Device\Harddisk0\DR0\Partition1
18:56:37.0228 3392 ============================================================
18:56:37.0228 3392 Initialize success
18:56:37.0228 3392 ============================================================
18:56:41.0222 3900 ============================================================
18:56:41.0222 3900 Scan started
18:56:41.0222 3900 Mode: Manual;
18:56:41.0222 3900 ============================================================
18:56:42.0844 3900 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
18:56:42.0860 3900 1394ohci - ok
18:56:42.0907 3900 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
18:56:42.0907 3900 ACPI - ok
18:56:42.0922 3900 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
18:56:42.0922 3900 AcpiPmi - ok
18:56:43.0047 3900 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
18:56:43.0047 3900 AdobeARMservice - ok
18:56:43.0125 3900 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:56:43.0125 3900 AdobeFlashPlayerUpdateSvc - ok
18:56:43.0172 3900 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
18:56:43.0187 3900 adp94xx - ok
18:56:43.0219 3900 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
18:56:43.0219 3900 adpahci - ok
18:56:43.0234 3900 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
18:56:43.0234 3900 adpu320 - ok
18:56:43.0265 3900 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
18:56:43.0265 3900 AeLookupSvc - ok
18:56:43.0328 3900 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
18:56:43.0343 3900 AFD - ok
18:56:43.0375 3900 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
18:56:43.0375 3900 agp440 - ok
18:56:43.0375 3900 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
18:56:43.0390 3900 aic78xx - ok
18:56:43.0406 3900 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
18:56:43.0406 3900 ALG - ok
18:56:43.0421 3900 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
18:56:43.0421 3900 aliide - ok
18:56:43.0421 3900 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
18:56:43.0421 3900 amdagp - ok
18:56:43.0437 3900 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
18:56:43.0437 3900 amdide - ok
18:56:43.0453 3900 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
18:56:43.0468 3900 AmdK8 - ok
18:56:43.0718 3900 amdkmdag (71edf946145d2bead3c16f4fd2fa3773) C:\Windows\system32\DRIVERS\atikmdag.sys
18:56:43.0796 3900 amdkmdag - ok
18:56:43.0889 3900 amdkmdap (41876830a043176f7902e781238f95ef) C:\Windows\system32\DRIVERS\atikmpag.sys
18:56:43.0905 3900 amdkmdap - ok
18:56:43.0921 3900 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
18:56:43.0921 3900 AmdPPM - ok
18:56:43.0952 3900 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
18:56:43.0952 3900 amdsata - ok
18:56:43.0967 3900 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
18:56:43.0967 3900 amdsbs - ok
18:56:43.0983 3900 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
18:56:43.0983 3900 amdxata - ok
18:56:44.0030 3900 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
18:56:44.0030 3900 AppID - ok
18:56:44.0045 3900 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
18:56:44.0045 3900 AppIDSvc - ok
18:56:44.0077 3900 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
18:56:44.0077 3900 Appinfo - ok
18:56:44.0092 3900 AppleCharger (75a8b998eb259dd512f01ea25bec7f3b) C:\Windows\system32\DRIVERS\AppleCharger.sys
18:56:44.0108 3900 AppleCharger - ok
18:56:44.0139 3900 AppleChargerSrv (95ef7247c50c7241fdae39a9b3aff4ae) C:\Windows\system32\AppleChargerSrv.exe
18:56:44.0155 3900 AppleChargerSrv - ok
18:56:44.0186 3900 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
18:56:44.0186 3900 AppMgmt - ok
18:56:44.0217 3900 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
18:56:44.0217 3900 arc - ok
18:56:44.0233 3900 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
18:56:44.0248 3900 arcsas - ok
18:56:44.0467 3900 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
18:56:44.0498 3900 aspnet_state - ok
18:56:44.0513 3900 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
18:56:44.0513 3900 AsyncMac - ok
18:56:44.0545 3900 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
18:56:44.0545 3900 atapi - ok
18:56:44.0607 3900 atksgt (6e996cf8459a2594e0e9609d0e34d41f) C:\Windows\system32\DRIVERS\atksgt.sys
18:56:44.0654 3900 atksgt - ok
18:56:44.0701 3900 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
18:56:44.0701 3900 AudioEndpointBuilder - ok
18:56:44.0701 3900 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
18:56:44.0701 3900 Audiosrv - ok
18:56:44.0763 3900 Avgfwfd (c46ba2c177df0b84f9c0bfc1e4574dc7) C:\Windows\system32\DRIVERS\avgfwd6x.sys
18:56:44.0763 3900 Avgfwfd - ok
18:56:44.0935 3900 avgfws (5cd22eb540f82c70e33e530003f3903b) C:\Program Files\AVG\AVG2012\avgfws.exe
18:56:44.0950 3900 avgfws - ok
18:56:45.0137 3900 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
18:56:45.0169 3900 AVGIDSAgent - ok
18:56:45.0340 3900 AVGIDSDriver (f6878b90a8a9795116bce335238e65af) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
18:56:45.0340 3900 AVGIDSDriver - ok
18:56:45.0371 3900 AVGIDSEH (19a08a6728a6e02099d64268218cd799) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
18:56:45.0371 3900 AVGIDSEH - ok
18:56:45.0387 3900 AVGIDSFilter (f8927ab1dd086edeff2924a64dc89869) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
18:56:45.0387 3900 AVGIDSFilter - ok
18:56:45.0403 3900 AVGIDSShim (dadca567891033dcf2ec4a3f9da46ae4) C:\Windows\system32\DRIVERS\AVGIDSShim.Sys
18:56:45.0403 3900 AVGIDSShim - ok
18:56:45.0449 3900 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\Windows\system32\DRIVERS\avgldx86.sys
18:56:45.0449 3900 Avgldx86 - ok
18:56:45.0449 3900 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\Windows\system32\DRIVERS\avgmfx86.sys
18:56:45.0449 3900 Avgmfx86 - ok
18:56:45.0512 3900 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\Windows\system32\DRIVERS\avgrkx86.sys
18:56:45.0512 3900 Avgrkx86 - ok
18:56:45.0543 3900 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\Windows\system32\DRIVERS\avgtdix.sys
18:56:45.0543 3900 Avgtdix - ok
18:56:45.0574 3900 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
18:56:45.0590 3900 avgwd - ok
18:56:45.0590 3900 Scan interrupted by user!
18:56:45.0590 3900 Scan interrupted by user!
18:56:45.0590 3900 Scan interrupted by user!
18:56:45.0590 3900 ============================================================
18:56:45.0590 3900 Scan finished
18:56:45.0590 3900 ============================================================
18:56:45.0590 1904 Detected object count: 0
18:56:45.0590 1904 Actual detected object count: 0
18:56:52.0485 3736 ============================================================
18:56:52.0485 3736 Scan started
18:56:52.0485 3736 Mode: Manual;
18:56:52.0485 3736 ============================================================
18:56:52.0719 3736 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
18:56:52.0719 3736 1394ohci - ok
18:56:52.0750 3736 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
18:56:52.0766 3736 ACPI - ok
18:56:52.0781 3736 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
18:56:52.0781 3736 AcpiPmi - ok
18:56:52.0844 3736 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
18:56:52.0844 3736 AdobeARMservice - ok
18:56:52.0891 3736 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:56:52.0891 3736 AdobeFlashPlayerUpdateSvc - ok
18:56:52.0937 3736 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
18:56:52.0937 3736 adp94xx - ok
18:56:52.0969 3736 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
18:56:52.0969 3736 adpahci - ok
18:56:52.0984 3736 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
18:56:52.0984 3736 adpu320 - ok
18:56:53.0000 3736 AeLookupSvc (8b5eefeec1e6d1a72a06c526628ad161) C:\Windows\System32\aelupsvc.dll
18:56:53.0000 3736 AeLookupSvc - ok
18:56:53.0047 3736 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
18:56:53.0047 3736 AFD - ok
18:56:53.0062 3736 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
18:56:53.0062 3736 agp440 - ok
18:56:53.0062 3736 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
18:56:53.0062 3736 aic78xx - ok
18:56:53.0078 3736 ALG (18a54e132947cd98fea9accc57f98f13) C:\Windows\System32\alg.exe
18:56:53.0093 3736 ALG - ok
18:56:53.0109 3736 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
18:56:53.0109 3736 aliide - ok
18:56:53.0125 3736 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
18:56:53.0125 3736 amdagp - ok
18:56:53.0125 3736 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
18:56:53.0125 3736 amdide - ok
18:56:53.0140 3736 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
18:56:53.0140 3736 AmdK8 - ok
18:56:53.0359 3736 amdkmdag (71edf946145d2bead3c16f4fd2fa3773) C:\Windows\system32\DRIVERS\atikmdag.sys
18:56:53.0390 3736 amdkmdag - ok
18:56:53.0499 3736 amdkmdap (41876830a043176f7902e781238f95ef) C:\Windows\system32\DRIVERS\atikmpag.sys
18:56:53.0499 3736 amdkmdap - ok
18:56:53.0499 3736 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
18:56:53.0499 3736 AmdPPM - ok
18:56:53.0546 3736 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
18:56:53.0546 3736 amdsata - ok
18:56:53.0561 3736 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
18:56:53.0561 3736 amdsbs - ok
18:56:53.0577 3736 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
18:56:53.0577 3736 amdxata - ok
18:56:53.0608 3736 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
18:56:53.0608 3736 AppID - ok
18:56:53.0624 3736 AppIDSvc (62a9c86cb6085e20db4823e4e97826f5) C:\Windows\System32\appidsvc.dll
18:56:53.0624 3736 AppIDSvc - ok
18:56:53.0655 3736 Appinfo (fb1959012294d6ad43e5304df65e3c26) C:\Windows\System32\appinfo.dll
18:56:53.0655 3736 Appinfo - ok
18:56:53.0671 3736 AppleCharger (75a8b998eb259dd512f01ea25bec7f3b) C:\Windows\system32\DRIVERS\AppleCharger.sys
18:56:53.0671 3736 AppleCharger - ok
18:56:53.0702 3736 AppleChargerSrv (95ef7247c50c7241fdae39a9b3aff4ae) C:\Windows\system32\AppleChargerSrv.exe
18:56:53.0702 3736 AppleChargerSrv - ok
18:56:53.0717 3736 AppMgmt (a45d184df6a8803da13a0b329517a64a) C:\Windows\System32\appmgmts.dll
18:56:53.0717 3736 AppMgmt - ok
18:56:53.0749 3736 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
18:56:53.0749 3736 arc - ok
18:56:53.0764 3736 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
18:56:53.0764 3736 arcsas - ok
18:56:53.0858 3736 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
18:56:53.0858 3736 aspnet_state - ok
18:56:53.0873 3736 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
18:56:53.0873 3736 AsyncMac - ok
18:56:53.0889 3736 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
18:56:53.0889 3736 atapi - ok
18:56:53.0967 3736 atksgt (6e996cf8459a2594e0e9609d0e34d41f) C:\Windows\system32\DRIVERS\atksgt.sys
18:56:53.0967 3736 atksgt - ok
18:56:54.0014 3736 AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
18:56:54.0014 3736 AudioEndpointBuilder - ok
18:56:54.0014 3736 Audiosrv (ce3b4e731638d2ef62fcb419be0d39f0) C:\Windows\System32\Audiosrv.dll
18:56:54.0014 3736 Audiosrv - ok
18:56:54.0061 3736 Avgfwfd (c46ba2c177df0b84f9c0bfc1e4574dc7) C:\Windows\system32\DRIVERS\avgfwd6x.sys
18:56:54.0061 3736 Avgfwfd - ok
18:56:54.0185 3736 avgfws (5cd22eb540f82c70e33e530003f3903b) C:\Program Files\AVG\AVG2012\avgfws.exe
18:56:54.0201 3736 avgfws - ok
18:56:54.0419 3736 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
18:56:54.0435 3736 AVGIDSAgent - ok
18:56:54.0560 3736 AVGIDSDriver (f6878b90a8a9795116bce335238e65af) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
18:56:54.0560 3736 AVGIDSDriver - ok
18:56:54.0575 3736 AVGIDSEH (19a08a6728a6e02099d64268218cd799) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
18:56:54.0575 3736 AVGIDSEH - ok
18:56:54.0591 3736 AVGIDSFilter (f8927ab1dd086edeff2924a64dc89869) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
18:56:54.0591 3736 AVGIDSFilter - ok
18:56:54.0622 3736 AVGIDSShim (dadca567891033dcf2ec4a3f9da46ae4) C:\Windows\system32\DRIVERS\AVGIDSShim.Sys
18:56:54.0622 3736 AVGIDSShim - ok
18:56:54.0669 3736 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\Windows\system32\DRIVERS\avgldx86.sys
18:56:54.0669 3736 Avgldx86 - ok
18:56:54.0685 3736 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\Windows\system32\DRIVERS\avgmfx86.sys
18:56:54.0685 3736 Avgmfx86 - ok
18:56:54.0700 3736 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\Windows\system32\DRIVERS\avgrkx86.sys
18:56:54.0700 3736 Avgrkx86 - ok
18:56:54.0731 3736 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\Windows\system32\DRIVERS\avgtdix.sys
18:56:54.0731 3736 Avgtdix - ok
18:56:54.0763 3736 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
18:56:54.0763 3736 avgwd - ok
18:56:54.0794 3736 AxInstSV (6e30d02aac9cac84f421622e3a2f6178) C:\Windows\System32\AxInstSV.dll
18:56:54.0794 3736 AxInstSV - ok
18:56:54.0841 3736 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
18:56:54.0887 3736 b06bdrv - ok
18:56:54.0934 3736 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
18:56:54.0981 3736 b57nd60x - ok
18:56:55.0028 3736 BCUService (382b151daffe4a9ce9da9f564b66761e) C:\Program Files\DeviceVM\Browser Configuration Utility\BCUService.exe
18:56:55.0106 3736 BCUService - ok
18:56:55.0121 3736 BDESVC (ee1e9c3bb8228ae423dd38db69128e71) C:\Windows\System32\bdesvc.dll
18:56:55.0121 3736 BDESVC - ok
18:56:55.0137 3736 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
18:56:55.0137 3736 Beep - ok
18:56:55.0184 3736 BFE (1e2bac209d184bb851e1a187d8a29136) C:\Windows\System32\bfe.dll
18:56:55.0184 3736 BFE - ok
18:56:55.0246 3736 BITS (e585445d5021971fae10393f0f1c3961) C:\Windows\system32\qmgr.dll
18:56:55.0246 3736 BITS - ok
18:56:55.0293 3736 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
18:56:55.0309 3736 blbdrive - ok
18:56:55.0355 3736 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
18:56:55.0355 3736 bowser - ok
18:56:55.0355 3736 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:56:55.0371 3736 BrFiltLo - ok
18:56:55.0387 3736 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:56:55.0402 3736 BrFiltUp - ok
18:56:55.0449 3736 Browser (6e11f33d14d020f58d5e02e4d67dfa19) C:\Windows\System32\browser.dll
18:56:55.0449 3736 Browser - ok
18:56:55.0480 3736 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
18:56:55.0496 3736 Brserid - ok
18:56:55.0527 3736 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
18:56:55.0543 3736 BrSerWdm - ok
18:56:55.0543 3736 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
18:56:55.0558 3736 BrUsbMdm - ok
18:56:55.0574 3736 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
18:56:55.0574 3736 BrUsbSer - ok
18:56:55.0589 3736 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
18:56:55.0621 3736 BTHMODEM - ok
18:56:55.0636 3736 bthserv (1df19c96eef6c29d1c3e1a8678e07190) C:\Windows\system32\bthserv.dll
18:56:55.0636 3736 bthserv - ok
18:56:55.0683 3736 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
18:56:55.0683 3736 cdfs - ok
18:56:55.0714 3736 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
18:56:55.0730 3736 cdrom - ok
18:56:55.0761 3736 CertPropSvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
18:56:55.0761 3736 CertPropSvc - ok
18:56:55.0792 3736 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
18:56:55.0808 3736 circlass - ok
18:56:55.0823 3736 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
18:56:55.0823 3736 CLFS - ok
18:56:55.0886 3736 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:56:55.0886 3736 clr_optimization_v2.0.50727_32 - ok
18:56:55.0948 3736 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:56:56.0026 3736 clr_optimization_v4.0.30319_32 - ok
18:56:56.0042 3736 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
18:56:56.0057 3736 CmBatt - ok
18:56:56.0089 3736 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
18:56:56.0089 3736 cmdide - ok
18:56:56.0120 3736 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys
18:56:56.0120 3736 CNG - ok
18:56:56.0135 3736 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
18:56:56.0135 3736 Compbatt - ok
18:56:56.0167 3736 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
18:56:56.0167 3736 CompositeBus - ok
18:56:56.0167 3736 COMSysApp - ok
18:56:56.0182 3736 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
18:56:56.0182 3736 crcdisk - ok
18:56:56.0213 3736 CryptSvc (a585bebf7d054bd9618eda0922d5484a) C:\Windows\system32\cryptsvc.dll
18:56:56.0229 3736 CryptSvc - ok
18:56:56.0260 3736 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
18:56:56.0276 3736 CSC - ok
18:56:56.0307 3736 CscService (15f93b37f6801943360d9eb42485d5d3) C:\Windows\System32\cscsvc.dll
18:56:56.0323 3736 CscService - ok
18:56:56.0338 3736 DcomLaunch (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
18:56:56.0338 3736 DcomLaunch - ok
18:56:56.0369 3736 defragsvc (8d6e10a2d9a5eed59562d9b82cf804e1) C:\Windows\System32\defragsvc.dll
18:56:56.0369 3736 defragsvc - ok
18:56:56.0416 3736 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
18:56:56.0447 3736 DfsC - ok
18:56:56.0479 3736 Dhcp (e9e01eb683c132f7fa27cd607b8a2b63) C:\Windows\system32\dhcpcore.dll
18:56:56.0494 3736 Dhcp - ok
18:56:56.0510 3736 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
18:56:56.0510 3736 discache - ok
18:56:56.0525 3736 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
18:56:56.0525 3736 Disk - ok
18:56:56.0557 3736 Dnscache (33ef4861f19a0736b11314aad9ae28d0) C:\Windows\System32\dnsrslvr.dll
18:56:56.0557 3736 Dnscache - ok
18:56:56.0603 3736 dot3svc (366ba8fb4b7bb7435e3b9eacb3843f67) C:\Windows\System32\dot3svc.dll
18:56:56.0603 3736 dot3svc - ok
18:56:56.0619 3736 DPS (8ec04ca86f1d68da9e11952eb85973d6) C:\Windows\system32\dps.dll
18:56:56.0619 3736 DPS - ok
18:56:56.0635 3736 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
18:56:56.0650 3736 drmkaud - ok
18:56:56.0697 3736 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
18:56:56.0697 3736 DXGKrnl - ok
18:56:56.0744 3736 EapHost (8600142fa91c1b96367d3300ad0f3f3a) C:\Windows\System32\eapsvc.dll
18:56:56.0744 3736 EapHost - ok
18:56:56.0822 3736 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
18:56:56.0869 3736 ebdrv - ok
18:56:56.0962 3736 EFS (f42309c4191c506b71db5d1126d26318) C:\Windows\System32\lsass.exe
18:56:56.0962 3736 EFS - ok
18:56:57.0025 3736 ehRecvr (a8c362018efc87beb013ee28f29c0863) C:\Windows\ehome\ehRecvr.exe
18:56:57.0071 3736 ehRecvr - ok
18:56:57.0134 3736 ehSched (d389bff34f80caede417bf9d1507996a) C:\Windows\ehome\ehsched.exe
18:56:57.0149 3736 ehSched - ok
18:56:57.0227 3736 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
18:56:57.0227 3736 elxstor - ok
18:56:57.0259 3736 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
18:56:57.0259 3736 ErrDev - ok
18:56:57.0305 3736 EventSystem (f6916efc29d9953d5d0df06882ae8e16) C:\Windows\system32\es.dll
18:56:57.0305 3736 EventSystem - ok
18:56:57.0321 3736 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
18:56:57.0321 3736 exfat - ok
18:56:57.0337 3736 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
18:56:57.0352 3736 fastfat - ok
18:56:57.0383 3736 Fax (967ea5b213e9984cbe270205df37755b) C:\Windows\system32\fxssvc.exe
18:56:57.0383 3736 Fax - ok
18:56:57.0399 3736 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
18:56:57.0415 3736 fdc - ok
18:56:57.0446 3736 fdPHost (f3222c893bd2f5821a0179e5c71e88fb) C:\Windows\system32\fdPHost.dll
18:56:57.0446 3736 fdPHost - ok
18:56:57.0493 3736 FDResPub (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\Windows\system32\fdrespub.dll
18:56:57.0493 3736 FDResPub - ok
18:56:57.0524 3736 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
18:56:57.0524 3736 FileInfo - ok
18:56:57.0539 3736 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
18:56:57.0539 3736 Filetrace - ok
18:56:57.0539 3736 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
18:56:57.0555 3736 flpydisk - ok
18:56:57.0571 3736 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
18:56:57.0571 3736 FltMgr - ok
18:56:57.0617 3736 FontCache (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\Windows\system32\FntCache.dll
18:56:57.0633 3736 FontCache - ok
18:56:57.0711 3736 FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:56:57.0711 3736 FontCache3.0.0.0 - ok
18:56:57.0711 3736 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
18:56:57.0711 3736 FsDepends - ok
18:56:57.0742 3736 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
18:56:57.0742 3736 Fs_Rec - ok
18:56:57.0805 3736 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
18:56:57.0805 3736 fvevol - ok
18:56:57.0820 3736 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
18:56:57.0820 3736 gagp30kx - ok
18:56:57.0836 3736 gdrv - ok
18:56:57.0898 3736 gpsvc (e897eaf5ed6ba41e081060c9b447a673) C:\Windows\System32\gpsvc.dll
18:56:57.0898 3736 gpsvc - ok
18:56:58.0023 3736 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
18:56:58.0023 3736 gupdate - ok
18:56:58.0023 3736 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
18:56:58.0023 3736 gupdatem - ok
18:56:58.0054 3736 GVTDrv (689a8eef2a2d62b28a0a578a6196531c) C:\Windows\system32\Drivers\GVTDrv.sys
18:56:58.0070 3736 GVTDrv - ok
18:56:58.0085 3736 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
18:56:58.0101 3736 hcw85cir - ok
18:56:58.0132 3736 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
18:56:58.0148 3736 HdAudAddService - ok
18:56:58.0179 3736 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
18:56:58.0179 3736 HDAudBus - ok
18:56:58.0195 3736 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
18:56:58.0210 3736 HidBatt - ok
18:56:58.0241 3736 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
18:56:58.0257 3736 HidBth - ok
18:56:58.0257 3736 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
18:56:58.0288 3736 HidIr - ok
18:56:58.0304 3736 hidserv (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\Windows\System32\hidserv.dll
18:56:58.0319 3736 hidserv - ok
18:56:58.0351 3736 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
18:56:58.0382 3736 HidUsb - ok
18:56:58.0397 3736 hkmsvc (196b4e3f4cccc24af836ce58facbb699) C:\Windows\system32\kmsvc.dll
18:56:58.0397 3736 hkmsvc - ok
18:56:58.0444 3736 HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\Windows\system32\ListSvc.dll
18:56:58.0444 3736 HomeGroupListener - ok
18:56:58.0475 3736 HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\Windows\system32\provsvc.dll
18:56:58.0475 3736 HomeGroupProvider - ok
18:56:58.0491 3736 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
18:56:58.0491 3736 HpSAMD - ok
18:56:58.0522 3736 hshld - ok
18:56:58.0538 3736 HssDrv (4f28652ec514fa1ba473bc1a695a5c98) C:\Windows\system32\DRIVERS\HssDrv.sys
18:56:58.0538 3736 HssDrv - ok
18:56:58.0600 3736 HssSrv (2cfea9c337b699aca38487e8a7438f35) C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
18:56:58.0600 3736 HssSrv - ok
18:56:58.0631 3736 HssTrayService (9d4f6f660105798112ce7069d0cb9ab9) C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
18:56:58.0647 3736 HssTrayService - ok
18:56:58.0647 3736 HssWd - ok
18:56:58.0694 3736 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
18:56:58.0694 3736 HTTP - ok
18:56:58.0725 3736 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
18:56:58.0725 3736 hwpolicy - ok
18:56:58.0756 3736 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
18:56:58.0772 3736 i8042prt - ok
18:56:58.0787 3736 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
18:56:58.0787 3736 iaStorV - ok
18:56:58.0912 3736 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
18:56:58.0928 3736 IDriverT - ok
18:56:59.0037 3736 idsvc (c521d7eb6497bb1af6afa89e322fb43c) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:56:59.0037 3736 idsvc - ok
18:56:59.0115 3736 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
18:56:59.0115 3736 iirsp - ok
18:56:59.0162 3736 IKEEXT (f95622f161474511b8d80d6b093aa610) C:\Windows\System32\ikeext.dll
18:56:59.0162 3736 IKEEXT - ok
18:56:59.0177 3736 IntcAzAudAddService - ok
18:56:59.0193 3736 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
18:56:59.0193 3736 intelide - ok
18:56:59.0209 3736 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
18:56:59.0224 3736 intelppm - ok
18:56:59.0255 3736 IPBusEnum (acb364b9075a45c0736e5c47be5cae19) C:\Windows\system32\ipbusenum.dll
18:56:59.0255 3736 IPBusEnum - ok
18:56:59.0255 3736 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:56:59.0255 3736 IpFilterDriver - ok
18:56:59.0318 3736 iphlpsvc (4d65a07b795d6674312f879d09aa7663) C:\Windows\System32\iphlpsvc.dll
18:56:59.0318 3736 iphlpsvc - ok
18:56:59.0365 3736 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
18:56:59.0380 3736 IPMIDRV - ok
18:56:59.0411 3736 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
18:56:59.0411 3736 IPNAT - ok
18:56:59.0411 3736 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
18:56:59.0411 3736 IRENUM - ok
18:56:59.0443 3736 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
18:56:59.0443 3736 isapnp - ok
18:56:59.0458 3736 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
18:56:59.0458 3736 iScsiPrt - ok
18:56:59.0489 3736 k750bus (fe8300320281d658a7854d5cfc02a63f) C:\Windows\system32\DRIVERS\k750bus.sys
18:56:59.0521 3736 k750bus - ok
18:56:59.0552 3736 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
18:56:59.0552 3736 kbdclass - ok
18:56:59.0583 3736 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
18:56:59.0599 3736 kbdhid - ok
18:56:59.0630 3736 KeyIso (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
18:56:59.0630 3736 KeyIso - ok
18:56:59.0661 3736 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys
18:56:59.0677 3736 KSecDD - ok
18:56:59.0692 3736 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys
18:56:59.0692 3736 KSecPkg - ok
18:56:59.0723 3736 KtmRm (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\Windows\system32\msdtckrm.dll
18:56:59.0723 3736 KtmRm - ok
18:56:59.0755 3736 LanmanServer (d64af876d53eca3668bb97b51b4e70ab) C:\Windows\System32\srvsvc.dll
18:56:59.0755 3736 LanmanServer - ok
18:56:59.0801 3736 LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\Windows\System32\wkssvc.dll
18:56:59.0801 3736 LanmanWorkstation - ok
18:56:59.0848 3736 lirsgt (975b6cf65f44e95883f3855bae8cecaf) C:\Windows\system32\DRIVERS\lirsgt.sys
18:56:59.0864 3736 lirsgt - ok
18:56:59.0879 3736 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
18:56:59.0879 3736 lltdio - ok
18:56:59.0911 3736 lltdsvc (5700673e13a2117fa3b9020c852c01e2) C:\Windows\System32\lltdsvc.dll
18:56:59.0911 3736 lltdsvc - ok
18:56:59.0926 3736 lmhosts (55ca01ba19d0006c8f2639b6c045e08b) C:\Windows\System32\lmhsvc.dll
18:56:59.0926 3736 lmhosts - ok
18:56:59.0942 3736 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
18:56:59.0942 3736 LSI_FC - ok
18:56:59.0957 3736 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
18:56:59.0973 3736 LSI_SAS - ok
18:56:59.0973 3736 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:56:59.0973 3736 LSI_SAS2 - ok
18:56:59.0989 3736 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:56:59.0989 3736 LSI_SCSI - ok
18:57:00.0004 3736 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
18:57:00.0004 3736 luafv - ok
18:57:00.0067 3736 LVRS (b895839b8743e400d7c7dae156f74e7e) C:\Windows\system32\DRIVERS\lvrs.sys
18:57:00.0067 3736 LVRS - ok
18:57:00.0098 3736 LVUSBSta (23f8ef78bb9553e465a476f3cee5ca18) C:\Windows\system32\drivers\LVUSBSta.sys
18:57:00.0098 3736 LVUSBSta - ok
18:57:00.0145 3736 MBAMProtector (6dfe7f2e8e8a337263aa5c92a215f161) C:\Windows\system32\drivers\mbam.sys
18:57:00.0145 3736 MBAMProtector - ok
18:57:00.0223 3736 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
18:57:00.0223 3736 MBAMService - ok
18:57:00.0316 3736 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
18:57:00.0332 3736 McComponentHostService - ok
18:57:00.0347 3736 Mcx2Svc (bfb9ee8ee977efe85d1a3105abef6dd1) C:\Windows\system32\Mcx2Svc.dll
18:57:00.0363 3736 Mcx2Svc - ok
18:57:00.0379 3736 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
18:57:00.0379 3736 megasas - ok
18:57:00.0410 3736 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
18:57:00.0410 3736 MegaSR - ok
18:57:00.0425 3736 MMCSS (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
18:57:00.0441 3736 MMCSS - ok
18:57:00.0441 3736 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
18:57:00.0441 3736 Modem - ok
18:57:00.0457 3736 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
18:57:00.0457 3736 monitor - ok
18:57:00.0488 3736 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
18:57:00.0488 3736 mouclass - ok
18:57:00.0488 3736 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
18:57:00.0503 3736 mouhid - ok
18:57:00.0535 3736 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
18:57:00.0550 3736 mountmgr - ok
18:57:00.0613 3736 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:57:00.0613 3736 MozillaMaintenance - ok
18:57:00.0628 3736 Mp3Tube Toolbar Service - ok
18:57:00.0675 3736 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys
18:57:00.0675 3736 MpFilter - ok
18:57:00.0722 3736 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
18:57:00.0722 3736 mpio - ok
18:57:00.0769 3736 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
18:57:00.0769 3736 mpsdrv - ok
18:57:00.0815 3736 MpsSvc (9835584e999d25004e1ee8e5f3e3b881) C:\Windows\system32\mpssvc.dll
18:57:00.0815 3736 MpsSvc - ok
18:57:00.0862 3736 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
18:57:00.0862 3736 MRxDAV - ok
18:57:00.0893 3736 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:57:00.0893 3736 mrxsmb - ok
18:57:00.0925 3736 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:57:00.0940 3736 mrxsmb10 - ok
18:57:00.0956 3736 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:57:00.0956 3736 mrxsmb20 - ok
18:57:00.0971 3736 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
18:57:00.0971 3736 msahci - ok
18:57:00.0987 3736 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
18:57:00.0987 3736 msdsm - ok
18:57:01.0003 3736 MSDTC (e1bce74a3bd9902b72599c0192a07e27) C:\Windows\System32\msdtc.exe
18:57:01.0003 3736 MSDTC - ok
18:57:01.0034 3736 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
18:57:01.0034 3736 Msfs - ok
18:57:01.0049 3736 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
18:57:01.0049 3736 mshidkmdf - ok
18:57:01.0081 3736 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
18:57:01.0081 3736 msisadrv - ok
18:57:01.0112 3736 MSiSCSI (90f7d9e6b6f27e1a707d4a297f077828) C:\Windows\system32\iscsiexe.dll
18:57:01.0112 3736 MSiSCSI - ok
18:57:01.0112 3736 msiserver - ok
18:57:01.0127 3736 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
18:57:01.0127 3736 MSKSSRV - ok
18:57:01.0221 3736 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe
18:57:01.0221 3736 MsMpSvc - ok
18:57:01.0237 3736 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
18:57:01.0237 3736 MSPCLOCK - ok
18:57:01.0268 3736 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
18:57:01.0268 3736 MSPQM - ok
18:57:01.0283 3736 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
18:57:01.0283 3736 MsRPC - ok
18:57:01.0299 3736 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
18:57:01.0299 3736 mssmbios - ok
18:57:01.0315 3736 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
18:57:01.0315 3736 MSTEE - ok
18:57:01.0346 3736 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
18:57:01.0346 3736 MTConfig - ok
18:57:01.0377 3736 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
18:57:01.0377 3736 Mup - ok
18:57:01.0408 3736 napagent (61d57a5d7c6d9afe10e77dae6e1b445e) C:\Windows\system32\qagentRT.dll
18:57:01.0408 3736 napagent - ok
18:57:01.0455 3736 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
18:57:01.0455 3736 NativeWifiP - ok
18:57:01.0533 3736 NAUpdate (9d1cce440552500ded3a62f9d779cdb4) C:\Program Files\Nero\Update\NASvc.exe
18:57:01.0549 3736 NAUpdate - ok
18:57:01.0611 3736 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
18:57:01.0627 3736 NDIS - ok
18:57:01.0658 3736 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
18:57:01.0658 3736 NdisCap - ok
18:57:01.0673 3736 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
18:57:01.0673 3736 NdisTapi - ok
18:57:01.0705 3736 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
18:57:01.0705 3736 Ndisuio - ok
18:57:01.0736 3736 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
18:57:01.0736 3736 NdisWan - ok
18:57:01.0767 3736 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
18:57:01.0767 3736 NDProxy - ok
18:57:01.0783 3736 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
18:57:01.0783 3736 NetBIOS - ok
18:57:01.0814 3736 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
18:57:01.0845 3736 NetBT - ok
18:57:01.0907 3736 Netlogon (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
18:57:01.0907 3736 Netlogon - ok
18:57:01.0939 3736 Netman (7cccfca7510684768da22092d1fa4db2) C:\Windows\System32\netman.dll
18:57:01.0939 3736 Netman - ok
18:57:02.0017 3736 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:57:02.0032 3736 NetMsmqActivator - ok
18:57:02.0032 3736 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:57:02.0032 3736 NetPipeActivator - ok
18:57:02.0063 3736 netprofm (8c338238c16777a802d6a9211eb2ba50) C:\Windows\System32\netprofm.dll
18:57:02.0063 3736 netprofm - ok
18:57:02.0079 3736 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:57:02.0079 3736 NetTcpActivator - ok
18:57:02.0079 3736 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:57:02.0079 3736 NetTcpPortSharing - ok
18:57:02.0095 3736 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
18:57:02.0095 3736 nfrd960 - ok
18:57:02.0141 3736 NisDrv (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
18:57:02.0157 3736 NisDrv - ok
18:57:02.0266 3736 NisSrv (290c0d4c4889398797f8df3be00b9698) c:\Program Files\Microsoft Security Client\NisSrv.exe
18:57:02.0266 3736 NisSrv - ok
18:57:02.0313 3736 NlaSvc (912084381d30d8b89ec4e293053f4710) C:\Windows\System32\nlasvc.dll
18:57:02.0313 3736 NlaSvc - ok
18:57:02.0313 3736 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
18:57:02.0313 3736 Npfs - ok
18:57:02.0329 3736 nsi (ba387e955e890c8a88306d9b8d06bf17) C:\Windows\system32\nsisvc.dll
18:57:02.0344 3736 nsi - ok
18:57:02.0344 3736 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
18:57:02.0344 3736 nsiproxy - ok
18:57:02.0422 3736 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
18:57:02.0422 3736 Ntfs - ok
18:57:02.0531 3736 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
18:57:02.0531 3736 Null - ok
18:57:02.0578 3736 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
18:57:02.0578 3736 nvraid - ok
18:57:02.0594 3736 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
18:57:02.0594 3736 nvstor - ok
18:57:02.0609 3736 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
18:57:02.0609 3736 nv_agp - ok
18:57:02.0625 3736 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
18:57:02.0625 3736 ohci1394 - ok
18:57:02.0687 3736 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:57:02.0687 3736 ose - ok
18:57:02.0890 3736 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:57:02.0937 3736 osppsvc - ok
18:57:02.0999 3736 p2pimsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
18:57:02.0999 3736 p2pimsvc - ok
18:57:03.0031 3736 p2psvc (59c3ddd501e39e006dac31bf55150d91) C:\Windows\system32\p2psvc.dll
18:57:03.0031 3736 p2psvc - ok
18:57:03.0046 3736 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
18:57:03.0077 3736 Parport - ok
18:57:03.0109 3736 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
18:57:03.0124 3736 partmgr - ok
18:57:03.0124 3736 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
18:57:03.0140 3736 Parvdm - ok
18:57:03.0155 3736 PcaSvc (358ab7956d3160000726574083dfc8a6) C:\Windows\System32\pcasvc.dll
18:57:03.0155 3736 PcaSvc - ok
18:57:03.0171 3736 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
18:57:03.0171 3736 pci - ok
18:57:03.0187 3736 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
18:57:03.0187 3736 pciide - ok
18:57:03.0218 3736 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
18:57:03.0218 3736 pcmcia - ok
18:57:03.0249 3736 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
18:57:03.0249 3736 pcw - ok
18:57:03.0280 3736 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
18:57:03.0280 3736 PEAUTH - ok
18:57:03.0343 3736 PeerDistSvc (af4d64d2a57b9772cf3801950b8058a6) C:\Windows\system32\peerdistsvc.dll
18:57:03.0358 3736 PeerDistSvc - ok
18:57:03.0374 3736 pepifilter (a05f0d7419cf4680eedd5736e6549e7b) C:\Windows\system32\DRIVERS\lv302af.sys
18:57:03.0374 3736 pepifilter - ok
18:57:03.0483 3736 PID_PEPI (4bb5ac2dd485b8eefccb977ee66a68ad) C:\Windows\system32\DRIVERS\LV302V32.SYS
18:57:03.0499 3736 PID_PEPI - ok
18:57:03.0655 3736 pla (414bba67a3ded1d28437eb66aeb8a720) C:\Windows\system32\pla.dll
18:57:03.0670 3736 pla - ok
18:57:03.0748 3736 PlugPlay (ec7bc28d207da09e79b3e9faf8b232ca) C:\Windows\system32\umpnpmgr.dll
18:57:03.0748 3736 PlugPlay - ok
18:57:03.0795 3736 PnkBstrA (3a2bdd76e7d2a5f40a7174793d1ba794) C:\Windows\system32\PnkBstrA.exe
18:57:03.0857 3736 PnkBstrA - ok
18:57:03.0889 3736 PNRPAutoReg (63ff8572611249931eb16bb8eed6afc8) C:\Windows\system32\pnrpauto.dll
18:57:03.0889 3736 PNRPAutoReg - ok
18:57:03.0935 3736 PNRPsvc (82a8521ddc60710c3d3d3e7325209bec) C:\Windows\system32\pnrpsvc.dll
18:57:03.0935 3736 PNRPsvc - ok
18:57:03.0967 3736 PolicyAgent (53946b69ba0836bd95b03759530c81ec) C:\Windows\System32\ipsecsvc.dll
18:57:03.0967 3736 PolicyAgent - ok
18:57:04.0013 3736 Power (f87d30e72e03d579a5199ccb3831d6ea) C:\Windows\system32\umpo.dll
18:57:04.0013 3736 Power - ok
18:57:04.0045 3736 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
18:57:04.0060 3736 PptpMiniport - ok
18:57:04.0076 3736 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
18:57:04.0091 3736 Processor - ok
18:57:04.0154 3736 ProfSvc (43ca4ccc22d52fb58e8988f0198851d0) C:\Windows\system32\profsvc.dll
18:57:04.0154 3736 ProfSvc - ok
18:57:04.0169 3736 ProtectedStorage (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
18:57:04.0169 3736 ProtectedStorage - ok
18:57:04.0185 3736 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
18:57:04.0185 3736 Psched - ok
18:57:04.0232 3736 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
18:57:04.0247 3736 ql2300 - ok
18:57:04.0294 3736 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
18:57:04.0310 3736 ql40xx - ok
18:57:04.0325 3736 QWAVE (31ac809e7707eb580b2bdb760390765a) C:\Windows\system32\qwave.dll
18:57:04.0325 3736 QWAVE - ok
18:57:04.0341 3736 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
18:57:04.0341 3736 QWAVEdrv - ok
18:57:04.0357 3736 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
18:57:04.0357 3736 RasAcd - ok
18:57:04.0372 3736 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
18:57:04.0388 3736 RasAgileVpn - ok
18:57:04.0403 3736 RasAuto (a60f1839849c0c00739787fd5ec03f13) C:\Windows\System32\rasauto.dll
18:57:04.0403 3736 RasAuto - ok
18:57:04.0403 3736 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:57:04.0403 3736 Rasl2tp - ok
18:57:04.0450 3736 RasMan (cb9e04dc05eacf5b9a36ca276d475006) C:\Windows\System32\rasmans.dll
18:57:04.0466 3736 RasMan - ok
18:57:04.0497 3736 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
18:57:04.0497 3736 RasPppoe - ok
18:57:04.0513 3736 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
18:57:04.0513 3736 RasSstp - ok
18:57:04.0575 3736 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
18:57:04.0606 3736 rdbss - ok
18:57:04.0653 3736 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
18:57:04.0653 3736 rdpbus - ok
18:57:04.0669 3736 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:57:04.0669 3736 RDPCDD - ok
18:57:04.0700 3736 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
18:57:04.0700 3736 RDPDR - ok
18:57:04.0715 3736 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
18:57:04.0715 3736 RDPENCDD - ok
18:57:04.0747 3736 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
18:57:04.0747 3736 RDPREFMP - ok
18:57:04.0809 3736 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
18:57:04.0809 3736 RDPWD - ok
18:57:04.0856 3736 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
18:57:04.0856 3736 rdyboost - ok
18:57:04.0903 3736 RemoteAccess (7b5e1419717fac363a31cc302895217a) C:\Windows\System32\mprdim.dll
18:57:04.0903 3736 RemoteAccess - ok
18:57:04.0934 3736 RemoteRegistry (cb9a8683f4ef2bf99e123d79950d7935) C:\Windows\system32\regsvc.dll
18:57:04.0934 3736 RemoteRegistry - ok
18:57:04.0949 3736 RpcEptMapper (78d072f35bc45d9e4e1b61895c152234) C:\Windows\System32\RpcEpMap.dll
18:57:04.0949 3736 RpcEptMapper - ok
18:57:04.0965 3736 RpcLocator (94d36c0e44677dd26981d2bfeef2a29d) C:\Windows\system32\locator.exe
18:57:04.0965 3736 RpcLocator - ok
18:57:04.0996 3736 RpcSs (7660f01d3b38aca1747e397d21d790af) C:\Windows\system32\rpcss.dll
18:57:04.0996 3736 RpcSs - ok
18:57:05.0012 3736 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
18:57:05.0012 3736 rspndr - ok
18:57:05.0043 3736 RTHDMIAzAudService (2fdc33b63f80fbfe95203c2186af0ce8) C:\Windows\system32\drivers\RtHDMIV.sys
18:57:05.0043 3736 RTHDMIAzAudService - ok
18:57:05.0074 3736 RTL8167 (1a42b4cba44778d312e668cd166cbcbb) C:\Windows\system32\DRIVERS\Rt86win7.sys
18:57:05.0074 3736 RTL8167 - ok
18:57:05.0105 3736 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
18:57:05.0105 3736 s3cap - ok
18:57:05.0121 3736 SamSs (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
18:57:05.0121 3736 SamSs - ok
18:57:05.0152 3736 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
18:57:05.0152 3736 sbp2port - ok
18:57:05.0168 3736 SCardSvr (8fc518ffe9519c2631d37515a68009c4) C:\Windows\System32\SCardSvr.dll
18:57:05.0168 3736 SCardSvr - ok
18:57:05.0183 3736 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
18:57:05.0183 3736 scfilter - ok
18:57:05.0246 3736 Schedule (a04bb13f8a72f8b6e8b4071723e4e336) C:\Windows\system32\schedsvc.dll
18:57:05.0246 3736 Schedule - ok
18:57:05.0293 3736 SCPolicySvc (319c6b309773d063541d01df8ac6f55f) C:\Windows\System32\certprop.dll
18:57:05.0293 3736 SCPolicySvc - ok
18:57:05.0324 3736 SDRSVC (08236c4bce5edd0a0318a438af28e0f7) C:\Windows\System32\SDRSVC.dll
18:57:05.0324 3736 SDRSVC - ok
18:57:05.0339 3736 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
18:57:05.0355 3736 secdrv - ok
18:57:05.0402 3736 seclogon (a59b3a4442c52060cc7a85293aa3546f) C:\Windows\system32\seclogon.dll
18:57:05.0402 3736 seclogon - ok
18:57:05.0417 3736 SENS (dcb7fcdcc97f87360f75d77425b81737) C:\Windows\system32\sens.dll
18:57:05.0433 3736 SENS - ok
18:57:05.0449 3736 SensrSvc (50087fe1ee447009c9cc2997b90de53f) C:\Windows\system32\sensrsvc.dll
18:57:05.0449 3736 SensrSvc - ok
18:57:05.0480 3736 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
18:57:05.0480 3736 Serenum - ok
18:57:05.0511 3736 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
18:57:05.0573 3736 Serial - ok
18:57:05.0605 3736 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
18:57:05.0605 3736 sermouse - ok
18:57:05.0651 3736 SessionEnv (4ae380f39a0032eab7dd953030b26d28) C:\Windows\system32\sessenv.dll
18:57:05.0651 3736 SessionEnv - ok
18:57:05.0667 3736 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
18:57:05.0667 3736 sffdisk - ok
18:57:05.0683 3736 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
18:57:05.0683 3736 sffp_mmc - ok
18:57:05.0683 3736 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
18:57:05.0683 3736 sffp_sd - ok
18:57:05.0698 3736 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
18:57:05.0714 3736 sfloppy - ok
18:57:05.0745 3736 SharedAccess (d1a079a0de2ea524513b6930c24527a2) C:\Windows\System32\ipnathlp.dll
18:57:05.0745 3736 SharedAccess - ok
18:57:05.0807 3736 ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\Windows\System32\shsvcs.dll
18:57:05.0807 3736 ShellHWDetection - ok
18:57:05.0823 3736 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
18:57:05.0823 3736 sisagp - ok
18:57:05.0839 3736 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:57:05.0839 3736 SiSRaid2 - ok
18:57:05.0854 3736 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
18:57:05.0870 3736 SiSRaid4 - ok
18:57:05.0885 3736 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
18:57:05.0885 3736 Smb - ok
18:57:05.0901 3736 SNMPTRAP (6a984831644eca1a33ffeae4126f4f37) C:\Windows\System32\snmptrap.exe
18:57:05.0901 3736 SNMPTRAP - ok
18:57:05.0917 3736 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
18:57:05.0917 3736 spldr - ok
18:57:05.0963 3736 Spooler (866a43013535dc8587c258e43579c764) C:\Windows\System32\spoolsv.exe
18:57:05.0963 3736 Spooler - ok
18:57:06.0057 3736 sppsvc (cf87a1de791347e75b98885214ced2b8) C:\Windows\system32\sppsvc.exe
18:57:06.0088 3736 sppsvc - ok
18:57:06.0182 3736 sppuinotify (b0180b20b065d89232a78a40fe56eaa6) C:\Windows\system32\sppuinotify.dll
18:57:06.0182 3736 sppuinotify - ok
18:57:06.0244 3736 sptd (cdddec541bc3c96f91ecb48759673505) C:\Windows\system32\Drivers\sptd.sys
18:57:06.0244 3736 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
18:57:06.0244 3736 sptd ( LockedFile.Multi.Generic ) - warning
18:57:06.0244 3736 sptd - detected LockedFile.Multi.Generic (1)
18:57:06.0322 3736 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
18:57:06.0322 3736 srv - ok

[xwarrr]

DRUHA CAST: DUVOD NEVESLo SE

18:57:06.0353 3736 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
18:57:06.0353 3736 srv2 - ok
18:57:06.0369 3736 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
18:57:06.0369 3736 srvnet - ok
18:57:06.0385 3736 SSDPSRV (d887c9fd02ac9fa880f6e5027a43e118) C:\Windows\System32\ssdpsrv.dll
18:57:06.0385 3736 SSDPSRV - ok
18:57:06.0400 3736 SstpSvc (d318f23be45d5e3a107469eb64815b50) C:\Windows\system32\sstpsvc.dll
18:57:06.0416 3736 SstpSvc - ok
18:57:06.0431 3736 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
18:57:06.0431 3736 stexstor - ok
18:57:06.0478 3736 StiSvc (e1fb3706030fb4578a0d72c2fc3689e4) C:\Windows\System32\wiaservc.dll
18:57:06.0494 3736 StiSvc - ok
18:57:06.0541 3736 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
18:57:06.0541 3736 storflt - ok
18:57:06.0556 3736 StorSvc (0bf669f0a910beda4a32258d363af2a5) C:\Windows\system32\storsvc.dll
18:57:06.0556 3736 StorSvc - ok
18:57:06.0572 3736 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
18:57:06.0572 3736 storvsc - ok
18:57:06.0587 3736 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
18:57:06.0587 3736 swenum - ok
18:57:06.0603 3736 swprv (a28bd92df340e57b024ba433165d34d7) C:\Windows\System32\swprv.dll
18:57:06.0619 3736 swprv - ok
18:57:06.0665 3736 SysMain (36650d618ca34c9d357dfd3d89b2c56f) C:\Windows\system32\sysmain.dll
18:57:06.0681 3736 SysMain - ok
18:57:06.0697 3736 TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\Windows\System32\TabSvc.dll
18:57:06.0697 3736 TabletInputService - ok
18:57:06.0759 3736 taphss (0c3b2a9c4bd2dd9a6c2e4084314dd719) C:\Windows\system32\DRIVERS\taphss.sys
18:57:06.0759 3736 taphss - ok
18:57:06.0790 3736 TapiSrv (613bf4820361543956909043a265c6ac) C:\Windows\System32\tapisrv.dll
18:57:06.0790 3736 TapiSrv - ok
18:57:06.0837 3736 TBS (b799d9fdb26111737f58288d8dc172d9) C:\Windows\System32\tbssvc.dll
18:57:06.0837 3736 TBS - ok
18:57:06.0884 3736 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
18:57:06.0899 3736 Tcpip - ok
18:57:06.0993 3736 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
18:57:07.0009 3736 TCPIP6 - ok
18:57:07.0055 3736 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
18:57:07.0055 3736 tcpipreg - ok
18:57:07.0087 3736 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
18:57:07.0087 3736 TDPIPE - ok
18:57:07.0087 3736 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
18:57:07.0102 3736 TDTCP - ok
18:57:07.0133 3736 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
18:57:07.0165 3736 tdx - ok
18:57:07.0165 3736 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
18:57:07.0180 3736 TermDD - ok
18:57:07.0227 3736 TermService (382c804c92811be57829d8e550a900e2) C:\Windows\System32\termsrv.dll
18:57:07.0227 3736 TermService - ok
18:57:07.0258 3736 Themes (42fb6afd6b79d9fe07381609172e7ca4) C:\Windows\system32\themeservice.dll
18:57:07.0258 3736 Themes - ok
18:57:07.0274 3736 THREADORDER (146b6f43a673379a3c670e86d89be5ea) C:\Windows\system32\mmcss.dll
18:57:07.0274 3736 THREADORDER - ok
18:57:07.0289 3736 TrkWks (4792c0378db99a9bc2ae2de6cfff0c3a) C:\Windows\System32\trkwks.dll
18:57:07.0289 3736 TrkWks - ok
18:57:07.0321 3736 TrueSight (f69641efdb19acb4753b0155f7fdeed5) c:\windows\system32\drivers\TrueSight.sys
18:57:07.0367 3736 TrueSight - ok
18:57:07.0414 3736 TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\Windows\servicing\TrustedInstaller.exe
18:57:07.0414 3736 TrustedInstaller - ok
18:57:07.0430 3736 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:57:07.0430 3736 tssecsrv - ok
18:57:07.0461 3736 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
18:57:07.0461 3736 TsUsbFlt - ok
18:57:07.0523 3736 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
18:57:07.0523 3736 tunnel - ok
18:57:07.0555 3736 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
18:57:07.0555 3736 uagp35 - ok
18:57:07.0601 3736 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
18:57:07.0601 3736 udfs - ok
18:57:07.0617 3736 UI0Detect (8344fd4fce927880aa1aa7681d4927e5) C:\Windows\system32\UI0Detect.exe
18:57:07.0617 3736 UI0Detect - ok
18:57:07.0664 3736 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
18:57:07.0679 3736 uliagpkx - ok
18:57:07.0679 3736 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
18:57:07.0679 3736 umbus - ok
18:57:07.0695 3736 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
18:57:07.0695 3736 UmPass - ok
18:57:07.0742 3736 UmRdpService (409994a8eaceee4e328749c0353527a0) C:\Windows\System32\umrdp.dll
18:57:07.0757 3736 UmRdpService - ok
18:57:07.0773 3736 upnphost (833fbb672460efce8011d262175fad33) C:\Windows\System32\upnphost.dll
18:57:07.0789 3736 upnphost - ok
18:57:07.0820 3736 usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
18:57:07.0851 3736 usbaudio - ok
18:57:07.0882 3736 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
18:57:07.0913 3736 usbccgp - ok
18:57:07.0929 3736 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
18:57:07.0945 3736 usbcir - ok
18:57:07.0976 3736 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
18:57:07.0976 3736 usbehci - ok
18:57:07.0991 3736 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
18:57:08.0007 3736 usbhub - ok
18:57:08.0007 3736 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\DRIVERS\usbohci.sys
18:57:08.0023 3736 usbohci - ok
18:57:08.0038 3736 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
18:57:08.0038 3736 usbprint - ok
18:57:08.0085 3736 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:57:08.0116 3736 USBSTOR - ok
18:57:08.0147 3736 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\drivers\usbuhci.sys
18:57:08.0147 3736 usbuhci - ok
18:57:08.0194 3736 UxSms (081e6e1c91aec36758902a9f727cd23c) C:\Windows\System32\uxsms.dll
18:57:08.0194 3736 UxSms - ok
18:57:08.0241 3736 VaultSvc (f42309c4191c506b71db5d1126d26318) C:\Windows\system32\lsass.exe
18:57:08.0241 3736 VaultSvc - ok
18:57:08.0288 3736 VCSVADHWSer (b2abab4ca46bad182e27763dc19c780f) C:\Windows\system32\DRIVERS\vcsvad.sys
18:57:08.0303 3736 VCSVADHWSer - ok
18:57:08.0350 3736 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
18:57:08.0350 3736 vdrvroot - ok
18:57:08.0397 3736 vds (c3cd30495687c2a2f66a65ca6fd89be9) C:\Windows\System32\vds.exe
18:57:08.0413 3736 vds - ok
18:57:08.0428 3736 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
18:57:08.0428 3736 vga - ok
18:57:08.0475 3736 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
18:57:08.0475 3736 VgaSave - ok
18:57:08.0491 3736 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
18:57:08.0506 3736 vhdmp - ok
18:57:08.0537 3736 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
18:57:08.0537 3736 viaagp - ok
18:57:08.0553 3736 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
18:57:08.0569 3736 ViaC7 - ok
18:57:08.0600 3736 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
18:57:08.0600 3736 viaide - ok
18:57:08.0615 3736 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
18:57:08.0615 3736 vmbus - ok
18:57:08.0631 3736 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
18:57:08.0631 3736 VMBusHID - ok
18:57:08.0662 3736 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
18:57:08.0662 3736 volmgr - ok
18:57:08.0693 3736 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
18:57:08.0693 3736 volmgrx - ok
18:57:08.0709 3736 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
18:57:08.0709 3736 volsnap - ok
18:57:08.0725 3736 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
18:57:08.0740 3736 vsmraid - ok
18:57:08.0787 3736 VSS (209a3b1901b83aeb8527ed211cce9e4c) C:\Windows\system32\vssvc.exe
18:57:08.0803 3736 VSS - ok
18:57:08.0912 3736 vToolbarUpdater (0b62554d5e1b2dea504155cf6ba51a78) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe
18:57:08.0912 3736 vToolbarUpdater - ok
18:57:09.0005 3736 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
18:57:09.0005 3736 vwifibus - ok
18:57:09.0052 3736 W32Time (55187fd710e27d5095d10a472c8baf1c) C:\Windows\system32\w32time.dll
18:57:09.0052 3736 W32Time - ok
18:57:09.0099 3736 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
18:57:09.0115 3736 WacomPen - ok
18:57:09.0146 3736 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
18:57:09.0146 3736 WANARP - ok
18:57:09.0146 3736 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
18:57:09.0146 3736 Wanarpv6 - ok
18:57:09.0208 3736 WatAdminSvc (353a04c273ec58475d8633e75ccd5604) C:\Windows\system32\Wat\WatAdminSvc.exe
18:57:09.0224 3736 WatAdminSvc - ok
18:57:09.0271 3736 wbengine (691e3285e53dca558e1a84667f13e15a) C:\Windows\system32\wbengine.exe
18:57:09.0286 3736 wbengine - ok
18:57:09.0317 3736 WbioSrvc (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\Windows\System32\wbiosrvc.dll
18:57:09.0317 3736 WbioSrvc - ok
18:57:09.0349 3736 wcncsvc (34eee0dfaadb4f691d6d5308a51315dc) C:\Windows\System32\wcncsvc.dll
18:57:09.0349 3736 wcncsvc - ok
18:57:09.0364 3736 WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\Windows\System32\WcsPlugInService.dll
18:57:09.0380 3736 WcsPlugInService - ok
18:57:09.0380 3736 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
18:57:09.0395 3736 Wd - ok
18:57:09.0411 3736 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
18:57:09.0427 3736 Wdf01000 - ok
18:57:09.0442 3736 WdiServiceHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
18:57:09.0442 3736 WdiServiceHost - ok
18:57:09.0442 3736 WdiSystemHost (46ef9dc96265fd0b423db72e7c38c2a5) C:\Windows\system32\wdi.dll
18:57:09.0442 3736 WdiSystemHost - ok
18:57:09.0473 3736 WebClient (a9d880f97530d5b8fee278923349929d) C:\Windows\System32\webclnt.dll
18:57:09.0489 3736 WebClient - ok
18:57:09.0505 3736 Wecsvc (760f0afe937a77cff27153206534f275) C:\Windows\system32\wecsvc.dll
18:57:09.0505 3736 Wecsvc - ok
18:57:09.0520 3736 wercplsupport (ac804569bb2364fb6017370258a4091b) C:\Windows\System32\wercplsupport.dll
18:57:09.0520 3736 wercplsupport - ok
18:57:09.0536 3736 WerSvc (08e420d873e4fd85241ee2421b02c4a4) C:\Windows\System32\WerSvc.dll
18:57:09.0536 3736 WerSvc - ok
18:57:09.0551 3736 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
18:57:09.0551 3736 WfpLwf - ok
18:57:09.0551 3736 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
18:57:09.0551 3736 WIMMount - ok
18:57:09.0645 3736 WinDefend (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll
18:57:09.0661 3736 WinDefend - ok
18:57:09.0692 3736 WinHttpAutoProxySvc - ok
18:57:09.0723 3736 Winmgmt (f62e510b6ad4c21eb9fe8668ed251826) C:\Windows\system32\wbem\WMIsvc.dll
18:57:09.0754 3736 Winmgmt - ok
18:57:09.0801 3736 WinRM (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\Windows\system32\WsmSvc.dll
18:57:09.0817 3736 WinRM - ok
18:57:09.0879 3736 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
18:57:09.0895 3736 WinUsb - ok
18:57:09.0973 3736 Wlansvc (16935c98ff639d185086a3529b1f2067) C:\Windows\System32\wlansvc.dll
18:57:09.0988 3736 Wlansvc - ok
18:57:10.0004 3736 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
18:57:10.0004 3736 WmiAcpi - ok
18:57:10.0066 3736 wmiApSrv (6eb6b66517b048d87dc1856ddf1f4c3f) C:\Windows\system32\wbem\WmiApSrv.exe
18:57:10.0097 3736 wmiApSrv - ok
18:57:10.0191 3736 WMPNetworkSvc (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe
18:57:10.0191 3736 WMPNetworkSvc - ok
18:57:10.0285 3736 WPCSvc (a2f0ec770a92f2b3f9de6d518e11409c) C:\Windows\System32\wpcsvc.dll
18:57:10.0285 3736 WPCSvc - ok
18:57:10.0316 3736 WPDBusEnum (aa53356d60af47eacc85bc617a4f3f66) C:\Windows\system32\wpdbusenum.dll
18:57:10.0316 3736 WPDBusEnum - ok
18:57:10.0347 3736 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
18:57:10.0347 3736 ws2ifsl - ok
18:57:10.0378 3736 wscsvc (6f5d49efe0e7164e03ae773a3fe25340) C:\Windows\system32\wscsvc.dll
18:57:10.0378 3736 wscsvc - ok
18:57:10.0378 3736 WSearch - ok
18:57:10.0456 3736 wuauserv (3026418a50c5b4761befa632cedb7406) C:\Windows\system32\wuaueng.dll
18:57:10.0487 3736 wuauserv - ok
18:57:10.0534 3736 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
18:57:10.0534 3736 WudfPf - ok
18:57:10.0550 3736 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:57:10.0550 3736 WUDFRd - ok
18:57:10.0581 3736 wudfsvc (8d1e1e529a2c9e9b6a85b55a345f7629) C:\Windows\System32\WUDFSvc.dll
18:57:10.0581 3736 wudfsvc - ok
18:57:10.0612 3736 WwanSvc (ff2d745b560f7c71b31f30f4d49f73d2) C:\Windows\System32\wwansvc.dll
18:57:10.0628 3736 WwanSvc - ok
18:57:10.0659 3736 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
18:57:10.0924 3736 \Device\Harddisk0\DR0 - ok
18:57:10.0924 3736 Boot (0x1200) (9f824d43bfb2d46afdf4652978424c2f) \Device\Harddisk0\DR0\Partition0
18:57:10.0924 3736 \Device\Harddisk0\DR0\Partition0 - ok
18:57:10.0940 3736 Boot (0x1200) (e376e517f863185dcb48040bcf26985c) \Device\Harddisk0\DR0\Partition1
18:57:10.0940 3736 \Device\Harddisk0\DR0\Partition1 - ok
18:57:10.0940 3736 ============================================================
18:57:10.0940 3736 Scan finished
18:57:10.0940 3736 ============================================================
18:57:10.0955 3752 Detected object count: 1
18:57:10.0955 3752 Actual detected object count: 1

[xwarrr]

ComboFix 12-07-25.04 - Peta 24.07.2012 19:08:29.5.4 - x86
Microsoft Windows 7 Professional 6.1.7601.0.1250.420.1029.18.3326.2349 [GMT 2:00]
Spuštěný z: c:\users\Peta\Desktop\ComboFix.exe
AV: AVG Internet Security 2012 *Disabled/Outdated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}
SP: AVG Internet Security 2012 *Disabled/Outdated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Peta\EULA.txt
c:\users\Peta\Volumeid.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Mp3Tube Toolbar Service
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-24 do 2012-07-24 )))))))))))))))))))))))))))))))
.
.
2012-07-24 17:15 . 2012-07-24 17:16 -------- d-----w- c:\users\Peta\AppData\Local\temp
2012-07-24 17:15 . 2012-07-24 17:15 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-07-24 16:56 . 2012-07-24 16:56 98992 ----a-w- c:\windows\system32\drivers\57926258.sys
2012-07-24 11:11 . 2012-07-24 11:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-07-24 11:11 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-24 10:51 . 2012-07-24 10:51 -------- d-----w- c:\users\Peta\AppData\Roaming\AVG Secure Search
2012-07-23 08:30 . 2012-07-23 08:49 -------- d-----w- c:\program files\cata
2012-07-22 18:10 . 2012-07-22 18:10 388096 ----a-r- c:\users\Peta\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-07-22 17:35 . 2012-02-09 12:17 713784 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C9B542AC-ADBE-4BE8-BC1D-5E79D3C5CC4C}\gapaengine.dll
2012-07-22 17:34 . 2012-07-16 00:41 6891424 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FD6E0258-B48A-4596-965E-05C5ADB27187}\mpengine.dll
2012-07-22 17:19 . 2012-07-22 17:19 -------- d-----w- c:\program files\Microsoft Security Client
2012-07-21 23:25 . 2012-07-21 23:25 -------- d-----r- C:\cata2
2012-07-20 10:41 . 2012-07-22 13:40 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2012-07-20 00:19 . 2012-07-22 13:40 -------- d-----w- c:\program files\wow cata
2012-07-20 00:09 . 2012-07-20 00:09 -------- d-----w- c:\programdata\Blizzard
2012-07-20 00:02 . 2012-07-22 19:05 -------- d-----w- c:\programdata\Blizzard Entertainment
2012-07-18 23:36 . 2012-07-22 13:40 -------- d-----w- C:\Fraps
2012-07-16 10:42 . 2012-07-17 09:45 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{89356AF6-BEA0-4EAA-A852-07B66B109CA6}\offreg.dll
2012-07-15 01:09 . 2012-05-31 03:41 6762896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{89356AF6-BEA0-4EAA-A852-07B66B109CA6}\mpengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-26 20:13 . 2012-03-30 16:21 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-26 20:13 . 2012-03-30 16:21 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-21 18:19 . 2012-05-21 18:19 45056 ----a-r- c:\users\Peta\AppData\Roaming\Microsoft\Installer\{6815FCDD-401D-481E-BA88-31B4754C2B46}\ARPPRODUCTICON.exe
2012-04-28 07:52 . 2011-04-19 13:25 271200 ----a-w- c:\windows\system32\PnkBstrB.xtr
2012-06-17 08:30 . 2011-08-15 20:48 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2011-12-18 17:47 1574240 ----a-w- c:\program files\AVG Secure Search\9.0.0.21\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E887F06F-565D-42e5-AA80-63EB0D465202}]
2011-06-29 13:34 266240 ----a-w- c:\programdata\Plugin\Plugin.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\9.0.0.21\AVG Secure Search_toolbar.dll" [2011-12-18 1574240]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"UACDisableNotify"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG_TRAY]
2011-12-03 00:22 2415456 ----a-w- c:\program files\AVG\AVG2012\avgtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCU]
2009-10-15 13:06 375000 ----a-w- c:\program files\DeviceVM\Browser Configuration Utility\BCU.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Clownfish]
2012-01-13 12:24 1033728 ----a-w- c:\program files\Clownfish\Clownfish.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2011-08-01 08:28 124480 ----a-w- c:\program files\ICQ7.5\ICQ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt]
2011-12-18 17:47 892768 ----a-w- c:\program files\AVG Secure Search\vprot.exe
.
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [x]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 GVTDrv;GVTDrv;c:\windows\system32\Drivers\GVTDrv.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x]
R3 TrueSight;TrueSight;c:\windows\system32\drivers\TrueSight.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R4 avgfws;AVG Firewall;c:\program files\AVG\AVG2012\avgfws.exe [x]
R4 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [x]
R4 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [x]
R4 BCUService;Browser Configuration Utility Service;c:\program files\DeviceVM\Browser Configuration Utility\BCUService.exe [x]
R4 hshld;Hotspot Shield Service;c:\program files\Hotspot Shield\bin\openvpnas.exe [x]
R4 HssWd;Hotspot Shield Monitoring Service;c:\program files\Hotspot Shield\bin\hsswd.exe [x]
R4 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [x]
R4 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
R4 vToolbarUpdater;vToolbarUpdater;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe [x]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6x.sys [x]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [x]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [x]
S1 MpKsl0d74861a;MpKsl0d74861a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FD6E0258-B48A-4596-965E-05C5ADB27187}\MpKsl0d74861a.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\DRIVERS\vcsvad.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-07-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 20:13]
.
2012-07-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-22 19:09]
.
2012-07-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-22 19:09]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.2.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\9.0.1\ViProtocol.dll
FF - ProfilePath - c:\users\Peta\AppData\Roaming\Mozilla\Firefox\Profiles\9jr87nvu.default\
FF - prefs.js: browser.search.selectedEngine - Searchrise
FF - prefs.js: browser.startup.homepage - hxxp://searchrise.com?hl=cs&fh=
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss ... D=17981&q=
FF - user.js: extensions.BabylonToolbar_i.id - 364505fa0000000000006cf049d66c96
FF - user.js: extensions.BabylonToolbar_i.hardId - 364505fa0000000000006cf049d66c96
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15379
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1720:02
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=101241
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{F0381DBD-E018-4E07-AE40-D96AB15083F0} - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
MSConfigStartUp-AVP - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
MSConfigStartUp-Browser companion helper - c:\program files\BrowserCompanion\BCHelper.exe
MSConfigStartUp-SDTray - c:\program files\Spybot - Search & Destroy 2\SDTray.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\conhost.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2012-07-24 19:19:35 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-07-24 17:19
.
Před spuštěním: Volných bajtů: 585 383 632 896
Po spuštění: Volných bajtů: 585 033 682 944
.
- - End Of File - - E0B0E1E1670A8F07A769465979AFF994

[jaro3]

AV: AVG Internet Security 2012 *Disabled/Outdated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}
SP: AVG Internet Security 2012 *Disabled/Outdated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}

Odinstaluj AVG nebo MSE a pak znovu sken Combofixem...

[xwarrr]

ComboFix 12-07-25.04 - Peta 24.07.2012 21:16:52.6.4 - x86
Microsoft Windows 7 Professional 6.1.7601.0.1250.420.1029.18.3326.2312 [GMT 2:00]
Spuštěný z: c:\users\Peta\Desktop\ComboFix.exe
AV: AVG Internet Security 2012 *Disabled/Outdated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B}
SP: AVG Internet Security 2012 *Disabled/Outdated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-06-24 do 2012-07-24 )))))))))))))))))))))))))))))))
.
.
2012-07-24 19:24 . 2012-07-24 19:24 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-07-24 19:24 . 2012-07-24 19:24 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-24 17:15 . 2012-07-24 19:24 -------- d-----w- c:\users\Peta\AppData\Local\temp
2012-07-24 16:56 . 2012-07-24 16:56 98992 ----a-w- c:\windows\system32\drivers\57926258.sys
2012-07-24 11:11 . 2012-07-24 11:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-07-24 11:11 . 2012-07-03 11:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-24 10:51 . 2012-07-24 10:51 -------- d-----w- c:\users\Peta\AppData\Roaming\AVG Secure Search
2012-07-23 08:30 . 2012-07-23 08:49 -------- d-----w- c:\program files\cata
2012-07-22 18:10 . 2012-07-22 18:10 388096 ----a-r- c:\users\Peta\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-07-21 23:25 . 2012-07-21 23:25 -------- d-----r- C:\cata2
2012-07-20 10:41 . 2012-07-22 13:40 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2012-07-20 00:19 . 2012-07-22 13:40 -------- d-----w- c:\program files\wow cata
2012-07-20 00:09 . 2012-07-20 00:09 -------- d-----w- c:\programdata\Blizzard
2012-07-20 00:02 . 2012-07-22 19:05 -------- d-----w- c:\programdata\Blizzard Entertainment
2012-07-18 23:36 . 2012-07-22 13:40 -------- d-----w- C:\Fraps
2012-07-16 10:42 . 2012-07-17 09:45 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{89356AF6-BEA0-4EAA-A852-07B66B109CA6}\offreg.dll
2012-07-15 01:09 . 2012-05-31 03:41 6762896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{89356AF6-BEA0-4EAA-A852-07B66B109CA6}\mpengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-26 20:13 . 2012-03-30 16:21 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-26 20:13 . 2012-03-30 16:21 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-21 18:19 . 2012-05-21 18:19 45056 ----a-r- c:\users\Peta\AppData\Roaming\Microsoft\Installer\{6815FCDD-401D-481E-BA88-31B4754C2B46}\ARPPRODUCTICON.exe
2012-04-28 07:52 . 2011-04-19 13:25 271200 ----a-w- c:\windows\system32\PnkBstrB.xtr
2012-06-17 08:30 . 2011-08-15 20:48 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E887F06F-565D-42e5-AA80-63EB0D465202}]
2011-06-29 13:34 266240 ----a-w- c:\programdata\Plugin\Plugin.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"UACDisableNotify"= 0 (0x0)
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
backup=c:\windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG_TRAY]
2011-12-03 00:22 2415456 ----a-w- c:\program files\AVG\AVG2012\avgtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCU]
2009-10-15 13:06 375000 ----a-w- c:\program files\DeviceVM\Browser Configuration Utility\BCU.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Clownfish]
2012-01-13 12:24 1033728 ----a-w- c:\program files\Clownfish\Clownfish.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
2011-08-01 08:28 124480 ----a-w- c:\program files\ICQ7.5\ICQ.exe
.
R2 gupdate;Služba Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [x]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\AVGIDSShim.Sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 GVTDrv;GVTDrv;c:\windows\system32\Drivers\GVTDrv.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [x]
R3 TrueSight;TrueSight;c:\windows\system32\drivers\TrueSight.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R4 avgfws;AVG Firewall;c:\program files\AVG\AVG2012\avgfws.exe [x]
R4 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\AVGIDSAgent.exe [x]
R4 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [x]
R4 BCUService;Browser Configuration Utility Service;c:\program files\DeviceVM\Browser Configuration Utility\BCUService.exe [x]
R4 hshld;Hotspot Shield Service;c:\program files\Hotspot Shield\bin\openvpnas.exe [x]
R4 HssWd;Hotspot Shield Monitoring Service;c:\program files\Hotspot Shield\bin\hsswd.exe [x]
R4 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
R4 vToolbarUpdater;vToolbarUpdater;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe [x]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [x]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6x.sys [x]
S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [x]
S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [x]
S1 MpKsl0d74861a;MpKsl0d74861a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{FD6E0258-B48A-4596-965E-05C5ADB27187}\MpKsl0d74861a.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [x]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);c:\windows\system32\DRIVERS\vcsvad.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-07-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 20:13]
.
2012-07-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-22 19:09]
.
2012-07-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-04-22 19:09]
.
.
------- Doplňkový sken -------
.
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.2.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\9.0.1\ViProtocol.dll
FF - ProfilePath - c:\users\Peta\AppData\Roaming\Mozilla\Firefox\Profiles\9jr87nvu.default\
FF - prefs.js: browser.search.selectedEngine - Searchrise
FF - prefs.js: browser.startup.homepage - hxxp://searchrise.com?hl=cs&fh=
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss ... D=17981&q=
FF - user.js: extensions.BabylonToolbar_i.id - 364505fa0000000000006cf049d66c96
FF - user.js: extensions.BabylonToolbar_i.hardId - 364505fa0000000000006cf049d66c96
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15379
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1720:02
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=101241
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\AVG Secure Search\9.0.0.21\AVG Secure Search_toolbar.dll
Toolbar-{95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\AVG Secure Search\9.0.0.21\AVG Secure Search_toolbar.dll
MSConfigStartUp-vProt - c:\program files\AVG Secure Search\vprot.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet004\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-07-24 21:25:49
ComboFix-quarantined-files.txt 2012-07-24 19:25
ComboFix2.txt 2012-07-24 17:19
.
Před spuštěním: Volných bajtů: 582 274 850 816
Po spuštění: Volných bajtů: 582 204 334 080
.
- - End Of File - - CDBFF1494BE7132473709183BC42485D

[jaro3]

Odinstaluj:
McAfee Security Scan—jestli půjde

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

KillAll::
File::
c:\windows\system32\drivers\57926258.sys
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
c:\windows\pss\McAfee Security Scan Plus.lnk
c:\program files\Google\Update\GoogleUpdate.exe
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\program files\Google\Update

Driver::
gupdate
gupdatem

Registry::
[-HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]

Firefox::
FF - ProfilePath - c:\users\Peta\AppData\Roaming\Mozilla\Firefox\Profiles\9jr87nvu.default\
FF - prefs.js: browser.search.selectedEngine - Searchrise
FF - prefs.js: browser.startup.homepage - hxxp://searchrise.com?hl=cs&fh=
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss ... D=17981&q=
FF - user.js: extensions.BabylonToolbar_i.id - 364505fa0000000000006cf049d66c96
FF - user.js: extensions.BabylonToolbar_i.hardId - 364505fa0000000000006cf049d66c96
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15379
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1720:02
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=101241
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst

RegLock::
[HKEY_LOCAL_MACHINE\system\ControlSet004\Control\PCW\Security]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.