Preventivní kontrola + problém s prohlížečem

[ChrisX]

Zdravím,
už delší dobu jsem nedělal HJT, tak si myslím, že preventivně to neuškodí. Také mám ale menší problém s úvodní stránkou u prohlížečů, ohledně které jsem se ptal už zde - viewtopic.php?f=3&t=95224




Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:41:00, on 24.10.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal

Running processes:
C:\ProgramData\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.101\deploy\LoLLauncher.exe
C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.0.217\deploy\LolClient.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
C:\Users\sXe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\sXe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\sXe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\sXe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\sXe\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files (x86)\Real\RealPlayer\RealPlay.exe
C:\Windows\SysWOW64\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?affID=110819 ... 6076394bd9
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~3\browse~1\23762~1.17\{16cdf~1\browse~1.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
O23 - Service: Browser Manager - Unknown owner - C:\ProgramData\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9546 bytes

[Reklama]

[Žbeky]

Fixni O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.

[ChrisX]

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Verze databáze: v2012.10.26.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
sXe :: SXE-PC [administrátor]

26.10.2012 12:40:04
mbam-log-2012-10-26 (12-40-04).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 198339
Uplynulý čas: 5 minut, 45 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

[Orcus]

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

====================================================

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.

Pokud budou problémy , spusť v nouz. režimu.

[ChrisX]

12:02:39.0803 4956 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
12:02:40.0314 4956 ============================================================
12:02:40.0314 4956 Current date / time: 2012/10/27 12:02:40.0314
12:02:40.0314 4956 SystemInfo:
12:02:40.0314 4956
12:02:40.0315 4956 OS Version: 6.1.7601 ServicePack: 1.0
12:02:40.0315 4956 Product type: Workstation
12:02:40.0315 4956 ComputerName: SXE-PC
12:02:40.0315 4956 UserName: sXe
12:02:40.0315 4956 Windows directory: C:\Windows
12:02:40.0315 4956 System windows directory: C:\Windows
12:02:40.0315 4956 Running under WOW64
12:02:40.0315 4956 Processor architecture: Intel x64
12:02:40.0315 4956 Number of processors: 1
12:02:40.0315 4956 Page size: 0x1000
12:02:40.0315 4956 Boot type: Normal boot
12:02:40.0315 4956 ============================================================
12:02:41.0428 4956 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:02:41.0434 4956 ============================================================
12:02:41.0434 4956 \Device\Harddisk0\DR0:
12:02:41.0434 4956 MBR partitions:
12:02:41.0434 4956 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1402800, BlocksNum 0x1BDC2800
12:02:41.0434 4956 ============================================================
12:02:41.0482 4956 C: <-> \Device\Harddisk0\DR0\Partition1
12:02:41.0483 4956 ============================================================
12:02:41.0483 4956 Initialize success
12:02:41.0483 4956 ============================================================
12:02:56.0682 2024 ============================================================
12:02:56.0682 2024 Scan started
12:02:56.0682 2024 Mode: Manual;
12:02:56.0682 2024 ============================================================
12:02:57.0723 2024 ================ Scan system memory ========================
12:02:57.0723 2024 System memory - ok
12:02:57.0724 2024 ================ Scan services =============================
12:02:57.0953 2024 1394hub - ok
12:02:58.0038 2024 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:02:58.0086 2024 1394ohci - ok
12:02:58.0152 2024 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:02:58.0159 2024 ACPI - ok
12:02:58.0207 2024 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:02:58.0232 2024 AcpiPmi - ok
12:02:58.0442 2024 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:02:58.0450 2024 AdobeFlashPlayerUpdateSvc - ok
12:02:58.0548 2024 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
12:02:58.0605 2024 adp94xx - ok
12:02:58.0644 2024 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
12:02:58.0695 2024 adpahci - ok
12:02:58.0729 2024 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
12:02:58.0737 2024 adpu320 - ok
12:02:58.0802 2024 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:02:58.0804 2024 AeLookupSvc - ok
12:02:58.0878 2024 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
12:02:58.0886 2024 AFD - ok
12:02:58.0949 2024 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:02:58.0985 2024 agp440 - ok
12:02:59.0044 2024 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
12:02:59.0049 2024 ALG - ok
12:02:59.0087 2024 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
12:02:59.0113 2024 aliide - ok
12:02:59.0236 2024 [ E20DDDFBD0DBE7D8EAD4D7A51D654367 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:02:59.0245 2024 AMD External Events Utility - ok
12:02:59.0345 2024 AMD FUEL Service - ok
12:02:59.0388 2024 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
12:02:59.0411 2024 amdide - ok
12:02:59.0463 2024 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
12:02:59.0466 2024 amdiox64 - ok
12:02:59.0520 2024 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:02:59.0522 2024 AmdK8 - ok
12:03:00.0278 2024 [ 4284FB1240537A33E6EC417EFD87D40F ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
12:03:00.0932 2024 amdkmdag - ok
12:03:00.0986 2024 [ 6C25C497E05EFD0CB6033A0444FC9B51 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
12:03:00.0993 2024 amdkmdap - ok
12:03:01.0030 2024 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:03:01.0055 2024 AmdPPM - ok
12:03:01.0111 2024 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:03:01.0165 2024 amdsata - ok
12:03:01.0203 2024 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
12:03:01.0234 2024 amdsbs - ok
12:03:01.0266 2024 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:03:01.0268 2024 amdxata - ok
12:03:01.0306 2024 [ EE4797DFEBBE8ACDB548DD8E80BE0A88 ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys
12:03:01.0308 2024 amd_sata - ok
12:03:01.0353 2024 [ D56EAD71A86FD2ACAE2DB47D0A6A3A41 ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys
12:03:01.0358 2024 amd_xata - ok
12:03:01.0434 2024 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
12:03:01.0463 2024 AppID - ok
12:03:01.0493 2024 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:03:01.0498 2024 AppIDSvc - ok
12:03:01.0560 2024 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
12:03:01.0564 2024 Appinfo - ok
12:03:01.0648 2024 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
12:03:01.0674 2024 arc - ok
12:03:01.0689 2024 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
12:03:01.0695 2024 arcsas - ok
12:03:01.0884 2024 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:03:01.0935 2024 aspnet_state - ok
12:03:01.0977 2024 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:03:02.0006 2024 AsyncMac - ok
12:03:02.0050 2024 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
12:03:02.0052 2024 atapi - ok
12:03:02.0189 2024 [ 2093F84EC032B2F59FF005D83F841144 ] athr C:\Windows\system32\DRIVERS\athrx.sys
12:03:02.0318 2024 athr - ok
12:03:02.0404 2024 [ CBD14F698DEF12EE3557604B726CB8EB ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
12:03:02.0408 2024 AtiHDAudioService - ok
12:03:03.0075 2024 [ 4284FB1240537A33E6EC417EFD87D40F ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
12:03:03.0180 2024 atikmdag - ok
12:03:03.0253 2024 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:03:03.0285 2024 AudioEndpointBuilder - ok
12:03:03.0307 2024 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:03:03.0314 2024 AudioSrv - ok
12:03:03.0436 2024 [ 7692F4B242E45870873CAF4CB85CF769 ] AxAutoMntSrv C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
12:03:03.0442 2024 AxAutoMntSrv - ok
12:03:03.0531 2024 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:03:03.0536 2024 AxInstSV - ok
12:03:03.0583 2024 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
12:03:03.0596 2024 b06bdrv - ok
12:03:03.0645 2024 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:03:03.0675 2024 b57nd60a - ok
12:03:03.0717 2024 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
12:03:03.0723 2024 BDESVC - ok
12:03:03.0758 2024 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
12:03:03.0761 2024 Beep - ok
12:03:03.0842 2024 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
12:03:03.0866 2024 BFE - ok
12:03:03.0928 2024 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
12:03:03.0963 2024 BITS - ok
12:03:04.0007 2024 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:03:04.0032 2024 blbdrive - ok
12:03:04.0079 2024 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:03:04.0084 2024 bowser - ok
12:03:04.0139 2024 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:03:04.0147 2024 BrFiltLo - ok
12:03:04.0185 2024 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:03:04.0189 2024 BrFiltUp - ok
12:03:04.0272 2024 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
12:03:04.0300 2024 BridgeMP - ok
12:03:04.0339 2024 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
12:03:04.0343 2024 Browser - ok
12:03:04.0540 2024 [ 0E39DB25920F7952C72A524565CCBAA6 ] Browser Manager C:\ProgramData\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
12:03:04.0621 2024 Browser Manager - ok
12:03:04.0653 2024 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:03:04.0683 2024 Brserid - ok
12:03:04.0709 2024 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:03:04.0735 2024 BrSerWdm - ok
12:03:04.0773 2024 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:03:04.0798 2024 BrUsbMdm - ok
12:03:04.0823 2024 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:03:04.0827 2024 BrUsbSer - ok
12:03:04.0857 2024 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:03:04.0882 2024 BTHMODEM - ok
12:03:04.0957 2024 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
12:03:04.0962 2024 bthserv - ok
12:03:05.0008 2024 catchme - ok
12:03:05.0035 2024 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:03:05.0042 2024 cdfs - ok
12:03:05.0094 2024 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:03:05.0100 2024 cdrom - ok
12:03:05.0165 2024 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
12:03:05.0174 2024 CertPropSvc - ok
12:03:05.0266 2024 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:03:05.0275 2024 circlass - ok
12:03:05.0327 2024 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
12:03:05.0334 2024 CLFS - ok
12:03:05.0430 2024 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:03:05.0436 2024 clr_optimization_v2.0.50727_32 - ok
12:03:05.0494 2024 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:03:05.0498 2024 clr_optimization_v2.0.50727_64 - ok
12:03:05.0621 2024 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:03:05.0722 2024 clr_optimization_v4.0.30319_32 - ok
12:03:05.0781 2024 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:03:05.0834 2024 clr_optimization_v4.0.30319_64 - ok
12:03:05.0895 2024 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:03:05.0919 2024 CmBatt - ok
12:03:05.0946 2024 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:03:05.0970 2024 cmdide - ok
12:03:06.0029 2024 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
12:03:06.0038 2024 CNG - ok
12:03:06.0058 2024 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:03:06.0063 2024 Compbatt - ok
12:03:06.0114 2024 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:03:06.0118 2024 CompositeBus - ok
12:03:06.0137 2024 COMSysApp - ok
12:03:06.0175 2024 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
12:03:06.0181 2024 crcdisk - ok
12:03:06.0236 2024 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:03:06.0241 2024 CryptSvc - ok
12:03:06.0310 2024 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:03:06.0321 2024 DcomLaunch - ok
12:03:06.0369 2024 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
12:03:06.0377 2024 defragsvc - ok
12:03:06.0429 2024 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:03:06.0433 2024 DfsC - ok
12:03:06.0505 2024 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
12:03:06.0519 2024 Dhcp - ok
12:03:06.0558 2024 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
12:03:06.0559 2024 discache - ok
12:03:06.0619 2024 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
12:03:06.0622 2024 Disk - ok
12:03:06.0672 2024 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:03:06.0679 2024 Dnscache - ok
12:03:06.0723 2024 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
12:03:06.0732 2024 dot3svc - ok
12:03:06.0789 2024 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
12:03:06.0801 2024 DPS - ok
12:03:06.0873 2024 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:03:06.0876 2024 drmkaud - ok
12:03:06.0931 2024 dump_wmimmc - ok
12:03:06.0995 2024 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:03:07.0030 2024 DXGKrnl - ok
12:03:07.0114 2024 EagleX64 - ok
12:03:07.0187 2024 [ D00EAE9C735A7DEE8049E50D73D25434 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
12:03:07.0192 2024 eamonm - ok
12:03:07.0236 2024 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
12:03:07.0244 2024 EapHost - ok
12:03:07.0370 2024 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
12:03:07.0512 2024 ebdrv - ok
12:03:07.0563 2024 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
12:03:07.0567 2024 EFS - ok
12:03:07.0662 2024 [ E5EDDE3C8158DD0CBC5812F201DCDED0 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
12:03:07.0690 2024 ehdrv - ok
12:03:07.0776 2024 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:03:07.0812 2024 ehRecvr - ok
12:03:07.0869 2024 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
12:03:07.0873 2024 ehSched - ok
12:03:08.0001 2024 [ AD4FAADE819E0DA9933BEA7C01D2C763 ] ekrn C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
12:03:08.0011 2024 ekrn - ok
12:03:08.0062 2024 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
12:03:08.0075 2024 elxstor - ok
12:03:08.0150 2024 [ 587F0F4145A1536A6E37EFD769B7665F ] epfw C:\Windows\system32\DRIVERS\epfw.sys
12:03:08.0163 2024 epfw - ok
12:03:08.0223 2024 [ D2F812358EE8EE23CBB5C4DAFFB5B819 ] EpfwLWF C:\Windows\system32\DRIVERS\EpfwLWF.sys
12:03:08.0287 2024 EpfwLWF - ok
12:03:08.0349 2024 [ 34BF55D69AB74D14C7E7A17259CB7DF8 ] epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys
12:03:08.0353 2024 epfwwfp - ok
12:03:08.0376 2024 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:03:08.0400 2024 ErrDev - ok
12:03:08.0481 2024 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
12:03:08.0490 2024 EventSystem - ok
12:03:08.0515 2024 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
12:03:08.0564 2024 exfat - ok
12:03:08.0606 2024 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:03:08.0652 2024 fastfat - ok
12:03:08.0725 2024 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
12:03:08.0748 2024 Fax - ok
12:03:08.0769 2024 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:03:08.0815 2024 fdc - ok
12:03:08.0840 2024 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
12:03:08.0843 2024 fdPHost - ok
12:03:08.0863 2024 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
12:03:08.0868 2024 FDResPub - ok
12:03:08.0890 2024 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:03:08.0893 2024 FileInfo - ok
12:03:08.0915 2024 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:03:08.0954 2024 Filetrace - ok
12:03:08.0986 2024 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:03:08.0991 2024 flpydisk - ok
12:03:09.0068 2024 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:03:09.0079 2024 FltMgr - ok
12:03:09.0167 2024 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
12:03:09.0228 2024 FontCache - ok
12:03:09.0308 2024 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:03:09.0309 2024 FontCache3.0.0.0 - ok
12:03:09.0337 2024 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:03:09.0364 2024 FsDepends - ok
12:03:09.0404 2024 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:03:09.0428 2024 Fs_Rec - ok
12:03:09.0489 2024 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:03:09.0496 2024 fvevol - ok
12:03:09.0544 2024 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:03:09.0623 2024 gagp30kx - ok
12:03:09.0682 2024 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
12:03:09.0706 2024 gpsvc - ok
12:03:09.0789 2024 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
12:03:09.0836 2024 hamachi - ok
12:03:09.0999 2024 [ F10C3F2E002100BF8B797DCF283FEA7D ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
12:03:10.0021 2024 Hamachi2Svc - ok
12:03:10.0047 2024 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:03:10.0051 2024 hcw85cir - ok
12:03:10.0114 2024 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:03:10.0129 2024 HdAudAddService - ok
12:03:10.0205 2024 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:03:10.0212 2024 HDAudBus - ok
12:03:10.0247 2024 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:03:10.0294 2024 HidBatt - ok
12:03:10.0341 2024 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:03:10.0367 2024 HidBth - ok
12:03:10.0390 2024 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:03:10.0436 2024 HidIr - ok
12:03:10.0488 2024 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
12:03:10.0492 2024 hidserv - ok
12:03:10.0542 2024 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:03:10.0544 2024 HidUsb - ok
12:03:10.0594 2024 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:03:10.0607 2024 hkmsvc - ok
12:03:10.0687 2024 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:03:10.0698 2024 HomeGroupListener - ok
12:03:10.0762 2024 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:03:10.0769 2024 HomeGroupProvider - ok
12:03:10.0820 2024 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:03:10.0826 2024 HpSAMD - ok
12:03:10.0885 2024 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:03:10.0909 2024 HTTP - ok
12:03:10.0953 2024 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:03:10.0955 2024 hwpolicy - ok
12:03:10.0983 2024 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
12:03:11.0012 2024 i8042prt - ok
12:03:11.0044 2024 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:03:11.0084 2024 iaStorV - ok
12:03:11.0167 2024 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:03:11.0214 2024 idsvc - ok
12:03:11.0261 2024 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:03:11.0266 2024 iirsp - ok
12:03:11.0337 2024 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
12:03:11.0372 2024 IKEEXT - ok
12:03:11.0585 2024 [ E0B2C982CA743CE8B3CBD7DD50AB82B0 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:03:11.0705 2024 IntcAzAudAddService - ok
12:03:11.0757 2024 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
12:03:11.0762 2024 intelide - ok
12:03:11.0809 2024 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:03:11.0836 2024 intelppm - ok
12:03:11.0892 2024 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:03:11.0898 2024 IPBusEnum - ok
12:03:11.0946 2024 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:03:11.0957 2024 IpFilterDriver - ok
12:03:12.0038 2024 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:03:12.0055 2024 iphlpsvc - ok
12:03:12.0106 2024 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:03:12.0111 2024 IPMIDRV - ok
12:03:12.0143 2024 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:03:12.0178 2024 IPNAT - ok
12:03:12.0224 2024 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:03:12.0229 2024 IRENUM - ok
12:03:12.0262 2024 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:03:12.0286 2024 isapnp - ok
12:03:12.0322 2024 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:03:12.0353 2024 iScsiPrt - ok
12:03:12.0388 2024 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
12:03:12.0394 2024 kbdclass - ok
12:03:12.0429 2024 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
12:03:12.0433 2024 kbdhid - ok
12:03:12.0466 2024 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
12:03:12.0469 2024 KeyIso - ok
12:03:12.0516 2024 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:03:12.0520 2024 KSecDD - ok
12:03:12.0565 2024 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:03:12.0570 2024 KSecPkg - ok
12:03:12.0610 2024 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:03:12.0634 2024 ksthunk - ok
12:03:12.0681 2024 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
12:03:12.0694 2024 KtmRm - ok
12:03:12.0743 2024 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
12:03:12.0753 2024 LanmanServer - ok
12:03:12.0806 2024 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:03:12.0814 2024 LanmanWorkstation - ok
12:03:12.0876 2024 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:03:12.0903 2024 lltdio - ok
12:03:12.0952 2024 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:03:12.0963 2024 lltdsvc - ok
12:03:12.0999 2024 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:03:13.0004 2024 lmhosts - ok
12:03:13.0062 2024 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
12:03:13.0089 2024 LSI_FC - ok
12:03:13.0117 2024 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
12:03:13.0143 2024 LSI_SAS - ok
12:03:13.0165 2024 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:03:13.0192 2024 LSI_SAS2 - ok
12:03:13.0220 2024 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:03:13.0247 2024 LSI_SCSI - ok
12:03:13.0285 2024 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
12:03:13.0289 2024 luafv - ok
12:03:13.0355 2024 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
12:03:13.0358 2024 MBAMProtector - ok
12:03:13.0439 2024 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
12:03:13.0451 2024 MBAMScheduler - ok
12:03:13.0535 2024 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
12:03:13.0575 2024 MBAMService - ok
12:03:13.0616 2024 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:03:13.0622 2024 Mcx2Svc - ok
12:03:13.0669 2024 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
12:03:13.0713 2024 megasas - ok
12:03:13.0758 2024 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
12:03:13.0793 2024 MegaSR - ok
12:03:13.0890 2024 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
12:03:13.0897 2024 Microsoft Office Groove Audit Service - ok
12:03:13.0961 2024 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
12:03:13.0966 2024 MMCSS - ok
12:03:13.0997 2024 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
12:03:14.0002 2024 Modem - ok
12:03:14.0039 2024 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:03:14.0040 2024 monitor - ok
12:03:14.0083 2024 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:03:14.0088 2024 mouclass - ok
12:03:14.0118 2024 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:03:14.0121 2024 mouhid - ok
12:03:14.0175 2024 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:03:14.0177 2024 mountmgr - ok
12:03:14.0252 2024 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:03:14.0257 2024 MozillaMaintenance - ok
12:03:14.0291 2024 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
12:03:14.0304 2024 mpio - ok
12:03:14.0341 2024 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:03:14.0367 2024 mpsdrv - ok
12:03:14.0433 2024 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:03:14.0468 2024 MpsSvc - ok
12:03:14.0520 2024 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:03:14.0530 2024 MRxDAV - ok
12:03:14.0597 2024 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:03:14.0607 2024 mrxsmb - ok
12:03:14.0643 2024 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:03:14.0651 2024 mrxsmb10 - ok
12:03:14.0676 2024 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:03:14.0680 2024 mrxsmb20 - ok
12:03:14.0721 2024 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
12:03:14.0723 2024 msahci - ok
12:03:14.0764 2024 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:03:14.0793 2024 msdsm - ok
12:03:14.0835 2024 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
12:03:14.0847 2024 MSDTC - ok
12:03:14.0900 2024 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:03:14.0903 2024 Msfs - ok
12:03:14.0933 2024 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:03:14.0937 2024 mshidkmdf - ok
12:03:14.0965 2024 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:03:14.0969 2024 msisadrv - ok
12:03:15.0021 2024 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:03:15.0029 2024 MSiSCSI - ok
12:03:15.0046 2024 msiserver - ok
12:03:15.0086 2024 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:03:15.0089 2024 MSKSSRV - ok
12:03:15.0137 2024 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:03:15.0140 2024 MSPCLOCK - ok
12:03:15.0169 2024 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:03:15.0214 2024 MSPQM - ok
12:03:15.0274 2024 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:03:15.0287 2024 MsRPC - ok
12:03:15.0341 2024 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:03:15.0344 2024 mssmbios - ok
12:03:15.0385 2024 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:03:15.0388 2024 MSTEE - ok
12:03:15.0412 2024 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
12:03:15.0416 2024 MTConfig - ok
12:03:15.0440 2024 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
12:03:15.0444 2024 Mup - ok
12:03:15.0502 2024 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
12:03:15.0512 2024 napagent - ok
12:03:15.0563 2024 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:03:15.0617 2024 NativeWifiP - ok
12:03:15.0686 2024 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:03:15.0720 2024 NDIS - ok
12:03:15.0761 2024 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:03:15.0786 2024 NdisCap - ok
12:03:15.0823 2024 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:03:15.0827 2024 NdisTapi - ok
12:03:15.0878 2024 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:03:15.0899 2024 Ndisuio - ok
12:03:15.0962 2024 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:03:16.0004 2024 NdisWan - ok
12:03:16.0049 2024 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:03:16.0093 2024 NDProxy - ok
12:03:16.0113 2024 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:03:16.0116 2024 NetBIOS - ok
12:03:16.0174 2024 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:03:16.0179 2024 NetBT - ok
12:03:16.0203 2024 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
12:03:16.0207 2024 Netlogon - ok
12:03:16.0275 2024 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
12:03:16.0286 2024 Netman - ok
12:03:16.0330 2024 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:03:16.0359 2024 NetMsmqActivator - ok
12:03:16.0391 2024 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:03:16.0395 2024 NetPipeActivator - ok
12:03:16.0464 2024 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
12:03:16.0476 2024 netprofm - ok
12:03:16.0504 2024 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:03:16.0508 2024 NetTcpActivator - ok
12:03:16.0526 2024 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:03:16.0528 2024 NetTcpPortSharing - ok
12:03:16.0567 2024 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
12:03:16.0613 2024 nfrd960 - ok
12:03:16.0679 2024 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:03:16.0687 2024 NlaSvc - ok
12:03:16.0721 2024 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:03:16.0726 2024 Npfs - ok
12:03:16.0741 2024 NPPTNT2 - ok
12:03:16.0762 2024 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
12:03:16.0767 2024 nsi - ok
12:03:16.0796 2024 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:03:16.0797 2024 nsiproxy - ok
12:03:16.0896 2024 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:03:16.0954 2024 Ntfs - ok
12:03:17.0014 2024 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
12:03:17.0060 2024 Null - ok
12:03:17.0110 2024 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:03:17.0137 2024 nvraid - ok
12:03:17.0168 2024 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:03:17.0217 2024 nvstor - ok
12:03:17.0253 2024 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:03:17.0280 2024 nv_agp - ok
12:03:17.0409 2024 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:03:17.0424 2024 odserv - ok
12:03:17.0468 2024 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:03:17.0511 2024 ohci1394 - ok
12:03:17.0556 2024 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:03:17.0562 2024 ose - ok
12:03:17.0619 2024 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:03:17.0627 2024 p2pimsvc - ok
12:03:17.0677 2024 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
12:03:17.0687 2024 p2psvc - ok
12:03:17.0834 2024 [ 01907300EB52206B06FACB9608F369A9 ] PanService C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
12:03:17.0848 2024 PanService - ok
12:03:17.0900 2024 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:03:17.0926 2024 Parport - ok
12:03:17.0976 2024 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:03:17.0980 2024 partmgr - ok
12:03:18.0004 2024 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:03:18.0022 2024 PcaSvc - ok
12:03:18.0049 2024 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
12:03:18.0053 2024 pci - ok
12:03:18.0090 2024 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
12:03:18.0094 2024 pciide - ok
12:03:18.0130 2024 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:03:18.0159 2024 pcmcia - ok
12:03:18.0189 2024 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
12:03:18.0193 2024 pcw - ok
12:03:18.0231 2024 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:03:18.0265 2024 PEAUTH - ok
12:03:18.0399 2024 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:03:18.0407 2024 PerfHost - ok
12:03:18.0533 2024 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
12:03:18.0589 2024 pla - ok
12:03:18.0650 2024 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:03:18.0660 2024 PlugPlay - ok
12:03:18.0685 2024 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:03:18.0690 2024 PNRPAutoReg - ok
12:03:18.0719 2024 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:03:18.0725 2024 PNRPsvc - ok
12:03:18.0764 2024 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:03:18.0774 2024 PolicyAgent - ok
12:03:18.0827 2024 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
12:03:18.0834 2024 Power - ok
12:03:18.0899 2024 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:03:19.0013 2024 PptpMiniport - ok
12:03:19.0037 2024 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
12:03:19.0074 2024 Processor - ok
12:03:19.0139 2024 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
12:03:19.0146 2024 ProfSvc - ok
12:03:19.0171 2024 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:03:19.0175 2024 ProtectedStorage - ok
12:03:19.0236 2024 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:03:19.0239 2024 Psched - ok
12:03:19.0316 2024 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
12:03:19.0409 2024 ql2300 - ok
12:03:19.0455 2024 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
12:03:19.0468 2024 ql40xx - ok
12:03:19.0523 2024 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
12:03:19.0533 2024 QWAVE - ok
12:03:19.0561 2024 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:03:19.0592 2024 QWAVEdrv - ok
12:03:19.0671 2024 [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
12:03:19.0675 2024 RapiMgr - ok
12:03:19.0704 2024 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:03:19.0728 2024 RasAcd - ok
12:03:19.0778 2024 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:03:19.0784 2024 RasAgileVpn - ok
12:03:19.0810 2024 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
12:03:19.0818 2024 RasAuto - ok
12:03:19.0868 2024 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:03:19.0914 2024 Rasl2tp - ok
12:03:19.0972 2024 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
12:03:19.0983 2024 RasMan - ok
12:03:20.0015 2024 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:03:20.0020 2024 RasPppoe - ok
12:03:20.0050 2024 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:03:20.0076 2024 RasSstp - ok
12:03:20.0125 2024 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:03:20.0133 2024 rdbss - ok
12:03:20.0164 2024 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:03:20.0212 2024 rdpbus - ok
12:03:20.0235 2024 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:03:20.0236 2024 RDPCDD - ok
12:03:20.0277 2024 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:03:20.0279 2024 RDPENCDD - ok
12:03:20.0310 2024 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:03:20.0311 2024 RDPREFMP - ok
12:03:20.0364 2024 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:03:20.0395 2024 RDPWD - ok
12:03:20.0453 2024 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:03:20.0459 2024 rdyboost - ok
12:03:20.0494 2024 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:03:20.0501 2024 RemoteAccess - ok
12:03:20.0549 2024 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:03:20.0556 2024 RemoteRegistry - ok
12:03:20.0597 2024 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:03:20.0604 2024 RpcEptMapper - ok
12:03:20.0645 2024 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
12:03:20.0651 2024 RpcLocator - ok
12:03:20.0711 2024 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
12:03:20.0728 2024 RpcSs - ok
12:03:20.0790 2024 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:03:20.0830 2024 rspndr - ok
12:03:20.0907 2024 [ C435AC77704EB16E85C9D630F4D4B4F7 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
12:03:20.0912 2024 RTHDMIAzAudService - ok
12:03:20.0990 2024 [ 81FE3CDBA210F2DCFB451F2C24258780 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
12:03:21.0013 2024 RTL8167 - ok
12:03:21.0039 2024 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
12:03:21.0042 2024 SamSs - ok
12:03:21.0087 2024 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:03:21.0113 2024 sbp2port - ok
12:03:21.0154 2024 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:03:21.0164 2024 SCardSvr - ok
12:03:21.0221 2024 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:03:21.0275 2024 scfilter - ok
12:03:21.0366 2024 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
12:03:21.0408 2024 Schedule - ok
12:03:21.0453 2024 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
12:03:21.0455 2024 SCPolicySvc - ok
12:03:21.0500 2024 ScreamBAudioSvc - ok
12:03:21.0552 2024 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:03:21.0563 2024 SDRSVC - ok
12:03:21.0621 2024 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:03:21.0650 2024 secdrv - ok
12:03:21.0693 2024 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
12:03:21.0699 2024 seclogon - ok
12:03:21.0736 2024 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
12:03:21.0741 2024 SENS - ok
12:03:21.0763 2024 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:03:21.0770 2024 SensrSvc - ok
12:03:21.0794 2024 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:03:21.0819 2024 Serenum - ok
12:03:21.0848 2024 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:03:21.0934 2024 Serial - ok
12:03:21.0986 2024 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
12:03:22.0010 2024 sermouse - ok
12:03:22.0074 2024 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
12:03:22.0080 2024 SessionEnv - ok
12:03:22.0123 2024 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:03:22.0148 2024 sffdisk - ok
12:03:22.0172 2024 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:03:22.0196 2024 sffp_mmc - ok
12:03:22.0226 2024 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:03:22.0229 2024 sffp_sd - ok
12:03:22.0257 2024 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:03:22.0282 2024 sfloppy - ok
12:03:22.0347 2024 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:03:22.0357 2024 SharedAccess - ok
12:03:22.0416 2024 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:03:22.0460 2024 ShellHWDetection - ok
12:03:22.0507 2024 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:03:22.0552 2024 SiSRaid2 - ok
12:03:22.0575 2024 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
12:03:22.0601 2024 SiSRaid4 - ok
12:03:22.0701 2024 [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:03:22.0706 2024 SkypeUpdate - ok
12:03:22.0742 2024 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:03:22.0748 2024 Smb - ok
12:03:22.0813 2024 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:03:22.0817 2024 SNMPTRAP - ok
12:03:22.0844 2024 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
12:03:22.0846 2024 spldr - ok
12:03:22.0920 2024 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
12:03:22.0943 2024 Spooler - ok
12:03:23.0106 2024 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
12:03:23.0209 2024 sppsvc - ok
12:03:23.0234 2024 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:03:23.0246 2024 sppuinotify - ok
12:03:23.0336 2024 [ A15860E920B02C9A7CE8F3A6C2FF1E3A ] sptd C:\Windows\System32\Drivers\sptd.sys
12:03:23.0346 2024 sptd - ok
12:03:23.0398 2024 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
12:03:23.0408 2024 srv - ok
12:03:23.0437 2024 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:03:23.0445 2024 srv2 - ok
12:03:23.0471 2024 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:03:23.0477 2024 srvnet - ok
12:03:23.0539 2024 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:03:23.0546 2024 SSDPSRV - ok
12:03:23.0567 2024 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:03:23.0572 2024 SstpSvc - ok
12:03:23.0665 2024 [ E5C796B621F6FBA8616511063D7F0FFE ] StarWindServiceAE C:\Program Files (x86)\Alcohol Soft\Alcohol

[ChrisX]

120\StarWind\StarWindServiceAE.exe
12:03:23.0677 2024 StarWindServiceAE - ok
12:03:23.0732 2024 Steam Client Service - ok
12:03:23.0779 2024 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
12:03:23.0784 2024 stexstor - ok
12:03:23.0857 2024 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
12:03:23.0872 2024 stisvc - ok
12:03:23.0913 2024 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
12:03:23.0937 2024 swenum - ok
12:03:24.0114 2024 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:03:24.0129 2024 SwitchBoard - ok
12:03:24.0194 2024 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
12:03:24.0205 2024 swprv - ok
12:03:24.0260 2024 [ 0A535B4F638D5BBCF3EE6C997BF33892 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
12:03:24.0269 2024 SynTP - ok
12:03:24.0355 2024 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
12:03:24.0415 2024 SysMain - ok
12:03:24.0472 2024 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:03:24.0479 2024 TabletInputService - ok
12:03:24.0534 2024 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
12:03:24.0550 2024 TapiSrv - ok
12:03:24.0573 2024 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
12:03:24.0579 2024 TBS - ok
12:03:24.0703 2024 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:03:24.0784 2024 Tcpip - ok
12:03:24.0861 2024 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:03:24.0879 2024 TCPIP6 - ok
12:03:24.0934 2024 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:03:24.0938 2024 tcpipreg - ok
12:03:24.0984 2024 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:03:25.0008 2024 TDPIPE - ok
12:03:25.0080 2024 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:03:25.0099 2024 TDTCP - ok
12:03:25.0154 2024 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:03:25.0180 2024 tdx - ok
12:03:25.0234 2024 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
12:03:25.0283 2024 TermDD - ok
12:03:25.0364 2024 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
12:03:25.0388 2024 TermService - ok
12:03:25.0436 2024 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
12:03:25.0442 2024 Themes - ok
12:03:25.0480 2024 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
12:03:25.0483 2024 THREADORDER - ok
12:03:25.0515 2024 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
12:03:25.0522 2024 TrkWks - ok
12:03:25.0604 2024 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:03:25.0609 2024 TrustedInstaller - ok
12:03:25.0669 2024 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:03:25.0673 2024 tssecsrv - ok
12:03:25.0733 2024 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:03:25.0780 2024 TsUsbFlt - ok
12:03:25.0857 2024 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:03:25.0862 2024 tunnel - ok
12:03:25.0893 2024 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
12:03:25.0920 2024 uagp35 - ok
12:03:25.0961 2024 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:03:25.0972 2024 udfs - ok
12:03:26.0041 2024 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:03:26.0054 2024 UI0Detect - ok
12:03:26.0120 2024 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:03:26.0155 2024 uliagpkx - ok
12:03:26.0199 2024 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:03:26.0224 2024 umbus - ok
12:03:26.0246 2024 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:03:26.0272 2024 UmPass - ok
12:03:26.0315 2024 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
12:03:26.0324 2024 upnphost - ok
12:03:26.0349 2024 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:03:26.0353 2024 usbccgp - ok
12:03:26.0386 2024 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:03:26.0391 2024 usbcir - ok
12:03:26.0419 2024 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:03:26.0422 2024 usbehci - ok
12:03:26.0470 2024 [ 63ABF9AB6BD888A662DB3E50784E21B3 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
12:03:26.0473 2024 usbfilter - ok
12:03:26.0518 2024 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:03:26.0525 2024 usbhub - ok
12:03:26.0546 2024 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
12:03:26.0550 2024 usbohci - ok
12:03:26.0576 2024 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:03:26.0600 2024 usbprint - ok
12:03:26.0632 2024 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:03:26.0678 2024 USBSTOR - ok
12:03:26.0710 2024 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:03:26.0714 2024 usbuhci - ok
12:03:26.0771 2024 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
12:03:26.0776 2024 usbvideo - ok
12:03:26.0852 2024 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
12:03:26.0911 2024 usb_rndisx - ok
12:03:26.0979 2024 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
12:03:26.0985 2024 UxSms - ok
12:03:27.0021 2024 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
12:03:27.0023 2024 VaultSvc - ok
12:03:27.0059 2024 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:03:27.0062 2024 vdrvroot - ok
12:03:27.0118 2024 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
12:03:27.0133 2024 vds - ok
12:03:27.0181 2024 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:03:27.0186 2024 vga - ok
12:03:27.0218 2024 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
12:03:27.0243 2024 VgaSave - ok
12:03:27.0281 2024 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:03:27.0310 2024 vhdmp - ok
12:03:27.0340 2024 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
12:03:27.0366 2024 viaide - ok
12:03:27.0393 2024 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:03:27.0396 2024 volmgr - ok
12:03:27.0431 2024 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:03:27.0439 2024 volmgrx - ok
12:03:27.0477 2024 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:03:27.0485 2024 volsnap - ok
12:03:27.0525 2024 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:03:27.0554 2024 vsmraid - ok
12:03:27.0697 2024 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
12:03:27.0761 2024 VSS - ok
12:03:27.0783 2024 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:03:27.0786 2024 vwifibus - ok
12:03:27.0820 2024 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:03:27.0825 2024 vwififlt - ok
12:03:27.0878 2024 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
12:03:27.0891 2024 W32Time - ok
12:03:27.0928 2024 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:03:27.0938 2024 WacomPen - ok
12:03:28.0005 2024 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:03:28.0031 2024 WANARP - ok
12:03:28.0060 2024 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:03:28.0062 2024 Wanarpv6 - ok
12:03:28.0156 2024 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:03:28.0225 2024 WatAdminSvc - ok
12:03:28.0312 2024 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
12:03:28.0388 2024 wbengine - ok
12:03:28.0427 2024 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:03:28.0437 2024 WbioSrvc - ok
12:03:28.0523 2024 [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
12:03:28.0529 2024 WcesComm - ok
12:03:28.0576 2024 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:03:28.0588 2024 wcncsvc - ok
12:03:28.0613 2024 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:03:28.0620 2024 WcsPlugInService - ok
12:03:28.0656 2024 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:03:28.0661 2024 Wd - ok
12:03:28.0710 2024 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:03:28.0722 2024 Wdf01000 - ok
12:03:28.0747 2024 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:03:28.0753 2024 WdiServiceHost - ok
12:03:28.0770 2024 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:03:28.0775 2024 WdiSystemHost - ok
12:03:28.0835 2024 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
12:03:28.0853 2024 WebClient - ok
12:03:28.0900 2024 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:03:28.0919 2024 Wecsvc - ok
12:03:28.0948 2024 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:03:28.0953 2024 wercplsupport - ok
12:03:28.0997 2024 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
12:03:29.0002 2024 WerSvc - ok
12:03:29.0063 2024 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:03:29.0087 2024 WfpLwf - ok
12:03:29.0118 2024 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:03:29.0142 2024 WIMMount - ok
12:03:29.0200 2024 WinDefend - ok
12:03:29.0229 2024 WinHttpAutoProxySvc - ok
12:03:29.0322 2024 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:03:29.0334 2024 Winmgmt - ok
12:03:29.0464 2024 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
12:03:29.0567 2024 WinRM - ok
12:03:29.0657 2024 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:03:29.0685 2024 WinUsb - ok
12:03:29.0752 2024 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
12:03:29.0787 2024 Wlansvc - ok
12:03:29.0836 2024 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:03:29.0838 2024 WmiAcpi - ok
12:03:29.0890 2024 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:03:29.0899 2024 wmiApSrv - ok
12:03:29.0950 2024 WMPNetworkSvc - ok
12:03:29.0973 2024 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:03:29.0981 2024 WPCSvc - ok
12:03:30.0042 2024 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:03:30.0052 2024 WPDBusEnum - ok
12:03:30.0094 2024 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:03:30.0095 2024 ws2ifsl - ok
12:03:30.0122 2024 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
12:03:30.0130 2024 wscsvc - ok
12:03:30.0148 2024 WSearch - ok
12:03:30.0306 2024 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
12:03:30.0403 2024 wuauserv - ok
12:03:30.0431 2024 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:03:30.0457 2024 WudfPf - ok
12:03:30.0510 2024 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:03:30.0537 2024 WUDFRd - ok
12:03:30.0578 2024 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:03:30.0590 2024 wudfsvc - ok
12:03:30.0623 2024 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
12:03:30.0634 2024 WwanSvc - ok
12:03:30.0694 2024 ================ Scan global ===============================
12:03:30.0722 2024 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
12:03:30.0785 2024 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
12:03:30.0823 2024 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
12:03:30.0895 2024 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
12:03:30.0938 2024 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
12:03:30.0946 2024 [Global] - ok
12:03:30.0952 2024 ================ Scan MBR ==================================
12:03:30.0973 2024 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:03:31.0596 2024 \Device\Harddisk0\DR0 - ok
12:03:31.0600 2024 ================ Scan VBR ==================================
12:03:31.0613 2024 [ 6479745C4FEAE13EA016C40313FF268A ] \Device\Harddisk0\DR0\Partition1
12:03:31.0615 2024 \Device\Harddisk0\DR0\Partition1 - ok
12:03:31.0620 2024 ============================================================
12:03:31.0620 2024 Scan finished
12:03:31.0620 2024 ============================================================
12:03:31.0644 5096 Detected object count: 0
12:03:31.0644 5096 Actual detected object count: 0
12:14:21.0369 2808 Deinitialize success

[ChrisX]

ComboFix 12-10-26.05 - sXe 27.10.2012 12:31:14.9.1 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2812.1784 [GMT 2:00]
Spuštěný z: c:\users\sXe\Downloads\ComboFix.exe
AV: ESET Smart Security 5.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 5.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-09-27 do 2012-10-27 )))))))))))))))))))))))))))))))
.
.
2012-10-27 10:41 . 2012-10-27 10:41 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-27 04:52 . 2012-10-12 07:19 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EB6091E6-AFE9-4507-BFC6-7D7A16CF2D74}\mpengine.dll
2012-10-26 20:39 . 2012-10-26 20:39 -------- d-----w- c:\users\sXe\AppData\Local\Adobe
2012-10-26 20:29 . 2012-10-26 20:29 -------- d-----w- c:\program files (x86)\Qualcomm Atheros
2012-10-26 20:28 . 2012-10-26 20:28 -------- d-----w- c:\windows\Options
2012-10-26 20:28 . 2012-09-17 22:33 3752448 ----a-w- c:\windows\system32\drivers\athrx.sys
2012-10-26 20:28 . 2012-09-17 22:33 3752448 ------w- c:\windows\system32\athrx.sys
2012-10-26 20:27 . 2012-10-26 20:29 -------- d-----w- c:\programdata\Qualcomm Atheros
2012-10-26 20:18 . 2012-10-06 16:26 74344 ----a-w- c:\windows\system32\RtNicProp64.dll
2012-10-26 20:18 . 2012-10-06 16:26 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2012-10-26 20:18 . 2012-10-06 16:26 766096 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2012-10-26 20:10 . 2012-10-26 20:10 -------- d-----w- c:\programdata\ATI
2012-10-26 20:10 . 2012-10-26 20:10 -------- d-----w- c:\program files (x86)\AMD AVT
2012-10-26 20:10 . 2012-10-26 20:10 -------- d-----w- c:\program files (x86)\AMD APP
2012-10-26 20:07 . 2012-10-26 20:07 -------- d-----w- c:\program files (x86)\ATI Technologies
2012-10-26 18:36 . 2012-07-02 20:00 57512 ----a-w- c:\windows\system32\drivers\usbfilter.sys
2012-10-26 18:24 . 2012-10-26 18:24 -------- d-----w- c:\windows\SysWow64\RTCOM
2012-10-26 18:13 . 2012-08-03 22:18 1706640 ----a-w- c:\windows\RtlExUpd.dll
2012-10-26 18:13 . 2006-02-07 13:44 65024 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ISBEW64.exe
2012-10-26 18:13 . 2006-02-07 13:40 204800 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll
2012-10-26 18:13 . 2006-02-07 13:40 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll
2012-10-26 18:13 . 2006-02-07 13:40 274432 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll
2012-10-26 18:13 . 2006-02-07 13:39 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2012-10-26 18:13 . 2006-02-07 13:45 757760 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll
2012-10-26 18:13 . 2005-11-13 21:19 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
2012-10-26 18:13 . 2012-10-26 18:13 331908 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll
2012-10-26 18:13 . 2012-10-26 18:13 200836 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll
2012-10-26 18:10 . 2012-10-26 18:10 -------- d-----w- c:\program files\Realtek
2012-10-26 18:08 . 2012-10-26 18:31 -------- d--h--w- c:\program files (x86)\Temp
2012-10-26 18:03 . 2012-10-26 18:03 -------- d-----w- c:\program files\Synaptics
2012-10-26 14:47 . 2012-10-26 17:58 -------- d-----w- c:\programdata\DriverGenius
2012-10-26 14:45 . 2012-10-26 14:45 -------- d-----w- c:\program files (x86)\Driver-Soft
2012-10-26 10:38 . 2012-10-26 10:38 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-10-26 10:38 . 2012-09-29 17:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-24 12:39 . 2012-10-24 12:39 388096 ----a-r- c:\users\sXe\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-10-20 23:05 . 2008-07-12 06:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll
2012-10-20 23:05 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll
2012-10-20 23:05 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2012-10-20 22:57 . 2012-10-20 22:58 -------- d-----w- C:\Riot Games
2012-10-13 21:36 . 2012-10-13 21:36 -------- d-----w- c:\users\sXe\AppData\Roaming\vlc
2012-10-13 18:50 . 2012-10-13 18:50 -------- d-----w- c:\program files (x86)\softendo.com
2012-10-10 18:27 . 2012-10-10 18:27 -------- d-----w- c:\program files (x86)\PANDORA.TV
2012-10-10 15:07 . 2012-08-24 18:05 220160 ----a-w- c:\windows\system32\wintrust.dll
2012-10-10 15:07 . 2012-08-24 16:57 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-10-10 15:07 . 2012-08-30 18:03 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-10-10 15:07 . 2012-08-30 17:12 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-10-10 15:07 . 2012-08-30 17:12 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-10-10 15:07 . 2012-08-31 18:19 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-10-10 15:05 . 2012-09-14 19:19 2048 ----a-w- c:\windows\system32\tzres.dll
2012-10-10 15:05 . 2012-09-14 18:28 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-10-10 15:05 . 2012-08-11 00:56 715776 ----a-w- c:\windows\system32\kerberos.dll
2012-10-10 15:05 . 2012-08-10 23:56 542208 ----a-w- c:\windows\SysWow64\kerberos.dll
2012-10-10 15:05 . 2012-06-02 05:41 1464320 ----a-w- c:\windows\system32\crypt32.dll
2012-10-10 15:05 . 2012-06-02 04:36 1159680 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-10-10 15:05 . 2012-06-02 05:41 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-10-10 15:05 . 2012-06-02 05:41 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-10-10 15:05 . 2012-06-02 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-10-10 15:05 . 2012-06-02 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-10-04 19:13 . 2012-10-04 19:13 -------- d-----w- c:\program files\ESET
2012-10-04 18:02 . 2012-10-04 18:02 -------- d-----w- c:\program files (x86)\Alcohol Soft
2012-10-04 17:57 . 2012-10-04 17:57 -------- d-----w- c:\programdata\Browser Manager
2012-10-04 17:57 . 2012-10-04 17:57 -------- d-----w- c:\programdata\Babylon
2012-10-04 17:57 . 2012-10-04 17:57 -------- d-----w- c:\users\sXe\AppData\Roaming\Babylon
2012-10-04 07:59 . 2012-10-04 07:59 73696 ----a-w- c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll
2012-09-30 15:34 . 2012-09-30 15:34 -------- d-----w- c:\programdata\APN
2012-09-30 12:29 . 2012-09-30 12:29 -------- d-----w- c:\windows\SysWow64\xlive
2012-09-30 12:29 . 2012-09-30 12:32 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-11 01:09 . 2011-08-18 01:05 65309168 ----a-w- c:\windows\system32\MRT.exe
2012-10-09 15:17 . 2012-07-18 17:16 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-09 15:17 . 2012-07-18 17:16 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-04 17:58 . 2011-08-18 09:09 560184 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-09-21 06:23 . 2012-09-21 06:23 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2012-08-24 11:15 . 2012-09-22 01:01 17810944 ----a-w- c:\windows\system32\mshtml.dll
2012-08-24 10:39 . 2012-09-22 01:01 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-08-24 10:31 . 2012-09-22 01:01 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 10:22 . 2012-09-22 01:01 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-08-24 10:21 . 2012-09-22 01:01 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 10:20 . 2012-09-22 01:01 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 10:18 . 2012-09-22 01:01 237056 ----a-w- c:\windows\system32\url.dll
2012-08-24 10:17 . 2012-09-22 01:01 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-08-24 10:14 . 2012-09-22 01:01 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 10:14 . 2012-09-22 01:01 816640 ----a-w- c:\windows\system32\jscript.dll
2012-08-24 10:13 . 2012-09-22 01:01 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 10:12 . 2012-09-22 01:01 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-08-24 10:11 . 2012-09-22 01:01 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-08-24 10:10 . 2012-09-22 01:02 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-08-24 10:09 . 2012-09-22 01:02 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-24 10:04 . 2012-09-22 01:01 248320 ----a-w- c:\windows\system32\ieui.dll
2012-08-24 06:59 . 2012-09-22 01:01 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-08-24 06:51 . 2012-09-22 01:01 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-08-24 06:51 . 2012-09-22 01:01 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47 . 2012-09-22 01:01 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47 . 2012-09-22 01:01 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-08-24 06:43 . 2012-09-22 01:02 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-08-23 19:41 . 2012-08-23 19:41 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2012-08-23 19:41 . 2012-08-23 19:41 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2012-08-22 18:12 . 2012-09-12 07:13 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 18:12 . 2012-09-12 07:13 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-12 07:13 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 07:13 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 21:01 . 2012-09-26 08:02 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-08-20 17:38 . 2012-10-10 15:06 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-08-02 17:58 . 2012-09-12 07:13 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-08-02 16:57 . 2012-09-12 07:13 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-05-18 880496]
"KPeerNexonEU"="c:\nexon\NEXON_EU_Downloader\nxEULauncher.exe" [2012-05-19 438272]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2012-10-26 1353080]
"AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2012-01-05 75624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-08-29 1996200]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-07-04 641704]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~3\BROWSE~1\23762~1.17\{16CDF~1\browsemngr.dll
.
R2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-01-05 75624]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-03 160944]
R3 1394hub;1394 Enabled Hub;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 250808]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2011-03-30 114704]
R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\NCsoft\Lineage II\system\GameGuard\dump_wmimmc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-04 114144]
R3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-08-18 1255736]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2012-04-11 82560]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2012-04-11 42624]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2012-03-14 62496]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2012-03-14 209768]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2012-03-14 148528]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2012-03-14 38288]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-07-04 238080]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-07-03 361984]
S2 Browser Manager;Browser Manager;c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [2012-10-02 2201112]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2012-03-07 913144]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-08-29 2369960]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-06-22 625816]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-07-04 11922944]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-07-04 359936]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-10-06 766096]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2012-07-02 57512]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-10-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-18 15:17]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 660360]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-03-07 4081008]
.
------- Doplňkový sken -------
.
uLocal Page = %SystemRoot%\system32\blank.htm
uStart Page = hxxp://search.babylon.com/?affID=110819 ... 6076394bd9
mStart Page = hxxp://www.google.com
mLocal Page = %SystemRoot%\system32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Stáhnout Free Download Managerem - file://c:\program files (x86)\Free Download Manager\dllink.htm
IE: Stáhnout video Free Download Managerem - file://c:\program files (x86)\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané Free Download Managerem - file://c:\program files (x86)\Free Download Manager\dlselected.htm
IE: Stáhnout vše Free Download Managerem - file://c:\program files (x86)\Free Download Manager\dlall.htm
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\sXe\AppData\Roaming\Mozilla\Firefox\Profiles\2jp3fwjw.default\
FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?affID=110819 ... 6076394bd9
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?affID=110819 ... 6394bd9&q=
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
pref('extensions.shownSelectionUI',true);
pref('extensions.autoDisableScopes',0);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-Driver Genius - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{687578B9-7132-4A7A-80E4-30EE31099E03} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
Celkový čas: 2012-10-27 12:46:45
ComboFix-quarantined-files.txt 2012-10-27 10:46
ComboFix2.txt 2012-07-20 13:52
ComboFix3.txt 2012-07-20 11:51
ComboFix4.txt 2012-04-12 17:33
.
Před spuštěním: Volných bajtů: 158 406 426 624
Po spuštění: Volných bajtů: 157 768 970 240
.
- - End Of File - - 04F9A84DD1825F2DBBD440EE1ABA6BD8

[Žbeky]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::

Folder::
c:\programdata\Browser Manager
c:\programdata\Babylon
c:\users\sXe\AppData\Roaming\Babylon
c:\progra~3\BROWSE~1
c:\program files (x86)\Skype\Updater

File::
c:\windows\system32\drivers\EagleX64.sys

Registry::
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=-
"AppInit_DLLs"=-

Driver::
SkypeUpdate
EagleX64

DDS::
uLocal Page = %SystemRoot%\system32\blank.htm
uStart Page = hxxp://search.babylon.com/?affID=110819 ... 6076394bd9
mLocal Page = %SystemRoot%\system32\blank.htm

Firefox::
FF - ProfilePath - c:\users\sXe\AppData\Roaming\Mozilla\Firefox\Profiles\2jp3fwjw.default\
FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?affID=110819 ... 6076394bd9
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?affID=110819 ... 6394bd9&q=
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

[ChrisX]

ComboFix 12-10-26.05 - sXe 27.10.2012 16:06:44.10.1 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.2812.1999 [GMT 2:00]
Spuštěný z: c:\users\sXe\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\sXe\Desktop\CFScript.txt
AV: ESET Smart Security 5.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 5.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý
.
.
FILE ::
"c:\windows\system32\drivers\EagleX64.sys"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\progra~3\BROWSE~1
c:\progra~3\BROWSE~1\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.crx
c:\progra~3\BROWSE~1\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll
c:\progra~3\BROWSE~1\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
c:\progra~3\BROWSE~1\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.settings
c:\progra~3\BROWSE~1\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\browsemngr-15.0.dll
c:\progra~3\BROWSE~1\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\browsemngr-3.6.xpt
c:\progra~3\BROWSE~1\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\content\browsemngr.js
c:\progra~3\BROWSE~1\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\content\overlay.xul
c:\progra~3\BROWSE~1\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\chrome.manifest
c:\progra~3\BROWSE~1\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\install.rdf
c:\progra~3\BROWSE~1\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\00
c:\progra~3\BROWSE~1\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\01
c:\progra~3\BROWSE~1\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\02
c:\progra~3\BROWSE~1\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\10
c:\progra~3\BROWSE~1\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\11
c:\progra~3\BROWSE~1\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\12
c:\progra~3\BROWSE~1\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\20
c:\progra~3\BROWSE~1\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\21
c:\progra~3\BROWSE~1\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\22
c:\progra~3\BROWSE~1\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\uninstall.exe
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\programdata\Babylon
c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.crx
c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll
c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.settings
c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\browsemngr-15.0.dll
c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components\browsemngr-3.6.xpt
c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\content\browsemngr.js
c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\content\overlay.xul
c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\chrome.manifest
c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\install.rdf
c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\00
c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\01
c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\02
c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\10
c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\11
c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\12
c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\20
c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\21
c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\22
c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\uninstall.exe
c:\users\sXe\AppData\Roaming\Babylon
c:\users\sXe\AppData\Roaming\Babylon\log_file.txt
c:\users\sXe\AppData\Roaming\Babylon\SUDump.dmp
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_EAGLEX64
-------\Service_EagleX64
-------\Service_SkypeUpdate
-------\Service_Browser Manager
-------\Service_Browser Manager
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-09-27 do 2012-10-27 )))))))))))))))))))))))))))))))
.
.
2012-10-27 14:21 . 2012-07-16 00:40 9133488 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C8D73981-0832-40C8-8E9A-52C38F0DD030}\mpengine.dll
2012-10-27 14:18 . 2012-10-27 14:18 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-10-27 14:18 . 2012-10-27 14:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-27 04:52 . 2012-10-12 07:19 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EB6091E6-AFE9-4507-BFC6-7D7A16CF2D74}\mpengine.dll
2012-10-26 20:39 . 2012-10-26 20:39 -------- d-----w- c:\users\sXe\AppData\Local\Adobe
2012-10-26 20:29 . 2012-10-26 20:29 -------- d-----w- c:\program files (x86)\Qualcomm Atheros
2012-10-26 20:28 . 2012-10-26 20:28 -------- d-----w- c:\windows\Options
2012-10-26 20:28 . 2012-09-17 22:33 3752448 ----a-w- c:\windows\system32\drivers\athrx.sys
2012-10-26 20:28 . 2012-09-17 22:33 3752448 ------w- c:\windows\system32\athrx.sys
2012-10-26 20:27 . 2012-10-26 20:29 -------- d-----w- c:\programdata\Qualcomm Atheros
2012-10-26 20:18 . 2012-10-06 16:26 74344 ----a-w- c:\windows\system32\RtNicProp64.dll
2012-10-26 20:18 . 2012-10-06 16:26 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2012-10-26 20:18 . 2012-10-06 16:26 766096 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2012-10-26 20:10 . 2012-10-26 20:10 -------- d-----w- c:\programdata\ATI
2012-10-26 20:10 . 2012-10-26 20:10 -------- d-----w- c:\program files (x86)\AMD AVT
2012-10-26 20:10 . 2012-10-26 20:10 -------- d-----w- c:\program files (x86)\AMD APP
2012-10-26 20:07 . 2012-10-26 20:07 -------- d-----w- c:\program files (x86)\ATI Technologies
2012-10-26 18:36 . 2012-07-02 20:00 57512 ----a-w- c:\windows\system32\drivers\usbfilter.sys
2012-10-26 18:24 . 2012-10-26 18:24 -------- d-----w- c:\windows\SysWow64\RTCOM
2012-10-26 18:13 . 2012-08-03 22:18 1706640 ----a-w- c:\windows\RtlExUpd.dll
2012-10-26 18:13 . 2006-02-07 13:44 65024 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ISBEW64.exe
2012-10-26 18:13 . 2006-02-07 13:40 204800 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll
2012-10-26 18:13 . 2006-02-07 13:40 69715 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll
2012-10-26 18:13 . 2006-02-07 13:40 274432 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll
2012-10-26 18:13 . 2006-02-07 13:39 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2012-10-26 18:13 . 2006-02-07 13:45 757760 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll
2012-10-26 18:13 . 2005-11-13 21:19 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
2012-10-26 18:13 . 2012-10-26 18:13 331908 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll
2012-10-26 18:13 . 2012-10-26 18:13 200836 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll
2012-10-26 18:10 . 2012-10-26 18:10 -------- d-----w- c:\program files\Realtek
2012-10-26 18:08 . 2012-10-26 18:31 -------- d--h--w- c:\program files (x86)\Temp
2012-10-26 18:03 . 2012-10-26 18:03 -------- d-----w- c:\program files\Synaptics
2012-10-26 14:47 . 2012-10-26 17:58 -------- d-----w- c:\programdata\DriverGenius
2012-10-26 14:45 . 2012-10-26 14:45 -------- d-----w- c:\program files (x86)\Driver-Soft
2012-10-26 10:38 . 2012-10-26 10:38 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-10-26 10:38 . 2012-09-29 17:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-24 12:39 . 2012-10-24 12:39 388096 ----a-r- c:\users\sXe\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-10-20 23:05 . 2008-07-12 06:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll
2012-10-20 23:05 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll
2012-10-20 23:05 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2012-10-20 22:57 . 2012-10-20 22:58 -------- d-----w- C:\Riot Games
2012-10-13 21:36 . 2012-10-13 21:36 -------- d-----w- c:\users\sXe\AppData\Roaming\vlc
2012-10-13 18:50 . 2012-10-13 18:50 -------- d-----w- c:\program files (x86)\softendo.com
2012-10-10 18:27 . 2012-10-10 18:27 -------- d-----w- c:\program files (x86)\PANDORA.TV
2012-10-10 15:07 . 2012-08-24 18:05 220160 ----a-w- c:\windows\system32\wintrust.dll
2012-10-10 15:07 . 2012-08-24 16:57 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-10-10 15:07 . 2012-08-30 18:03 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-10-10 15:07 . 2012-08-30 17:12 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-10-10 15:07 . 2012-08-30 17:12 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-10-10 15:07 . 2012-08-31 18:19 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-10-10 15:05 . 2012-09-14 19:19 2048 ----a-w- c:\windows\system32\tzres.dll
2012-10-10 15:05 . 2012-09-14 18:28 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-10-10 15:05 . 2012-08-11 00:56 715776 ----a-w- c:\windows\system32\kerberos.dll
2012-10-10 15:05 . 2012-08-10 23:56 542208 ----a-w- c:\windows\SysWow64\kerberos.dll
2012-10-10 15:05 . 2012-06-02 05:41 1464320 ----a-w- c:\windows\system32\crypt32.dll
2012-10-10 15:05 . 2012-06-02 04:36 1159680 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-10-10 15:05 . 2012-06-02 05:41 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-10-10 15:05 . 2012-06-02 05:41 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-10-10 15:05 . 2012-06-02 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-10-10 15:05 . 2012-06-02 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-10-04 19:13 . 2012-10-04 19:13 -------- d-----w- c:\program files\ESET
2012-10-04 18:02 . 2012-10-04 18:02 -------- d-----w- c:\program files (x86)\Alcohol Soft
2012-10-04 07:59 . 2012-10-04 07:59 73696 ----a-w- c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll
2012-09-30 15:34 . 2012-09-30 15:34 -------- d-----w- c:\programdata\APN
2012-09-30 12:29 . 2012-09-30 12:29 -------- d-----w- c:\windows\SysWow64\xlive
2012-09-30 12:29 . 2012-09-30 12:32 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-11 01:09 . 2011-08-18 01:05 65309168 ----a-w- c:\windows\system32\MRT.exe
2012-10-09 15:17 . 2012-07-18 17:16 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-09 15:17 . 2012-07-18 17:16 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-04 17:58 . 2011-08-18 09:09 560184 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-09-21 06:23 . 2012-09-21 06:23 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2012-08-24 11:15 . 2012-09-22 01:01 17810944 ----a-w- c:\windows\system32\mshtml.dll
2012-08-24 10:39 . 2012-09-22 01:01 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-08-24 10:31 . 2012-09-22 01:01 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 10:22 . 2012-09-22 01:01 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-08-24 10:21 . 2012-09-22 01:01 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 10:20 . 2012-09-22 01:01 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 10:18 . 2012-09-22 01:01 237056 ----a-w- c:\windows\system32\url.dll
2012-08-24 10:17 . 2012-09-22 01:01 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-08-24 10:14 . 2012-09-22 01:01 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 10:14 . 2012-09-22 01:01 816640 ----a-w- c:\windows\system32\jscript.dll
2012-08-24 10:13 . 2012-09-22 01:01 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 10:12 . 2012-09-22 01:01 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-08-24 10:11 . 2012-09-22 01:01 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-08-24 10:10 . 2012-09-22 01:02 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-08-24 10:09 . 2012-09-22 01:02 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-24 10:04 . 2012-09-22 01:01 248320 ----a-w- c:\windows\system32\ieui.dll
2012-08-24 06:59 . 2012-09-22 01:01 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-08-24 06:51 . 2012-09-22 01:01 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-08-24 06:51 . 2012-09-22 01:01 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47 . 2012-09-22 01:01 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47 . 2012-09-22 01:01 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-08-24 06:43 . 2012-09-22 01:02 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-08-23 19:41 . 2012-08-23 19:41 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2012-08-23 19:41 . 2012-08-23 19:41 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2012-08-22 18:12 . 2012-09-12 07:13 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 18:12 . 2012-09-12 07:13 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-12 07:13 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 07:13 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 21:01 . 2012-09-26 08:02 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-08-20 17:38 . 2012-10-10 15:06 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-08-02 17:58 . 2012-09-12 07:13 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-08-02 16:57 . 2012-09-12 07:13 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-05-18 880496]
"KPeerNexonEU"="c:\nexon\NEXON_EU_Downloader\nxEULauncher.exe" [2012-05-19 438272]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2012-10-26 1353080]
"AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2012-01-05 75624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-08-29 1996200]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-07-04 641704]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [2012-01-05 75624]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]
R3 1394hub;1394 Enabled Hub;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 250808]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2011-03-30 114704]
R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\NCsoft\Lineage II\system\GameGuard\dump_wmimmc.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-04 114144]
R3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-08-18 1255736]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2012-04-11 82560]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2012-04-11 42624]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2012-03-14 62496]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2012-03-14 209768]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2012-03-14 148528]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2012-03-14 38288]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-07-04 238080]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-07-03 361984]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2012-03-07 913144]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-08-29 2369960]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-06-22 625816]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-07-04 11922944]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-07-04 359936]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-10-06 766096]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2012-07-02 57512]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-10-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-18 15:17]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 660360]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-03-07 4081008]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
.
------- Doplňkový sken -------
.
uLocal Page = %SystemRoot%\system32\blank.htm
mStart Page = hxxp://www.google.com
mLocal Page = %SystemRoot%\system32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Stáhnout Free Download Managerem - file://c:\program files (x86)\Free Download Manager\dllink.htm
IE: Stáhnout video Free Download Managerem - file://c:\program files (x86)\Free Download Manager\dlfvideo.htm
IE: Stáhnout vybrané Free Download Managerem - file://c:\program files (x86)\Free Download Manager\dlselected.htm
IE: Stáhnout vše Free Download Managerem - file://c:\program files (x86)\Free Download Manager\dlall.htm
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\sXe\AppData\Roaming\Mozilla\Firefox\Profiles\2jp3fwjw.default\
pref('extensions.shownSelectionUI',true);
pref('extensions.autoDisableScopes',0);
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{687578B9-7132-4A7A-80E4-30EE31099E03} - (no file)
AddRemove-{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} - c:\programdata\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
.
**************************************************************************
.
Celkový čas: 2012-10-27 16:29:23 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-10-27 14:29
ComboFix2.txt 2012-10-27 10:46
ComboFix3.txt 2012-07-20 13:52
ComboFix4.txt 2012-07-20 11:51
ComboFix5.txt 2012-10-27 14:04
.
Před spuštěním: Volných bajtů: 157 831 815 168
Po spuštění: Volných bajtů: 157 418 459 136
.
- - End Of File - - F3C4267DC23F788F3C532A4F7196D3F6

[Orcus]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

====================================================

Vyčisti systém CCleanerem

====================================================

Stáhni si OTC na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Jak se chová PC (potíže s úvodní stránkou)?
+ nový log z HJT.

[ChrisX]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:36:31, on 27.10.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8333 bytes



Pc zatím vypadá v pohodě, ale bližší info dám až vše prozkouším :)

[memphisto]

HJT Ok. Jak je na tom PC?