HJT log - Excel nfunguje

[Fucza]

Zdravím.Prosím o kontrolu logu. Myslím, že tam nějakou havěť mám.
Ze dne na den mi přestal správně fungovat excel - otevřu ho prázdný, ale přes soubor napíše: "Vyskytly se potíže při posílání příkazu programu."
Je to NTB W7 64bit.

Po spuštění HJT

Volbu spustit jako administrátor tam nemám. Ale po odkliknutí to jede dál.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:25:15, on 15.1.2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.17153)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe
C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardTools.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\SMART Technologies\Education Software\Aware.exe
C:\Program Files (x86)\SMART Technologies\Education Software\Marker.exe
C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
C:\Programy\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll
O2 - BHO: SMART Notebook Download Utility - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies\Education Software\Win32\NotebookPlugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [DTRun] c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [SMART Board Service] "C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe"
O4 - HKLM\..\Run: [SMART Board Tools] "C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardTools.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [EPSON SX420W Series] C:\windows\system32\spool\DRIVERS\x64\3\E_IATIGCE.EXE /FU "C:\Users\Martin\AppData\Local\Temp\E_SB1EE.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O15 - Trusted Zone: http://*.mcafee.com (HKLM)
O15 - Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://www.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM)
O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Device Manager - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
O23 - Service: Bluetooth Media Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe
O23 - Service: DEBridge - McAfee, Inc. - c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\system\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14299 bytes

Děkuji.

[Reklama]

[memphisto]

v logu fixni:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O15 - Trusted Zone: http://*.mcafee.com (HKLM)
O15 - Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://www.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM)
O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM)

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.

[Fucza]

Malwarebytes Anti-Malware 1.70.0.1100
http://www.malwarebytes.org

Verze: v2013.01.15.09

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Martin :: MARTIN-HP [administrátor]

15.1.2013 14:21:15
mbam-log-2013-01-15 (14-21-15).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 220256
Uplynulý čas: 7 minut, 17 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

[Žbeky]

To je spíš chyba MS office. Zkoušel jsi Excel přeinstalovat?

[Fucza]

Nezkoušel. Eset mi něco hlásil před 2 dny, ale bylo to z karantény a omylem jsem to zavřel. Ten excel to začal u některých souborů dělat náhle, proto jsem myslel, že to bude něco takového. Protože se mi nepodařilo vygooglit, jak tu přeinstalaci Excelu nejlépe provést, proto se ptám:
a) verze je legální a klíč mám, ale nevím, jakou přesně verzi Office 2007 v počítači mám a po hledání na webu Microsoftu jsem z toho jelen. Nevím, kde stáhnu a nerad bych to celé zdupal:-)
b) mám si raději vytvořit nový dotaz?
Díky.

[jaro3]

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[Fucza]

Ten první log v pohodě. Ten Combofix jel nějak divně. Okno bylo úplně miniaturní, sotva čitelné, po 45 minutách, jsem i přes výrazné doporučení okno o přípravě log reportu zavřel:-(, ale log jsem našel.

06:52:21.0296 1596 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
06:52:21.0496 1596 ============================================================
06:52:21.0496 1596 Current date / time: 2013/01/16 06:52:21.0496
06:52:21.0496 1596 SystemInfo:
06:52:21.0496 1596
06:52:21.0496 1596 OS Version: 6.1.7600 ServicePack: 0.0
06:52:21.0496 1596 Product type: Workstation
06:52:21.0496 1596 ComputerName: MARTIN-HP
06:52:21.0496 1596 UserName: Martin
06:52:21.0496 1596 Windows directory: C:\windows
06:52:21.0496 1596 System windows directory: C:\windows
06:52:21.0496 1596 Running under WOW64
06:52:21.0496 1596 Processor architecture: Intel x64
06:52:21.0496 1596 Number of processors: 4
06:52:21.0496 1596 Page size: 0x1000
06:52:21.0496 1596 Boot type: Normal boot
06:52:21.0496 1596 ============================================================
06:52:21.0994 1596 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
06:52:22.0009 1596 Drive \Device\Harddisk1\DR1 - Size: 0x1DB000000 (7.42 Gb), SectorSize: 0x200, Cylinders: 0x3C8, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
06:52:22.0012 1596 ============================================================
06:52:22.0012 1596 \Device\Harddisk0\DR0:
06:52:22.0012 1596 MBR partitions:
06:52:22.0012 1596 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x96000
06:52:22.0012 1596 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x96800, BlocksNum 0x380F1800
06:52:22.0012 1596 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38188000, BlocksNum 0x1E00000
06:52:22.0012 1596 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x39F88000, BlocksNum 0x3FD800
06:52:22.0012 1596 \Device\Harddisk1\DR1:
06:52:22.0013 1596 MBR partitions:
06:52:22.0013 1596 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0xED6000
06:52:22.0013 1596 ============================================================
06:52:22.0075 1596 C: <-> \Device\Harddisk0\DR0\Partition2
06:52:22.0106 1596 E: <-> \Device\Harddisk0\DR0\Partition4
06:52:22.0107 1596 ============================================================
06:52:22.0107 1596 Initialize success
06:52:22.0107 1596 ============================================================
06:52:25.0200 1976 ============================================================
06:52:25.0200 1976 Scan started
06:52:25.0200 1976 Mode: Manual;
06:52:25.0200 1976 ============================================================
06:52:25.0483 1976 ================ Scan system memory ========================
06:52:25.0483 1976 System memory - ok
06:52:25.0483 1976 ================ Scan services =============================
06:52:25.0750 1976 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\windows\system32\DRIVERS\1394ohci.sys
06:52:25.0756 1976 1394ohci - ok
06:52:25.0815 1976 [ 1CFFE9C06E66A57DAE1452E449A58240 ] Accelerometer C:\windows\system32\DRIVERS\Accelerometer.sys
06:52:25.0817 1976 Accelerometer - ok
06:52:25.0909 1976 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
06:52:25.0921 1976 ACDaemon - ok
06:52:25.0972 1976 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\windows\system32\DRIVERS\ACPI.sys
06:52:25.0977 1976 ACPI - ok
06:52:26.0010 1976 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\windows\system32\DRIVERS\acpipmi.sys
06:52:26.0011 1976 AcpiPmi - ok
06:52:26.0163 1976 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
06:52:26.0166 1976 AdobeFlashPlayerUpdateSvc - ok
06:52:26.0191 1976 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
06:52:26.0200 1976 adp94xx - ok
06:52:26.0235 1976 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
06:52:26.0240 1976 adpahci - ok
06:52:26.0288 1976 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
06:52:26.0293 1976 adpu320 - ok
06:52:26.0328 1976 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
06:52:26.0330 1976 AeLookupSvc - ok
06:52:26.0479 1976 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
06:52:26.0482 1976 AESTFilters - ok
06:52:26.0533 1976 [ 6CCD1135320109D6B219F1A6E04AD9F6 ] Afc C:\windows\syswow64\drivers\Afc.sys
06:52:26.0535 1976 Afc - ok
06:52:26.0572 1976 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\windows\system32\drivers\afd.sys
06:52:26.0580 1976 AFD - ok
06:52:26.0653 1976 [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem C:\windows\system32\DRIVERS\agrsm64.sys
06:52:26.0686 1976 AgereSoftModem - ok
06:52:26.0751 1976 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\DRIVERS\agp440.sys
06:52:26.0753 1976 agp440 - ok
06:52:26.0781 1976 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
06:52:26.0793 1976 ALG - ok
06:52:26.0820 1976 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\DRIVERS\aliide.sys
06:52:26.0823 1976 aliide - ok
06:52:26.0865 1976 [ 5A06AB7AB4D389DFE3C109599DF0BB65 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
06:52:26.0868 1976 AMD External Events Utility - ok
06:52:26.0885 1976 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\DRIVERS\amdide.sys
06:52:26.0887 1976 amdide - ok
06:52:26.0917 1976 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
06:52:26.0919 1976 AmdK8 - ok
06:52:27.0122 1976 [ 650DDCCD6657E20737433CB774521B81 ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
06:52:27.0276 1976 amdkmdag - ok
06:52:27.0300 1976 [ F51B013C55B30DBE3AD59A7FE197C5BA ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
06:52:27.0304 1976 amdkmdap - ok
06:52:27.0322 1976 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
06:52:27.0324 1976 AmdPPM - ok
06:52:27.0402 1976 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\windows\system32\drivers\amdsata.sys
06:52:27.0405 1976 amdsata - ok
06:52:27.0431 1976 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
06:52:27.0435 1976 amdsbs - ok
06:52:27.0457 1976 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\windows\system32\drivers\amdxata.sys
06:52:27.0458 1976 amdxata - ok
06:52:27.0483 1976 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\windows\system32\drivers\appid.sys
06:52:27.0486 1976 AppID - ok
06:52:27.0532 1976 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
06:52:27.0534 1976 AppIDSvc - ok
06:52:27.0546 1976 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\windows\System32\appinfo.dll
06:52:27.0548 1976 Appinfo - ok
06:52:27.0581 1976 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys
06:52:27.0583 1976 arc - ok
06:52:27.0596 1976 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
06:52:27.0598 1976 arcsas - ok
06:52:27.0635 1976 [ CE2168C926927BA926301BAF172BC693 ] ARCVCAM C:\windows\system32\DRIVERS\ArcSoftVCapture.sys
06:52:27.0636 1976 ARCVCAM - ok
06:52:27.0759 1976 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
06:52:27.0787 1976 aspnet_state - ok
06:52:27.0841 1976 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
06:52:27.0843 1976 AsyncMac - ok
06:52:27.0866 1976 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\DRIVERS\atapi.sys
06:52:27.0867 1976 atapi - ok
06:52:27.0933 1976 [ 2D648572BA9A610952FCAFBA1E119C2D ] AtiHdmiService C:\windows\system32\drivers\AtiHdmi.sys
06:52:27.0935 1976 AtiHdmiService - ok
06:52:27.0980 1976 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
06:52:27.0989 1976 AudioEndpointBuilder - ok
06:52:28.0000 1976 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\windows\System32\Audiosrv.dll
06:52:28.0004 1976 AudioSrv - ok
06:52:28.0057 1976 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\windows\System32\AxInstSV.dll
06:52:28.0060 1976 AxInstSV - ok
06:52:28.0117 1976 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
06:52:28.0125 1976 b06bdrv - ok
06:52:28.0173 1976 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
06:52:28.0179 1976 b57nd60a - ok
06:52:28.0215 1976 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
06:52:28.0218 1976 BDESVC - ok
06:52:28.0237 1976 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
06:52:28.0238 1976 Beep - ok
06:52:28.0288 1976 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\windows\System32\bfe.dll
06:52:28.0298 1976 BFE - ok
06:52:28.0345 1976 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\windows\System32\qmgr.dll
06:52:28.0416 1976 BITS - ok
06:52:28.0448 1976 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
06:52:28.0450 1976 blbdrive - ok
06:52:28.0601 1976 [ 2BBD2AB07D779278114BA6A694972F1A ] Bluetooth Device Manager C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
06:52:28.0694 1976 Bluetooth Device Manager - ok
06:52:28.0732 1976 [ 87D6A02028E47CA696C4294C658E3EE6 ] Bluetooth Media Service C:\Program Files\Motorola\Bluetooth\audiosrv.exe
06:52:28.0751 1976 Bluetooth Media Service - ok
06:52:28.0771 1976 [ 9AF4B2CF2F98CF6157CDFD917AE5785B ] Bluetooth OBEX Service C:\Program Files\Motorola\Bluetooth\obexsrv.exe
06:52:28.0780 1976 Bluetooth OBEX Service - ok
06:52:28.0816 1976 [ 19D20159708E152267E53B66677A4995 ] bowser C:\windows\system32\DRIVERS\bowser.sys
06:52:28.0818 1976 bowser - ok
06:52:28.0863 1976 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
06:52:28.0865 1976 BrFiltLo - ok
06:52:28.0878 1976 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
06:52:28.0879 1976 BrFiltUp - ok
06:52:28.0909 1976 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
06:52:28.0912 1976 BridgeMP - ok
06:52:28.0951 1976 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\windows\System32\browser.dll
06:52:28.0954 1976 Browser - ok
06:52:28.0973 1976 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
06:52:28.0977 1976 Brserid - ok
06:52:28.0998 1976 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
06:52:29.0000 1976 BrSerWdm - ok
06:52:29.0014 1976 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
06:52:29.0016 1976 BrUsbMdm - ok
06:52:29.0027 1976 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
06:52:29.0028 1976 BrUsbSer - ok
06:52:29.0058 1976 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
06:52:29.0060 1976 BthEnum - ok
06:52:29.0078 1976 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
06:52:29.0080 1976 BTHMODEM - ok
06:52:29.0113 1976 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
06:52:29.0116 1976 BthPan - ok
06:52:29.0138 1976 [ E10D1912634974EA273A1588C75CCB76 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
06:52:29.0145 1976 BTHPORT - ok
06:52:29.0200 1976 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
06:52:29.0203 1976 bthserv - ok
06:52:29.0237 1976 [ 19B784B6ECBB3ADBB2242700FEE90BEC ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
06:52:29.0240 1976 BTHUSB - ok
06:52:29.0275 1976 [ E588420B950DAC5AC397F76660BCE520 ] BTMCOM C:\windows\system32\Drivers\btmcom.sys
06:52:29.0277 1976 BTMCOM - ok
06:52:29.0378 1976 [ 4EEF6B894E05FC245640DCEE9190A053 ] BTMUSB C:\windows\system32\Drivers\btmusb.sys
06:52:29.0476 1976 BTMUSB - ok
06:52:29.0550 1976 catchme - ok
06:52:29.0586 1976 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
06:52:29.0588 1976 cdfs - ok
06:52:29.0636 1976 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
06:52:29.0640 1976 cdrom - ok
06:52:29.0683 1976 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\windows\System32\certprop.dll
06:52:29.0686 1976 CertPropSvc - ok
06:52:29.0726 1976 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys
06:52:29.0728 1976 circlass - ok
06:52:29.0762 1976 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
06:52:29.0768 1976 CLFS - ok
06:52:29.0847 1976 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
06:52:29.0850 1976 clr_optimization_v2.0.50727_32 - ok
06:52:29.0885 1976 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
06:52:29.0888 1976 clr_optimization_v2.0.50727_64 - ok
06:52:29.0966 1976 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
06:52:30.0018 1976 clr_optimization_v4.0.30319_32 - ok
06:52:30.0040 1976 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
06:52:30.0045 1976 clr_optimization_v4.0.30319_64 - ok
06:52:30.0086 1976 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
06:52:30.0088 1976 CmBatt - ok
06:52:30.0106 1976 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\DRIVERS\cmdide.sys
06:52:30.0108 1976 cmdide - ok
06:52:30.0171 1976 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\windows\system32\Drivers\cng.sys
06:52:30.0178 1976 CNG - ok
06:52:30.0202 1976 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
06:52:30.0203 1976 Compbatt - ok
06:52:30.0237 1976 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
06:52:30.0239 1976 CompositeBus - ok
06:52:30.0257 1976 COMSysApp - ok
06:52:30.0278 1976 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
06:52:30.0286 1976 crcdisk - ok
06:52:30.0340 1976 [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc C:\windows\system32\cryptsvc.dll
06:52:30.0345 1976 CryptSvc - ok
06:52:30.0380 1976 [ A8BA4DA23AC20BDA23CA15234D42A3FA ] DAMDrv C:\windows\system32\DRIVERS\DAMDrv64.sys
06:52:30.0382 1976 DAMDrv - ok
06:52:30.0433 1976 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\windows\system32\rpcss.dll
06:52:30.0443 1976 DcomLaunch - ok
06:52:30.0518 1976 [ 0FD1090009949C58C86B40DD705D0F5D ] DEBridge c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe
06:52:30.0529 1976 DEBridge - ok
06:52:30.0558 1976 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
06:52:30.0564 1976 defragsvc - ok
06:52:30.0592 1976 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\windows\system32\Drivers\dfsc.sys
06:52:30.0594 1976 DfsC - ok
06:52:30.0618 1976 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\windows\system32\dhcpcore.dll
06:52:30.0624 1976 Dhcp - ok
06:52:30.0652 1976 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
06:52:30.0653 1976 discache - ok
06:52:30.0685 1976 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys
06:52:30.0687 1976 Disk - ok
06:52:30.0722 1976 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\windows\System32\dnsrslvr.dll
06:52:30.0726 1976 Dnscache - ok
06:52:30.0746 1976 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\windows\System32\dot3svc.dll
06:52:30.0750 1976 dot3svc - ok
06:52:30.0808 1976 [ EF8004B4A9552C77FD0E99AB08841D13 ] DpHost c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
06:52:30.0814 1976 DpHost - ok
06:52:30.0835 1976 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\windows\system32\dps.dll
06:52:30.0838 1976 DPS - ok
06:52:30.0862 1976 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
06:52:30.0864 1976 drmkaud - ok
06:52:30.0914 1976 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\windows\system32\DRIVERS\dtsoftbus01.sys
06:52:30.0919 1976 dtsoftbus01 - ok
06:52:30.0964 1976 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
06:52:30.0989 1976 DXGKrnl - ok
06:52:31.0043 1976 [ D00EAE9C735A7DEE8049E50D73D25434 ] eamonm C:\windows\system32\DRIVERS\eamonm.sys
06:52:31.0045 1976 eamonm - ok
06:52:31.0067 1976 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
06:52:31.0070 1976 EapHost - ok
06:52:31.0163 1976 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
06:52:31.0237 1976 ebdrv - ok
06:52:31.0262 1976 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\windows\System32\lsass.exe
06:52:31.0264 1976 EFS - ok
06:52:31.0305 1976 [ E5EDDE3C8158DD0CBC5812F201DCDED0 ] ehdrv C:\windows\system32\DRIVERS\ehdrv.sys
06:52:31.0309 1976 ehdrv - ok
06:52:31.0405 1976 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\windows\ehome\ehRecvr.exe
06:52:31.0416 1976 ehRecvr - ok
06:52:31.0457 1976 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
06:52:31.0461 1976 ehSched - ok
06:52:31.0561 1976 [ AD4FAADE819E0DA9933BEA7C01D2C763 ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
06:52:31.0596 1976 ekrn - ok
06:52:31.0646 1976 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
06:52:31.0655 1976 elxstor - ok
06:52:31.0711 1976 [ 3EBB7FD3C605262B942868A1D840F4F1 ] epfwwfpr C:\windows\system32\DRIVERS\epfwwfpr.sys
06:52:31.0715 1976 epfwwfpr - ok
06:52:31.0742 1976 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\DRIVERS\errdev.sys
06:52:31.0743 1976 ErrDev - ok
06:52:31.0806 1976 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
06:52:31.0813 1976 EventSystem - ok
06:52:31.0852 1976 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
06:52:31.0857 1976 exfat - ok
06:52:31.0886 1976 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
06:52:31.0890 1976 fastfat - ok
06:52:31.0929 1976 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\windows\system32\fxssvc.exe
06:52:31.0940 1976 Fax - ok
06:52:31.0993 1976 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys
06:52:31.0995 1976 fdc - ok
06:52:32.0025 1976 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
06:52:32.0027 1976 fdPHost - ok
06:52:32.0039 1976 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
06:52:32.0041 1976 FDResPub - ok
06:52:32.0054 1976 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
06:52:32.0055 1976 FileInfo - ok
06:52:32.0072 1976 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
06:52:32.0074 1976 Filetrace - ok
06:52:32.0205 1976 [ 7E728680AA428506A82351D859C32C95 ] FLCDLOCK c:\Windows\SysWOW64\flcdlock.exe
06:52:32.0212 1976 FLCDLOCK - ok
06:52:32.0333 1976 [ ACEFEEA621DCA62EFB7A7EEA59F5E91B ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
06:52:32.0365 1976 FLEXnet Licensing Service - ok
06:52:32.0434 1976 [ 52C0312AB35EB7187015FB6A99136BB5 ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
06:52:32.0469 1976 FLEXnet Licensing Service 64 - ok
06:52:32.0497 1976 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
06:52:32.0499 1976 flpydisk - ok
06:52:32.0527 1976 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
06:52:32.0532 1976 FltMgr - ok
06:52:32.0600 1976 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\windows\system32\FntCache.dll
06:52:32.0633 1976 FontCache - ok
06:52:32.0693 1976 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
06:52:32.0695 1976 FontCache3.0.0.0 - ok
06:52:32.0711 1976 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
06:52:32.0713 1976 FsDepends - ok
06:52:32.0762 1976 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
06:52:32.0764 1976 Fs_Rec - ok
06:52:32.0801 1976 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
06:52:32.0804 1976 fvevol - ok
06:52:32.0836 1976 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
06:52:32.0839 1976 gagp30kx - ok
06:52:32.0881 1976 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\windows\System32\gpsvc.dll
06:52:32.0899 1976 gpsvc - ok
06:52:32.0921 1976 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
06:52:32.0923 1976 hcw85cir - ok
06:52:32.0957 1976 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
06:52:32.0962 1976 HdAudAddService - ok
06:52:32.0993 1976 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
06:52:32.0996 1976 HDAudBus - ok
06:52:33.0031 1976 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\windows\system32\DRIVERS\HECIx64.sys
06:52:33.0033 1976 HECIx64 - ok
06:52:33.0044 1976 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
06:52:33.0047 1976 HidBatt - ok
06:52:33.0075 1976 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
06:52:33.0077 1976 HidBth - ok
06:52:33.0096 1976 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
06:52:33.0098 1976 HidIr - ok
06:52:33.0122 1976 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\System32\hidserv.dll
06:52:33.0125 1976 hidserv - ok
06:52:33.0153 1976 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
06:52:33.0155 1976 HidUsb - ok
06:52:33.0186 1976 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\windows\system32\kmsvc.dll
06:52:33.0190 1976 hkmsvc - ok
06:52:33.0203 1976 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\windows\system32\ListSvc.dll
06:52:33.0207 1976 HomeGroupListener - ok
06:52:33.0237 1976 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\windows\system32\provsvc.dll
06:52:33.0241 1976 HomeGroupProvider - ok
06:52:33.0314 1976 [ 3F4ADD4196E2B860019539837BE305F9 ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
06:52:33.0317 1976 HP Health Check Service - ok
06:52:33.0360 1976 [ A094A4096AD7A90E2D790B590D3CBFD4 ] HP Power Assistant Service C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
06:52:33.0363 1976 HP Power Assistant Service - ok
06:52:33.0395 1976 [ AE2A8C80205F06BE5EDC63BE0AE9A756 ] HP ProtectTools Service c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
06:52:33.0403 1976 HP ProtectTools Service - ok
06:52:33.0450 1976 [ 58CC11D14D88EF70EF7ABBC75B5EEBD8 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
06:52:33.0454 1976 HP Wireless Assistant Service - ok
06:52:33.0506 1976 [ 94C74D758E0F7B1D962DA452B4D28C91 ] HPDayStarterService c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
06:52:33.0508 1976 HPDayStarterService - ok
06:52:33.0565 1976 [ 881F74074963CDAD8C475D09DC3A0BB6 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
06:52:33.0567 1976 HPDrvMntSvc.exe - ok
06:52:33.0595 1976 [ 05712FDDBD45A5864EB326FAABC6A4E3 ] hpdskflt C:\windows\system32\DRIVERS\hpdskflt.sys
06:52:33.0596 1976 hpdskflt - ok
06:52:33.0640 1976 [ 393383FE7F577B4A111B44445716FCB3 ] HpFkCryptService c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
06:52:33.0645 1976 HpFkCryptService - ok
06:52:33.0703 1976 [ C9D858E20AE696E7A0D9A05B595F850A ] HPFSService C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
06:52:33.0708 1976 HPFSService - ok
06:52:33.0780 1976 [ 4D94F4D7782657E79EB1352570B563DB ] hpHotkeyMonitor C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
06:52:33.0785 1976 hpHotkeyMonitor - ok
06:52:33.0816 1976 [ B98EE5D4535A685634B90F7E04DE0DF7 ] HpqKbFiltr C:\windows\system32\DRIVERS\HpqKbFiltr.sys
06:52:33.0818 1976 HpqKbFiltr - ok
06:52:33.0856 1976 [ FE51B163A618B1CBF015485D21C1BC68 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
06:52:33.0866 1976 hpqwmiex - ok
06:52:33.0910 1976 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\windows\system32\DRIVERS\HpSAMD.sys
06:52:33.0913 1976 HpSAMD - ok
06:52:33.0947 1976 [ AA036CC5F5221D9B915F4D4DCE74BA9A ] hpsrv C:\windows\system32\Hpservice.exe
06:52:33.0949 1976 hpsrv - ok
06:52:34.0000 1976 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\windows\system32\drivers\HTTP.sys
06:52:34.0011 1976 HTTP - ok
06:52:34.0022 1976 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
06:52:34.0023 1976 hwpolicy - ok
06:52:34.0052 1976 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
06:52:34.0055 1976 i8042prt - ok
06:52:34.0084 1976 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
06:52:34.0089 1976 iaStor - ok
06:52:34.0180 1976 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
06:52:34.0181 1976 IAStorDataMgrSvc - ok
06:52:34.0239 1976 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\windows\system32\drivers\iaStorV.sys
06:52:34.0246 1976 iaStorV - ok
06:52:34.0302 1976 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
06:52:34.0334 1976 idsvc - ok
06:52:34.0364 1976 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
06:52:34.0366 1976 iirsp - ok
06:52:34.0406 1976 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\windows\System32\ikeext.dll
06:52:34.0422 1976 IKEEXT - ok
06:52:34.0458 1976 [ 4B6363CD4610BB848531BB260B15DFCC ] Impcd C:\windows\system32\DRIVERS\Impcd.sys
06:52:34.0463 1976 Impcd - ok
06:52:34.0535 1976 [ CAA8BC6737DFA3BF1A50175CFB226788 ] InputFilter_Hid_FlexDef2b C:\windows\system32\DRIVERS\InputFilter_FlexDef2b.sys
06:52:34.0537 1976 InputFilter_Hid_FlexDef2b - ok
06:52:34.0560 1976 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\DRIVERS\intelide.sys
06:52:34.0562 1976 intelide - ok
06:52:34.0587 1976 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
06:52:34.0590 1976 intelppm - ok
06:52:34.0610 1976 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
06:52:34.0613 1976 IPBusEnum - ok
06:52:34.0637 1976 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
06:52:34.0640 1976 IpFilterDriver - ok
06:52:34.0679 1976 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
06:52:34.0688 1976 iphlpsvc - ok
06:52:34.0714 1976 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\windows\system32\DRIVERS\IPMIDrv.sys
06:52:34.0717 1976 IPMIDRV - ok
06:52:34.0737 1976 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
06:52:34.0740 1976 IPNAT - ok
06:52:34.0771 1976 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
06:52:34.0774 1976 IRENUM - ok
06:52:34.0795 1976 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\DRIVERS\isapnp.sys
06:52:34.0798 1976 isapnp - ok
06:52:34.0823 1976 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\windows\system32\DRIVERS\msiscsi.sys
06:52:34.0827 1976 iScsiPrt - ok
06:52:34.0860 1976 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
06:52:34.0863 1976 kbdclass - ok
06:52:34.0890 1976 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
06:52:34.0892 1976 kbdhid - ok
06:52:34.0898 1976 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\windows\system32\lsass.exe
06:52:34.0900 1976 KeyIso - ok
06:52:34.0943 1976 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
06:52:34.0945 1976 KSecDD - ok
06:52:34.0962 1976 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
06:52:34.0965 1976 KSecPkg - ok
06:52:34.0985 1976 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
06:52:34.0987 1976 ksthunk - ok
06:52:35.0027 1976 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
06:52:35.0033 1976 KtmRm - ok
06:52:35.0067 1976 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\windows\System32\srvsvc.dll
06:52:35.0072 1976 LanmanServer - ok
06:52:35.0104 1976 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
06:52:35.0108 1976 LanmanWorkstation - ok
06:52:35.0172 1976 [ 83D8BE94E1CBCBE2EA8372DB1A95A159 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
06:52:35.0173 1976 LightScribeService - ok
06:52:35.0224 1976 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
06:52:35.0226 1976 lltdio - ok
06:52:35.0258 1976 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
06:52:35.0264 1976 lltdsvc - ok
06:52:35.0279 1976 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
06:52:35.0281 1976 lmhosts - ok
06:52:35.0341 1976 [ BB4E55778D8DE3885E1CDAC795DE7BCE ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
06:52:35.0346 1976 LMS - ok
06:52:35.0380 1976 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
06:52:35.0383 1976 LSI_FC - ok
06:52:35.0420 1976 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
06:52:35.0423 1976 LSI_SAS - ok
06:52:35.0437 1976 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
06:52:35.0440 1976 LSI_SAS2 - ok
06:52:35.0459 1976 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
06:52:35.0463 1976 LSI_SCSI - ok
06:52:35.0493 1976 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
06:52:35.0495 1976 luafv - ok
06:52:35.0550 1976 [ 024DA28053D57E9E32BEE52600576BBB ] MarvinBus C:\windows\system32\DRIVERS\MarvinBus64.sys
06:52:35.0556 1976 MarvinBus - ok
06:52:35.0599 1976 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
06:52:35.0603 1976 Mcx2Svc - ok
06:52:35.0628 1976 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
06:52:35.0631 1976 megasas - ok
06:52:35.0651 1976 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
06:52:35.0656 1976 MegaSR - ok
06:52:35.0679 1976 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
06:52:35.0681 1976 MMCSS - ok
06:52:35.0708 1976 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
06:52:35.0710 1976 Modem - ok
06:52:35.0737 1976 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
06:52:35.0737 1976 monitor - ok
06:52:35.0748 1976 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
06:52:35.0750 1976 mouclass - ok
06:52:35.0774 1976 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
06:52:35.0776 1976 mouhid - ok
06:52:35.0793 1976 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\windows\system32\drivers\mountmgr.sys
06:52:35.0794 1976 mountmgr - ok
06:52:35.0846 1976 [ 730A519505621DF46BCBF9CDAC9FB6AD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
06:52:35.0853 1976 MozillaMaintenance - ok
06:52:35.0872 1976 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\windows\system32\DRIVERS\mpio.sys
06:52:35.0876 1976 mpio - ok
06:52:35.0890 1976 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
06:52:35.0893 1976 mpsdrv - ok
06:52:35.0929 1976 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\windows\system32\mpssvc.dll
06:52:35.0944 1976 MpsSvc - ok
06:52:36.0000 1976 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
06:52:36.0004 1976 MRxDAV - ok
06:52:36.0036 1976 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
06:52:36.0039 1976 mrxsmb - ok
06:52:36.0062 1976 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
06:52:36.0067 1976 mrxsmb10 - ok
06:52:36.0080 1976 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
06:52:36.0083 1976 mrxsmb20 - ok
06:52:36.0134 1976 [ 5E939CF91EA4A841DBAFE4627E0292BB ] msahci C:\windows\system32\DRIVERS\msahci.sys
06:52:36.0136 1976 msahci - ok
06:52:36.0143 1976 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\windows\system32\DRIVERS\msdsm.sys
06:52:36.0148 1976 msdsm - ok
06:52:36.0192 1976 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
06:52:36.0195 1976 MSDTC - ok
06:52:36.0210 1976 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
06:52:36.0211 1976 Msfs - ok
06:52:36.0241 1976 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
06:52:36.0243 1976 mshidkmdf - ok
06:52:36.0255 1976 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\DRIVERS\msisadrv.sys
06:52:36.0256 1976 msisadrv - ok
06:52:36.0290 1976 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
06:52:36.0294 1976 MSiSCSI - ok
06:52:36.0300 1976 msiserver - ok
06:52:36.0338 1976 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
06:52:36.0340 1976 MSKSSRV - ok
06:52:36.0361 1976 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
06:52:36.0363 1976 MSPCLOCK - ok
06:52:36.0384 1976 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
06:52:36.0386 1976 MSPQM - ok
06:52:36.0403 1976 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
06:52:36.0409 1976 MsRPC - ok
06:52:36.0422 1976 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
06:52:36.0425 1976 mssmbios - ok
06:52:36.0447 1976 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
06:52:36.0449 1976 MSTEE - ok
06:52:36.0467 1976 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
06:52:36.0469 1976 MTConfig - ok
06:52:36.0486 1976 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
06:52:36.0487 1976 Mup - ok
06:52:36.0528 1976 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\windows\system32\qagentRT.dll
06:52:36.0537 1976 napagent - ok
06:52:36.0569 1976 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
06:52:36.0575 1976 NativeWifiP - ok
06:52:36.0609 1976 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\windows\system32\drivers\ndis.sys
06:52:36.0634 1976 NDIS - ok
06:52:36.0659 1976 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
06:52:36.0661 1976 NdisCap - ok
06:52:36.0691 1976 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
06:52:36.0693 1976 NdisTapi - ok
06:52:36.0703 1976 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
06:52:36.0705 1976 Ndisuio - ok
06:52:36.0718 1976 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
06:52:36.0722 1976 NdisWan - ok
06:52:36.0732 1976 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\windows\system32\drivers\NDProxy.sys
06:52:36.0735 1976 NDProxy - ok
06:52:36.0748 1976 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
06:52:36.0749 1976 NetBIOS - ok
06:52:36.0767 1976 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\windows\system32\DRIVERS\netbt.sys
06:52:36.0772 1976 NetBT - ok
06:52:36.0783 1976 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\windows\system32\lsass.exe
06:52:36.0785 1976 Netlogon - ok
06:52:36.0829 1976 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
06:52:36.0836 1976 Netman - ok
06:52:36.0907 1976 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:52:36.0911 1976 NetMsmqActivator - ok
06:52:36.0919 1976 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:52:36.0921 1976 NetPipeActivator - ok
06:52:36.0948 1976 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
06:52:36.0956 1976 netprofm - ok
06:52:37.0009 1976 [ B964D4C524A80ABA22DB16FC1EDED0A9 ] netr28x C:\windows\system32\DRIVERS\netr28x.sys
06:52:37.0039 1976 netr28x - ok
06:52:37.0045 1976 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:52:37.0047 1976 NetTcpActivator - ok
06:52:37.0053 1976 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
06:52:37.0055 1976 NetTcpPortSharing - ok
06:52:37.0095 1976 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
06:52:37.0098 1976 nfrd960 - ok
06:52:37.0147 1976 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\windows\System32\nlasvc.dll
06:52:37.0154 1976 NlaSvc - ok
06:52:37.0166 1976 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
06:52:37.0167 1976 Npfs - ok
06:52:37.0184 1976 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
06:52:37.0186 1976 nsi - ok
06:52:37.0198 1976 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
06:52:37.0199 1976 nsiproxy - ok
06:52:37.0282 1976 [ 184C189D4FC416978550FC599BB4EDDA ] Ntfs C:\windows\system32\drivers\Ntfs.sys
06:52:37.0327 1976 Ntfs - ok
06:52:37.0345 1976 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
06:52:37.0347 1976 Null - ok
06:52:37.0372 1976 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\windows\system32\drivers\nvraid.sys
06:52:37.0375 1976 nvraid - ok
06:52:37.0413 1976 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\windows\system32\drivers\nvstor.sys
06:52:37.0416 1976 nvstor - ok
06:52:37.0447 1976 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\DRIVERS\nv_agp.sys
06:52:37.0450 1976 nv_agp - ok
06:52:37.0558 1976 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
06:52:37.0566 1976 odserv - ok
06:52:37.0610 1976 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\DRIVERS\ohci1394.sys
06:52:37.0613 1976 ohci1394 - ok
06:52:37.0641 1976 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
06:52:37.0646 1976 ose - ok
06:52:37.0685 1976 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
06:52:37.0692 1976 p2pimsvc - ok
06:52:37.0727 1976 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
06:52:37.0735 1976 p2psvc - ok
06:52:37.0810 1976 [ 20BD38241EDD66D8FDC9E3496A1762A3 ] PanService C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
06:52:37.0819 1976 PanService - ok
06:52:37.0859 1976 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
06:52:37.0862 1976 Parport - ok
06:52:37.0900 1976 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\windows\system32\drivers\partmgr.sys
06:52:37.0902 1976 partmgr - ok
06:52:37.0914 1976 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
06:52:37.0920 1976 PcaSvc - ok
06:52:37.0939 1976 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\windows\system32\DRIVERS\pci.sys
06:52:37.0943 1976 pci - ok
06:52:37.0964 1976 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
06:52:37.0980 1976 pciide - ok
06:52:38.0001 1976 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
06:52:38.0006 1976 pcmcia - ok
06:52:38.0029 1976 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
06:52:38.0031 1976 pcw - ok
06:52:38.0059 1976 pdfcDispatcher - ok
06:52:38.0085 1976 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
06:52:38.0095 1976 PEAUTH - ok
06:52:38.0198 1976 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
06:52:38.0202 1976 PerfHost - ok
06:52:38.0274 1976 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\windows\system32\pla.dll
06:52:38.0307 1976 pla - ok
06:52:38.0347 1976 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\windows\system32\umpnpmgr.dll
06:52:38.0354 1976 PlugPlay - ok
06:52:38.0366 1976 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
06:52:38.0369 1976 PNRPAutoReg - ok
06:52:38.0384 1976 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
06:52:38.0388 1976 PNRPsvc - ok
06:52:38.0419 1976 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
06:52:38.0427 1976 PolicyAgent - ok
06:52:38.0452 1976 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
06:52:38.0457 1976 Power - ok
06:52:38.0497 1976 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
06:52:38.0499 1976 PptpMiniport - ok
06:52:38.0522 1976 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys
06:52:38.0524 1976 Processor - ok
06:52:38.0574 1976 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\windows\system32\profsvc.dll
06:52:38.0580 1976 ProfSvc - ok
06:52:38.0594 1976 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\windows\system32\lsass.exe
06:52:38.0596 1976 ProtectedStorage - ok
06:52:38.0635 1976 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\windows\system32\DRIVERS\pacer.sys
06:52:38.0637 1976 Psched - ok
06:52:38.0675 1976 [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
06:52:38.0677 1976 PSI_SVC_2 - ok
06:52:38.0726 1976 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
06:52:38.0770 1976 ql2300 - ok
06:52:38.0788 1976 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
06:52:38.0791 1976 ql40xx - ok
06:52:38.0818 1976 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
06:52:38.0824 1976 QWAVE - ok
06:52:38.0841 1976 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
06:52:38.0843 1976 QWAVEdrv - ok
06:52:38.0855 1976 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
06:52:38.0858 1976 RasAcd - ok
06:52:38.0909 1976 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
06:52:38.0911 1976 RasAgileVpn - ok
06:52:38.0924 1976 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
06:52:38.0929 1976 RasAuto - ok
06:52:38.0948 1976 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
06:52:38.0952 1976 Rasl2tp - ok
06:52:38.0992 1976 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\windows\System32\rasmans.dll
06:52:38.0999 1976 RasMan - ok

[Fucza]

pokračování...

06:52:39.0013 1976 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
06:52:39.0016 1976 RasPppoe - ok
06:52:39.0031 1976 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
06:52:39.0034 1976 RasSstp - ok
06:52:39.0058 1976 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
06:52:39.0063 1976 rdbss - ok
06:52:39.0089 1976 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
06:52:39.0091 1976 rdpbus - ok
06:52:39.0111 1976 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
06:52:39.0112 1976 RDPCDD - ok
06:52:39.0137 1976 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
06:52:39.0138 1976 RDPENCDD - ok
06:52:39.0158 1976 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
06:52:39.0159 1976 RDPREFMP - ok
06:52:39.0197 1976 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
06:52:39.0201 1976 RDPWD - ok
06:52:39.0225 1976 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\windows\system32\drivers\rdyboost.sys
06:52:39.0228 1976 rdyboost - ok
06:52:39.0255 1976 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
06:52:39.0258 1976 RemoteAccess - ok
06:52:39.0287 1976 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
06:52:39.0292 1976 RemoteRegistry - ok
06:52:39.0338 1976 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
06:52:39.0341 1976 RFCOMM - ok
06:52:39.0360 1976 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
06:52:39.0363 1976 RpcEptMapper - ok
06:52:39.0396 1976 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
06:52:39.0399 1976 RpcLocator - ok
06:52:39.0421 1976 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\windows\system32\rpcss.dll
06:52:39.0426 1976 RpcSs - ok
06:52:39.0465 1976 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
06:52:39.0468 1976 rspndr - ok
06:52:39.0519 1976 [ 30F463768D5143BFD7B2DF822B53CF4D ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
06:52:39.0523 1976 RSUSBSTOR - ok
06:52:39.0534 1976 [ ECBAB4CD65CBEDBE26EC6838E4FB7C1C ] RsvLock C:\windows\system32\drivers\RsvLock.sys
06:52:39.0554 1976 RsvLock - ok
06:52:39.0610 1976 [ FD978B2BF8A9B2390DCBEF435E9C1F9F ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
06:52:39.0614 1976 RTL8167 - ok
06:52:39.0645 1976 [ 317A99735C3A26C5CD60AB59E5E7E4E2 ] SafeBoot C:\windows\system32\drivers\SafeBoot.sys
06:52:39.0646 1976 Suspicious file (NoAccess): C:\windows\system32\drivers\SafeBoot.sys. md5: 317A99735C3A26C5CD60AB59E5E7E4E2
06:52:39.0646 1976 SafeBoot ( LockedFile.Multi.Generic ) - warning
06:52:39.0647 1976 SafeBoot - detected LockedFile.Multi.Generic (1)
06:52:39.0661 1976 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\windows\system32\lsass.exe
06:52:39.0662 1976 SamSs - ok
06:52:39.0676 1976 [ FD8714A36C4646DE22DDC7E36F6D09EF ] SbAlg C:\windows\system32\drivers\SbAlg.sys
06:52:39.0677 1976 SbAlg - ok
06:52:39.0686 1976 [ FCAA034231E58B0DE64D0A7904015535 ] SbFsLock C:\windows\system32\drivers\SbFsLock.sys
06:52:39.0688 1976 SbFsLock - ok
06:52:39.0704 1976 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\windows\system32\DRIVERS\sbp2port.sys
06:52:39.0707 1976 sbp2port - ok
06:52:39.0748 1976 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
06:52:39.0754 1976 SCardSvr - ok
06:52:39.0773 1976 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
06:52:39.0776 1976 scfilter - ok
06:52:39.0828 1976 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\windows\system32\schedsvc.dll
06:52:39.0862 1976 Schedule - ok
06:52:39.0894 1976 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\windows\System32\certprop.dll
06:52:39.0895 1976 SCPolicySvc - ok
06:52:39.0922 1976 [ 54E47AD086782D3AE9417C155CDCEB9B ] sdbus C:\windows\system32\DRIVERS\sdbus.sys
06:52:39.0925 1976 sdbus - ok
06:52:39.0952 1976 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\windows\System32\SDRSVC.dll
06:52:39.0958 1976 SDRSVC - ok
06:52:39.0985 1976 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
06:52:39.0987 1976 secdrv - ok
06:52:39.0996 1976 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\windows\system32\seclogon.dll
06:52:40.0000 1976 seclogon - ok
06:52:40.0031 1976 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\system32\sens.dll
06:52:40.0035 1976 SENS - ok
06:52:40.0061 1976 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
06:52:40.0064 1976 SensrSvc - ok
06:52:40.0081 1976 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
06:52:40.0084 1976 Serenum - ok
06:52:40.0101 1976 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
06:52:40.0104 1976 Serial - ok
06:52:40.0129 1976 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
06:52:40.0131 1976 sermouse - ok
06:52:40.0155 1976 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\windows\system32\sessenv.dll
06:52:40.0159 1976 SessionEnv - ok
06:52:40.0178 1976 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\DRIVERS\sffdisk.sys
06:52:40.0180 1976 sffdisk - ok
06:52:40.0191 1976 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\DRIVERS\sffp_mmc.sys
06:52:40.0192 1976 sffp_mmc - ok
06:52:40.0207 1976 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\windows\system32\DRIVERS\sffp_sd.sys
06:52:40.0209 1976 sffp_sd - ok
06:52:40.0223 1976 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
06:52:40.0225 1976 sfloppy - ok
06:52:40.0256 1976 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
06:52:40.0262 1976 SharedAccess - ok
06:52:40.0281 1976 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\windows\System32\shsvcs.dll
06:52:40.0288 1976 ShellHWDetection - ok
06:52:40.0309 1976 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
06:52:40.0311 1976 SiSRaid2 - ok
06:52:40.0335 1976 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
06:52:40.0337 1976 SiSRaid4 - ok
06:52:40.0443 1976 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
06:52:40.0446 1976 SkypeUpdate - ok
06:52:40.0471 1976 [ D335450B591CA26F421D7F975399DDC3 ] SMARTMouseFilterx64 C:\windows\system32\DRIVERS\SMARTMouseFilterx64.sys
06:52:40.0473 1976 SMARTMouseFilterx64 - ok
06:52:40.0508 1976 [ CE70BFC09969B480627D0ED8DD7B3943 ] SMARTVHidMiniVistaAmd64 C:\windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys
06:52:40.0510 1976 SMARTVHidMiniVistaAmd64 - ok
06:52:40.0537 1976 [ 9EB228E604FA70636E5A3C7C2A2FE304 ] SMARTVTabletPCx64 C:\windows\system32\DRIVERS\SMARTVTabletPCx64.sys
06:52:40.0539 1976 SMARTVTabletPCx64 - ok
06:52:40.0567 1976 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
06:52:40.0570 1976 Smb - ok
06:52:40.0617 1976 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
06:52:40.0621 1976 SNMPTRAP - ok
06:52:40.0681 1976 [ 6FC63B4B19FB809336034D5C5C4D2BC0 ] SNP2UVC C:\windows\system32\DRIVERS\snp2uvc.sys
06:52:40.0727 1976 SNP2UVC - ok
06:52:40.0741 1976 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
06:52:40.0742 1976 spldr - ok
06:52:40.0790 1976 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\windows\System32\spoolsv.exe
06:52:40.0798 1976 Spooler - ok
06:52:40.0866 1976 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\windows\system32\sppsvc.exe
06:52:40.0947 1976 sppsvc - ok
06:52:40.0970 1976 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
06:52:40.0975 1976 sppuinotify - ok
06:52:41.0004 1976 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\windows\system32\DRIVERS\srv.sys
06:52:41.0010 1976 srv - ok
06:52:41.0032 1976 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
06:52:41.0037 1976 srv2 - ok
06:52:41.0074 1976 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
06:52:41.0076 1976 srvnet - ok
06:52:41.0100 1976 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
06:52:41.0105 1976 SSDPSRV - ok
06:52:41.0117 1976 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
06:52:41.0121 1976 SstpSvc - ok
06:52:41.0270 1976 [ E455F5FE92EDC3CAD3F2963C5CCA47E6 ] STacSV C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe
06:52:41.0274 1976 STacSV - ok
06:52:41.0309 1976 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
06:52:41.0311 1976 stexstor - ok
06:52:41.0358 1976 [ 4A9D087C9A97071B9D06DB38567DA906 ] STHDA C:\windows\system32\DRIVERS\stwrt64.sys
06:52:41.0366 1976 STHDA - ok
06:52:41.0432 1976 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\windows\System32\wiaservc.dll
06:52:41.0454 1976 stisvc - ok
06:52:41.0484 1976 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
06:52:41.0486 1976 swenum - ok
06:52:41.0510 1976 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
06:52:41.0520 1976 swprv - ok
06:52:41.0604 1976 [ D268D2A0DB2A2BBE963E688D0B039267 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
06:52:41.0639 1976 SynTP - ok
06:52:41.0689 1976 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\windows\system32\sysmain.dll
06:52:41.0735 1976 SysMain - ok
06:52:41.0752 1976 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\windows\System32\TabSvc.dll
06:52:41.0756 1976 TabletInputService - ok
06:52:41.0773 1976 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\windows\System32\tapisrv.dll
06:52:41.0779 1976 TapiSrv - ok
06:52:41.0797 1976 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
06:52:41.0801 1976 TBS - ok
06:52:41.0873 1976 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\windows\system32\drivers\tcpip.sys
06:52:41.0916 1976 Tcpip - ok
06:52:41.0949 1976 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
06:52:41.0959 1976 TCPIP6 - ok
06:52:41.0983 1976 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
06:52:41.0985 1976 tcpipreg - ok
06:52:41.0999 1976 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
06:52:42.0000 1976 TDPIPE - ok
06:52:42.0037 1976 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
06:52:42.0039 1976 TDTCP - ok
06:52:42.0071 1976 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\windows\system32\DRIVERS\tdx.sys
06:52:42.0074 1976 tdx - ok
06:52:42.0208 1976 [ 9F3E7CABE86BBDECA009DE291DB6D9E2 ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
06:52:42.0227 1976 TeamViewer8 - ok
06:52:42.0243 1976 [ C448651339196C0E869A355171875522 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
06:52:42.0245 1976 TermDD - ok
06:52:42.0289 1976 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\windows\System32\termsrv.dll
06:52:42.0299 1976 TermService - ok
06:52:42.0315 1976 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
06:52:42.0318 1976 Themes - ok
06:52:42.0357 1976 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
06:52:42.0359 1976 THREADORDER - ok
06:52:42.0400 1976 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\windows\system32\drivers\tpm.sys
06:52:42.0403 1976 TPM - ok
06:52:42.0429 1976 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
06:52:42.0432 1976 TrkWks - ok
06:52:42.0483 1976 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
06:52:42.0488 1976 TrustedInstaller - ok
06:52:42.0506 1976 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
06:52:42.0509 1976 tssecsrv - ok
06:52:42.0549 1976 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
06:52:42.0553 1976 tunnel - ok
06:52:42.0572 1976 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
06:52:42.0575 1976 uagp35 - ok
06:52:42.0611 1976 [ 9EEA84226ED2A028BC3FDFDDE03FE95C ] uArcCapture C:\windows\system\uArcCapture.exe
06:52:42.0618 1976 uArcCapture - ok
06:52:42.0643 1976 [ C06E6F4679CEB8F430B90A51D76D8D3C ] udfs C:\windows\system32\DRIVERS\udfs.sys
06:52:42.0649 1976 udfs - ok
06:52:42.0687 1976 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
06:52:42.0691 1976 UI0Detect - ok
06:52:42.0719 1976 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\DRIVERS\uliagpkx.sys
06:52:42.0731 1976 uliagpkx - ok
06:52:42.0756 1976 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\windows\system32\DRIVERS\umbus.sys
06:52:42.0759 1976 umbus - ok
06:52:42.0778 1976 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
06:52:42.0780 1976 UmPass - ok
06:52:42.0915 1976 [ 44AA8D5D3B3B5610FEF46CA8A9C52D8C ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
06:52:42.0971 1976 UNS - ok
06:52:42.0990 1976 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
06:52:42.0996 1976 upnphost - ok
06:52:43.0036 1976 [ 77B01BC848298223A95D4EC23E1785A1 ] usbaudio C:\windows\system32\drivers\usbaudio.sys
06:52:43.0055 1976 usbaudio - ok
06:52:43.0093 1976 [ 537A4E03D7103C12D42DFD8FFDB5BDC9 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
06:52:43.0096 1976 usbccgp - ok
06:52:43.0147 1976 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\DRIVERS\usbcir.sys
06:52:43.0150 1976 usbcir - ok
06:52:43.0165 1976 [ FBB21EBE49F6D560DB37AC25FBC68E66 ] usbehci C:\windows\system32\drivers\usbehci.sys
06:52:43.0168 1976 usbehci - ok
06:52:43.0195 1976 [ 6B7A8A99C4A459E73C286A6763EA24CC ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
06:52:43.0201 1976 usbhub - ok
06:52:43.0247 1976 [ 8C88AA7617B4CBC2E4BED61D26B33A27 ] usbohci C:\windows\system32\drivers\usbohci.sys
06:52:43.0250 1976 usbohci - ok
06:52:43.0266 1976 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
06:52:43.0269 1976 usbprint - ok
06:52:43.0309 1976 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
06:52:43.0312 1976 USBSTOR - ok
06:52:43.0340 1976 [ 0B5B3B2DF3FD1709618ACFA50B8392B0 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
06:52:43.0343 1976 usbuhci - ok
06:52:43.0407 1976 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
06:52:43.0411 1976 usbvideo - ok
06:52:43.0440 1976 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
06:52:43.0442 1976 UxSms - ok
06:52:43.0461 1976 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\windows\system32\lsass.exe
06:52:43.0462 1976 VaultSvc - ok
06:52:43.0519 1976 [ F81A2648BFF893C8EFD9897811B14263 ] vcsFPService C:\windows\system32\vcsFPService.exe
06:52:43.0582 1976 vcsFPService - ok
06:52:43.0642 1976 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\DRIVERS\vdrvroot.sys
06:52:43.0644 1976 vdrvroot - ok
06:52:43.0666 1976 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\windows\System32\vds.exe
06:52:43.0677 1976 vds - ok
06:52:43.0690 1976 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
06:52:43.0692 1976 vga - ok
06:52:43.0705 1976 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
06:52:43.0707 1976 VgaSave - ok
06:52:43.0728 1976 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\windows\system32\DRIVERS\vhdmp.sys
06:52:43.0732 1976 vhdmp - ok
06:52:43.0751 1976 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\DRIVERS\viaide.sys
06:52:43.0753 1976 viaide - ok
06:52:43.0767 1976 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\windows\system32\DRIVERS\volmgr.sys
06:52:43.0769 1976 volmgr - ok
06:52:43.0790 1976 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\windows\system32\drivers\volmgrx.sys
06:52:43.0797 1976 volmgrx - ok
06:52:43.0829 1976 [ 9E425AC5C9A5A973273D169F43B4F5E1 ] volsnap C:\windows\system32\drivers\volsnap.sys
06:52:43.0833 1976 volsnap - ok
06:52:43.0872 1976 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
06:52:43.0876 1976 vsmraid - ok
06:52:43.0948 1976 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\windows\system32\vssvc.exe
06:52:43.0991 1976 VSS - ok
06:52:44.0010 1976 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
06:52:44.0012 1976 vwifibus - ok
06:52:44.0044 1976 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
06:52:44.0046 1976 vwififlt - ok
06:52:44.0072 1976 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
06:52:44.0081 1976 W32Time - ok
06:52:44.0100 1976 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
06:52:44.0103 1976 WacomPen - ok
06:52:44.0140 1976 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
06:52:44.0143 1976 WANARP - ok
06:52:44.0151 1976 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
06:52:44.0152 1976 Wanarpv6 - ok
06:52:44.0249 1976 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
06:52:44.0281 1976 WatAdminSvc - ok
06:52:44.0338 1976 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\windows\system32\wbengine.exe
06:52:44.0381 1976 wbengine - ok
06:52:44.0396 1976 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
06:52:44.0401 1976 WbioSrvc - ok
06:52:44.0449 1976 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\windows\System32\wcncsvc.dll
06:52:44.0456 1976 wcncsvc - ok
06:52:44.0469 1976 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
06:52:44.0475 1976 WcsPlugInService - ok
06:52:44.0518 1976 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys
06:52:44.0520 1976 Wd - ok
06:52:44.0568 1976 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
06:52:44.0578 1976 Wdf01000 - ok
06:52:44.0594 1976 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
06:52:44.0598 1976 WdiServiceHost - ok
06:52:44.0604 1976 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
06:52:44.0607 1976 WdiSystemHost - ok
06:52:44.0639 1976 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\windows\System32\webclnt.dll
06:52:44.0645 1976 WebClient - ok
06:52:44.0666 1976 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
06:52:44.0672 1976 Wecsvc - ok
06:52:44.0693 1976 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
06:52:44.0697 1976 wercplsupport - ok
06:52:44.0723 1976 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
06:52:44.0727 1976 WerSvc - ok
06:52:44.0768 1976 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
06:52:44.0770 1976 WfpLwf - ok
06:52:44.0785 1976 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
06:52:44.0787 1976 WIMMount - ok
06:52:44.0808 1976 WinDefend - ok
06:52:44.0816 1976 WinHttpAutoProxySvc - ok
06:52:44.0897 1976 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
06:52:44.0917 1976 Winmgmt - ok
06:52:44.0994 1976 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\windows\system32\WsmSvc.dll
06:52:45.0062 1976 WinRM - ok
06:52:45.0145 1976 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
06:52:45.0179 1976 Wlansvc - ok
06:52:45.0324 1976 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
06:52:45.0371 1976 wlidsvc - ok
06:52:45.0432 1976 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
06:52:45.0434 1976 WmiAcpi - ok
06:52:45.0466 1976 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
06:52:45.0471 1976 wmiApSrv - ok
06:52:45.0504 1976 WMPNetworkSvc - ok
06:52:45.0562 1976 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
06:52:45.0565 1976 WPCSvc - ok
06:52:45.0584 1976 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
06:52:45.0588 1976 WPDBusEnum - ok
06:52:45.0598 1976 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
06:52:45.0599 1976 ws2ifsl - ok
06:52:45.0626 1976 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\windows\system32\wscsvc.dll
06:52:45.0629 1976 wscsvc - ok
06:52:45.0634 1976 WSearch - ok
06:52:45.0703 1976 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
06:52:45.0769 1976 wuauserv - ok
06:52:45.0820 1976 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
06:52:45.0823 1976 WudfPf - ok
06:52:45.0876 1976 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
06:52:45.0880 1976 WUDFRd - ok
06:52:45.0912 1976 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
06:52:45.0916 1976 wudfsvc - ok
06:52:45.0953 1976 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
06:52:45.0959 1976 WwanSvc - ok
06:52:45.0982 1976 ================ Scan global ===============================
06:52:46.0003 1976 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
06:52:46.0041 1976 [ C4C551E6AB333C0EB812A3A4672E89DB ] C:\windows\system32\winsrv.dll
06:52:46.0051 1976 [ C4C551E6AB333C0EB812A3A4672E89DB ] C:\windows\system32\winsrv.dll
06:52:46.0074 1976 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
06:52:46.0110 1976 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
06:52:46.0116 1976 [Global] - ok
06:52:46.0116 1976 ================ Scan MBR ==================================
06:52:46.0138 1976 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
06:52:46.0463 1976 \Device\Harddisk0\DR0 - ok
06:52:46.0470 1976 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
06:52:46.0511 1976 \Device\Harddisk1\DR1 - ok
06:52:46.0511 1976 ================ Scan VBR ==================================
06:52:46.0514 1976 [ FF6BE3BAF4E916BC3C0B45BE3137804C ] \Device\Harddisk0\DR0\Partition1
06:52:46.0516 1976 \Device\Harddisk0\DR0\Partition1 - ok
06:52:46.0545 1976 [ F48279816828875441023E35F9E4C801 ] \Device\Harddisk0\DR0\Partition2
06:52:46.0547 1976 \Device\Harddisk0\DR0\Partition2 - ok
06:52:46.0580 1976 [ 6EE6EA6814C12492CC2E2C0ADC462D81 ] \Device\Harddisk0\DR0\Partition3
06:52:46.0582 1976 \Device\Harddisk0\DR0\Partition3 - ok
06:52:46.0606 1976 [ 409179BB40E246FC56EC33A968B1943B ] \Device\Harddisk0\DR0\Partition4
06:52:46.0607 1976 \Device\Harddisk0\DR0\Partition4 - ok
06:52:46.0612 1976 [ 980B3EF8D5EF69258423F565AB2D38FC ] \Device\Harddisk1\DR1\Partition1
06:52:46.0614 1976 \Device\Harddisk1\DR1\Partition1 - ok
06:52:46.0615 1976 ============================================================
06:52:46.0615 1976 Scan finished
06:52:46.0615 1976 ============================================================
06:52:46.0626 1128 Detected object count: 1
06:52:46.0626 1128 Actual detected object count: 1
06:53:03.0856 1128 SafeBoot ( LockedFile.Multi.Generic ) - skipped by user
06:53:03.0856 1128 SafeBoot ( LockedFile.Multi.Generic ) - User select action: Skip
06:53:19.0768 6204 Deinitialize success

ComboFix 13-01-15.02 - Martin 16.01.2013 9:28:00.4.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.3951.1900 [GMT 1:00]
Spuštěný z: C:\Users\Martin\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 5.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 5.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}


((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))


C:\install.exe
C:\ProgramData\93F5694F18.sys
C:\windows\isRS-000.tmp


((((((((((((((((((((((((( Soubory vytvořené od 2012-12-16 do 2013-01-16 )))))))))))))))))))))))))))))))


2013-01-16 08:40:33 . 2013-01-16 08:40:33 -------- d-----w- C:\Users\Default\AppData\Local\temp
2013-01-15 13:14:51 . 2013-01-15 13:14:51 -------- d-----w- C:\Users\Martin\AppData\Local\Programs
2013-01-15 13:10:54 . 2013-01-15 13:10:54 -------- d-----w- C:\Users\Martin\AppData\Local\ATI
2013-01-15 08:47:10 . 2012-11-08 17:24:30 9125352 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{705D72CC-C69F-4D2B-9959-F50C1DEA13BA}\mpengine.dll
2013-01-09 12:12:24 . 2012-11-02 05:30:41 2001408 ----a-w- C:\windows\system32\msxml6.dll
2013-01-09 12:12:22 . 2012-11-02 05:30:40 1880064 ----a-w- C:\windows\system32\msxml3.dll
2013-01-09 12:12:22 . 2012-11-02 04:50:33 1388544 ----a-w- C:\windows\SysWow64\msxml6.dll
2013-01-09 12:12:21 . 2012-11-02 04:50:33 1236992 ----a-w- C:\windows\SysWow64\msxml3.dll
2013-01-09 12:12:19 . 2012-11-09 05:34:53 751104 ----a-w- C:\windows\system32\win32spl.dll
2013-01-09 12:12:19 . 2012-11-09 04:49:55 492032 ----a-w- C:\windows\SysWow64\win32spl.dll
2013-01-09 12:11:44 . 2012-11-20 05:55:59 307200 ----a-w- C:\windows\system32\ncrypt.dll
2013-01-09 12:11:44 . 2012-11-20 05:10:07 219136 ----a-w- C:\windows\SysWow64\ncrypt.dll
2013-01-09 12:10:39 . 2012-11-22 10:32:45 801280 ----a-w- C:\windows\system32\usp10.dll
2013-01-09 12:10:35 . 2012-11-22 09:33:26 627712 ----a-w- C:\windows\SysWow64\usp10.dll
2013-01-09 06:56:58 . 2012-11-30 05:43:53 424960 ----a-w- C:\windows\system32\KernelBase.dll
2013-01-08 18:21:28 . 2013-01-12 23:53:34 -------- d-----w- C:\BAHN386r3
2013-01-07 15:52:13 . 2013-01-07 15:52:17 -------- d-----w- C:\Program Files (x86)\BAHN400b1a
2013-01-03 10:14:33 . 2013-01-03 10:14:33 -------- d-----w- C:\Users\Martin\AppData\Local\GHISLER
2013-01-02 20:26:33 . 2013-01-02 20:47:03 -------- d-----w- C:\Users\Martin\AppData\Roaming\TeamViewer
2013-01-02 20:22:19 . 2013-01-02 20:22:19 -------- d-----w- C:\Program Files (x86)\TeamViewer
2012-12-25 22:01:18 . 2012-12-25 22:01:18 -------- d-----w- C:\Users\Martin\AppData\Local\ElevatedDiagnostics
2012-12-25 20:23:50 . 2012-12-25 20:26:35 -------- d-----w- C:\Program Files (x86)\Stepmania
2012-12-22 02:01:15 . 2012-12-16 16:52:02 46080 ----a-w- C:\windows\system32\atmlib.dll
2012-12-22 02:01:15 . 2012-12-16 14:25:19 34304 ----a-w- C:\windows\SysWow64\atmlib.dll
2012-12-22 02:01:13 . 2012-12-16 14:40:45 367616 ----a-w- C:\windows\system32\atmfd.dll
2012-12-22 02:01:12 . 2012-12-16 14:25:27 295424 ----a-w- C:\windows\SysWow64\atmfd.dll
.


(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))

2013-01-10 08:47:37 . 2012-05-23 15:44:03 67599240 ----a-w- C:\windows\system32\MRT.exe
2013-01-09 19:06:35 . 2012-05-15 20:28:01 74248 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-09 19:06:35 . 2012-05-15 20:28:01 697864 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2012-12-14 15:49:28 . 2012-10-04 17:48:33 24176 ----a-w- C:\windows\system32\drivers\mbam.sys
2012-11-30 04:56:03 . 2013-01-09 06:56:52 44032 ----a-w- C:\windows\apppatch\acwow64.dll
2012-11-21 16:57:20 . 2012-11-21 16:57:02 2516 --sha-w- C:\ProgramData\KGyGaAvL.sys
2012-11-12 14:11:50 . 2012-12-13 07:40:08 9375232 ----a-w- C:\windows\system32\mshtml.dll
2012-11-12 12:18:53 . 2012-12-13 07:39:50 1638912 ----a-w- C:\windows\system32\mshtml.tlb
2012-11-12 11:51:11 . 2012-12-13 07:39:50 1638912 ----a-w- C:\windows\SysWow64\mshtml.tlb
2012-11-09 05:34:27 . 2012-12-13 07:40:27 2048 ----a-w- C:\windows\system32\tzres.dll
2012-11-09 04:49:37 . 2012-12-13 07:40:27 2048 ----a-w- C:\windows\SysWow64\tzres.dll
2012-11-02 05:27:51 . 2012-12-13 07:38:28 478208 ----a-w- C:\windows\system32\dpnet.dll
2012-11-02 04:48:28 . 2012-12-13 07:38:27 376832 ----a-w- C:\windows\SysWow64\dpnet.dll
2012-10-27 05:36:37 . 2012-12-13 07:39:59 1501696 ----a-w- C:\windows\system32\urlmon.dll
2012-10-27 05:36:37 . 2012-12-13 07:39:56 1197568 ----a-w- C:\windows\system32\wininet.dll
2012-10-27 05:36:37 . 2012-12-13 07:39:51 134144 ----a-w- C:\windows\system32\url.dll
2012-10-27 05:36:32 . 2012-12-13 07:39:54 1026560 ----a-w- C:\windows\system32\mstime.dll
2012-10-27 05:36:32 . 2012-12-13 07:39:52 97792 ----a-w- C:\windows\system32\mshtmled.dll
2012-10-27 05:36:30 . 2012-12-13 07:39:54 736256 ----a-w- C:\windows\system32\msfeeds.dll
2012-10-27 05:36:30 . 2012-12-13 07:39:52 82944 ----a-w- C:\windows\system32\msfeedsbs.dll
2012-10-27 05:36:08 . 2012-12-13 07:39:51 57856 ----a-w- C:\windows\system32\licmgr10.dll
2012-10-27 05:36:02 . 2012-12-13 07:39:51 64512 ----a-w- C:\windows\system32\jsproxy.dll
2012-10-27 05:35:50 . 2012-12-13 07:39:53 247808 ----a-w- C:\windows\system32\ieui.dll
2012-10-27 05:35:50 . 2012-12-13 07:39:53 2458624 ----a-w- C:\windows\system32\iertutil.dll
2012-10-27 05:35:49 . 2012-12-13 07:40:00 12404736 ----a-w- C:\windows\system32\ieframe.dll
2012-10-27 05:35:49 . 2012-12-13 07:39:52 256000 ----a-w- C:\windows\system32\iepeers.dll
2012-10-27 05:35:46 . 2012-12-13 07:39:55 445952 ----a-w- C:\windows\system32\iedkcs32.dll
2012-10-27 05:33:29 . 2012-12-13 07:39:50 12288 ----a-w- C:\windows\system32\msfeedssync.exe
2012-10-27 05:00:40 . 2012-12-13 07:39:57 981504 ----a-w- C:\windows\SysWow64\wininet.dll
2012-10-27 04:59:41 . 2012-12-13 07:39:51 44544 ----a-w- C:\windows\SysWow64\licmgr10.dll
2012-10-27 04:23:06 . 2012-12-13 07:39:50 482816 ----a-w- C:\windows\system32\html.iec
2012-10-27 03:52:14 . 2012-12-13 07:39:50 386048 ----a-w- C:\windows\SysWow64\html.iec
2012-10-25 19:26:07 . 2012-10-25 19:26:17 95208 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-10-25 19:26:01 . 2012-10-25 19:26:30 821736 ----a-w- C:\windows\SysWow64\npDeployJava1.dll
2012-10-25 19:26:01 . 2012-10-25 19:26:30 746984 ----a-w- C:\windows\SysWow64\deployJava1.dll
2012-10-20 18:38:27 . 2012-10-20 18:38:27 411024 ----a-r- C:\Users\Martin\AppData\Roaming\Microsoft\Installer\{05181A78-3BA6-4B63-BCE8-888A4BCAACFA}\ARPPRODUCTICON.exe
2012-10-20 18:23:40 . 2012-10-20 18:23:40 405504 ----a-r- C:\Users\Martin\AppData\Roaming\Microsoft\Installer\{7D0F4ACC-698A-41B9-B1E2-17594988FBEF}\ARPPRODUCTICON.exe
2012-07-25 14:49:17 . 2006-01-19 11:32:58 65024 ----a-w- C:\Program Files (x86)\ColorCop.exe


(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))


*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPADVISOR"="C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-09-29 22:26:44 1685048]
"LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-06-17 19:13:36 2363392]
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 15:19:40 3671872]
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe" [2012-11-09 10:27:12 17877168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"="C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2010-03-01 17:26:40 256056]
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 04:16:04 284696]
"PDF Complete"="C:\Program Files (x86)\PDF Complete\pdfsty.exe" [2009-10-23 18:52:36 563736]
"Microsoft Default Manager"="C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 21:12:28 439568]
"File Sanitizer"="C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2009-12-12 00:57:38 11265536]
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-08-05 10:50:20 98304]
"DTRun"="c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe" [2009-11-18 17:06:30 518656]
"NortonOnlineBackupReminder"="C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-06-29 12:01:26 600936]
"SMART Board Service"="C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe" [2011-07-13 19:14:40 1761136]
"SMART Board Tools"="C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardTools.exe" [2011-06-23 13:28:32 9800560]
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 07:04:54 252848]
"Family Tree Builder Update"="C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe" [2011-12-21 15:26:36 229376]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2009-11-17 21:39:02 75320 ----a-w- C:\Windows\System32\DeviceNP.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 12:27:14 138576]
R2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-09 10:21:24 160944]
R2 vcsFPService;Validity VCS Fingerprint Service;C:\windows\system32\vcsFPService.exe [2009-12-14 09:15:58 2019120]
R3 BTMCOM;Bluetooth Serial Port;C:\windows\system32\Drivers\btmcom.sys [2010-04-09 14:53:04 52736]
R3 DAMDrv;DAMDrv;C:\windows\system32\DRIVERS\DAMDrv64.sys [2009-10-21 20:37:52 40760]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\Windows\SysWOW64\flcdlock.exe [2009-11-17 21:39:16 362040]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys [2010-01-12 22:37:34 325152]
R3 WatAdminSvc;Služba Technologie aktivace Windows;C:\windows\system32\Wat\WatAdminSvc.exe [2012-05-17 21:41:53 1255736]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-13 12:34:51 283200]
Děkuji.

[Žbeky]

Log Combofixu není celý, zkus ho v nouzovém režimu

[Fucza]

Tak, zkoušel jsem ten nouzák, ale bylo tam hodně možností, nic jako nouzový režim se mi po anglicku nezamlouvalo, najelo to normálně. Zkusil jsem znova ten Combofix, ale omylem zapoměl deaktivovat ESet, ani to neřvalo, raději jsem to udělal znova, ten první log z disku c smazal. Snad jsem to moc nezdupal.
Chci se zeptat na ten excel a jeho reinstal. Doporučuješ na to nový dotaz a lze to dělat s tímto, nebo počkat? Celkem byych ten excel potřeboval.

ComboFix 13-01-16.01 - Martin 16.01.2013 20:04:08.6.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.3951.2023 [GMT 1:00]
Spuštěný z: c:\users\Martin\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 5.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 5.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-16 do 2013-01-16 )))))))))))))))))))))))))))))))
.
.
2013-01-16 19:13 . 2013-01-16 19:13 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-01-16 19:13 . 2013-01-16 19:13 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-16 19:13 . 2013-01-16 19:13 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2013-01-15 13:14 . 2013-01-15 13:14 -------- d-----w- c:\users\Martin\AppData\Local\Programs
2013-01-15 13:10 . 2013-01-15 13:10 -------- d-----w- c:\users\Martin\AppData\Local\ATI
2013-01-15 08:47 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{705D72CC-C69F-4D2B-9959-F50C1DEA13BA}\mpengine.dll
2013-01-09 12:12 . 2012-11-02 05:30 2001408 ----a-w- c:\windows\system32\msxml6.dll
2013-01-09 12:12 . 2012-11-02 05:30 1880064 ----a-w- c:\windows\system32\msxml3.dll
2013-01-09 12:12 . 2012-11-02 04:50 1388544 ----a-w- c:\windows\SysWow64\msxml6.dll
2013-01-09 12:12 . 2012-11-02 04:50 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2013-01-09 12:12 . 2012-11-09 05:34 751104 ----a-w- c:\windows\system32\win32spl.dll
2013-01-09 12:12 . 2012-11-09 04:49 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2013-01-09 12:11 . 2012-11-20 05:55 307200 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-09 12:11 . 2012-11-20 05:10 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2013-01-09 12:10 . 2012-11-22 10:32 801280 ----a-w- c:\windows\system32\usp10.dll
2013-01-09 12:10 . 2012-11-22 09:33 627712 ----a-w- c:\windows\SysWow64\usp10.dll
2013-01-09 06:56 . 2012-11-30 05:43 424960 ----a-w- c:\windows\system32\KernelBase.dll
2013-01-08 18:21 . 2013-01-12 23:53 -------- d-----w- C:\BAHN386r3
2013-01-07 15:52 . 2013-01-07 15:52 -------- d-----w- c:\program files (x86)\BAHN400b1a
2013-01-03 10:14 . 2013-01-03 10:14 -------- d-----w- c:\users\Martin\AppData\Local\GHISLER
2013-01-02 20:26 . 2013-01-02 20:47 -------- d-----w- c:\users\Martin\AppData\Roaming\TeamViewer
2013-01-02 20:22 . 2013-01-02 20:22 -------- d-----w- c:\program files (x86)\TeamViewer
2012-12-25 22:01 . 2012-12-25 22:01 -------- d-----w- c:\users\Martin\AppData\Local\ElevatedDiagnostics
2012-12-25 20:23 . 2012-12-25 20:26 -------- d-----w- c:\program files (x86)\Stepmania
2012-12-22 02:01 . 2012-12-16 16:52 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-22 02:01 . 2012-12-16 14:25 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-22 02:01 . 2012-12-16 14:40 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-22 02:01 . 2012-12-16 14:25 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-10 08:47 . 2012-05-23 15:44 67599240 ----a-w- c:\windows\system32\MRT.exe
2013-01-09 19:06 . 2012-05-15 20:28 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-09 19:06 . 2012-05-15 20:28 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-14 15:49 . 2012-10-04 17:48 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-30 04:56 . 2013-01-09 06:56 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-21 16:57 . 2012-11-21 16:57 2516 --sha-w- c:\programdata\KGyGaAvL.sys
2012-11-12 14:11 . 2012-12-13 07:40 9375232 ----a-w- c:\windows\system32\mshtml.dll
2012-11-12 12:18 . 2012-12-13 07:39 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-12 11:51 . 2012-12-13 07:39 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-09 05:34 . 2012-12-13 07:40 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:49 . 2012-12-13 07:40 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-02 05:27 . 2012-12-13 07:38 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 04:48 . 2012-12-13 07:38 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-10-27 05:36 . 2012-12-13 07:39 1501696 ----a-w- c:\windows\system32\urlmon.dll
2012-10-27 05:36 . 2012-12-13 07:39 1197568 ----a-w- c:\windows\system32\wininet.dll
2012-10-27 05:36 . 2012-12-13 07:39 134144 ----a-w- c:\windows\system32\url.dll
2012-10-27 05:36 . 2012-12-13 07:39 1026560 ----a-w- c:\windows\system32\mstime.dll
2012-10-27 05:36 . 2012-12-13 07:39 97792 ----a-w- c:\windows\system32\mshtmled.dll
2012-10-27 05:36 . 2012-12-13 07:39 736256 ----a-w- c:\windows\system32\msfeeds.dll
2012-10-27 05:36 . 2012-12-13 07:39 82944 ----a-w- c:\windows\system32\msfeedsbs.dll
2012-10-27 05:36 . 2012-12-13 07:39 57856 ----a-w- c:\windows\system32\licmgr10.dll
2012-10-27 05:36 . 2012-12-13 07:39 64512 ----a-w- c:\windows\system32\jsproxy.dll
2012-10-27 05:35 . 2012-12-13 07:39 247808 ----a-w- c:\windows\system32\ieui.dll
2012-10-27 05:35 . 2012-12-13 07:39 2458624 ----a-w- c:\windows\system32\iertutil.dll
2012-10-27 05:35 . 2012-12-13 07:40 12404736 ----a-w- c:\windows\system32\ieframe.dll
2012-10-27 05:35 . 2012-12-13 07:39 256000 ----a-w- c:\windows\system32\iepeers.dll
2012-10-27 05:35 . 2012-12-13 07:39 445952 ----a-w- c:\windows\system32\iedkcs32.dll
2012-10-27 05:33 . 2012-12-13 07:39 12288 ----a-w- c:\windows\system32\msfeedssync.exe
2012-10-27 05:00 . 2012-12-13 07:39 981504 ----a-w- c:\windows\SysWow64\wininet.dll
2012-10-27 04:59 . 2012-12-13 07:39 44544 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-10-27 04:23 . 2012-12-13 07:39 482816 ----a-w- c:\windows\system32\html.iec
2012-10-27 03:52 . 2012-12-13 07:39 386048 ----a-w- c:\windows\SysWow64\html.iec
2012-10-25 19:26 . 2012-10-25 19:26 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-10-25 19:26 . 2012-10-25 19:26 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-10-25 19:26 . 2012-10-25 19:26 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-10-20 18:38 . 2012-10-20 18:38 411024 ----a-r- c:\users\Martin\AppData\Roaming\Microsoft\Installer\{05181A78-3BA6-4B63-BCE8-888A4BCAACFA}\ARPPRODUCTICON.exe
2012-10-20 18:23 . 2012-10-20 18:23 405504 ----a-r- c:\users\Martin\AppData\Roaming\Microsoft\Installer\{7D0F4ACC-698A-41B9-B1E2-17594988FBEF}\ARPPRODUCTICON.exe
2012-07-25 14:49 . 2006-01-19 11:32 65024 ----a-w- c:\program files (x86)\ColorCop.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-09-29 1685048]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-06-17 2363392]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-11-09 17877168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2010-03-01 256056]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2009-10-23 563736]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"File Sanitizer"="c:\program files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2009-12-12 11265536]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-08-05 98304]
"DTRun"="c:\program files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe" [2009-11-18 518656]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-06-29 600936]
"SMART Board Service"="c:\program files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe" [2011-07-13 1761136]
"SMART Board Tools"="c:\program files (x86)\SMART Technologies\Education Software\SMARTBoardTools.exe" [2011-06-23 9800560]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"Family Tree Builder Update"="c:\program files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe" [2011-12-21 229376]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2009-11-17 21:39 75320 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2009-12-14 2019120]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys [2010-04-09 52736]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys [2009-10-21 40760]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe [2009-11-17 362040]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-11-11 232480]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-01-12 325152]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-05-17 1255736]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-13 283200]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2012-03-14 209768]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2012-03-14 148528]
S1 RsvLock;RsvLock; [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe [2009-03-03 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-08-04 203264]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\Motorola\Bluetooth\obexsrv.exe [2010-05-20 677128]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2012-03-07 913144]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2012-03-14 137144]
S2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2010-06-18 103992]
S2 HP ProtectTools Service;HP ProtectTools Service;c:\program files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2009-11-18 36864]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-04-05 103992]
S2 HPDayStarterService;HP DayStarter Service;c:\program files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe [2010-05-10 90112]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-06-25 92216]
S2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2009-12-16 281192]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2009-12-12 297984]
S2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-03-01 264248]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2009-07-08 30520]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [2011-12-21 578264]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2009-10-23 635416]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-12-14 3467768]
S2 uArcCapture;ArcCapture;c:\windows\system\uArcCapture.exe [2009-12-04 506472]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-04 2320920]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2009-12-04 32640]
S3 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [2010-06-29 4181256]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files\Motorola\Bluetooth\audiosrv.exe [2010-05-20 1096968]
S3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys [2010-06-29 3232768]
S3 DEBridge;DEBridge;c:\program files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [2009-12-16 704512]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-05-15 1028096]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-10 158720]
S3 InputFilter_Hid_FlexDef2b;Siliten HID Devices(FlexDef2b) Driver Service;c:\windows\system32\DRIVERS\InputFilter_FlexDef2b.sys [2010-06-18 17920]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2010-06-29 931168]
S3 SMARTMouseFilterx64;HID-compliant mouse;c:\windows\system32\DRIVERS\SMARTMouseFilterx64.sys [2011-07-13 13168]
S3 SMARTVHidMiniVistaAmd64;SMART HID Device;c:\windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [2011-07-13 16368]
S3 SMARTVTabletPCx64;SMART Virtual TabletPC;c:\windows\system32\DRIVERS\SMARTVTabletPCx64.sys [2011-07-13 24944]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 19:11 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-15 19:06]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" [2010-06-18 1691192]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-04-05 8192]
"BTMTrayAgent"="c:\program files\Motorola\Bluetooth\btmshell.dll" [2010-06-10 24783624]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-17 487424]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2012-03-07 4081008]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://www.bing.com
mStart Page = hxxp://search.myheritage.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{bd707fe6-39f6-4bda-9265-86a76719bdc5} - c:\program files\Motorola\Bluetooth\btmiesend.htm
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //FWEvent.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: mcafee.com\*
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\14ydu06m.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-{FC17E0A7-EAA9-4902-92F8-C83B9FD02246} - c:\program files (x86)\InstallShield Installation Information\{FC17E0A7-EAA9-4902-92F8-C83B9FD02246}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2013-01-16 20:32:37
ComboFix-quarantined-files.txt 2013-01-16 19:32
ComboFix2.txt 2012-10-05 21:35
.
Před spuštěním: Volných bajtů: 294 335 115 264
Po spuštění: Volných bajtů: 294 269 980 672
.
- - End Of File - - 86CB49F575DEEF0ECC5DFD91B149792A

[memphisto]

Excel můžeš přeinstalovat nezávisle na kontrole. Akorát nám to natáhne log :-)

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
DirLook::
C:\BAHN386r3
c:\program files (x86)\BAHN400b1a

File::
c:\programdata\KGyGaAvL.sys

Driver::
SkypeUpdate

Folder::
c:\program files (x86)\Skype\Updater

DDS::
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://www.bing.com
mStart Page = hxxp://search.myheritage.com
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //FWEvent.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: mcafee.com\*
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upus.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

Tohle znáš?
c:\program files (x86)\ColorCop.exe

[Fucza]

Jj. ColorCop znám, je to takové udělátko na notaci barev z obrazovky.

ComboFix 13-01-16.01 - Martin 16.01.2013 22:19:45.7.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.3951.1891 [GMT 1:00]
Spuštěný z: c:\users\Martin\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Martin\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 5.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 5.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-16 do 2013-01-16 )))))))))))))))))))))))))))))))
.
.
2013-01-16 21:29 . 2013-01-16 21:29 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-01-16 21:29 . 2013-01-16 21:29 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-16 21:29 . 2013-01-16 21:29 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2013-01-16 19:31 . 2013-01-16 19:31 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{705D72CC-C69F-4D2B-9959-F50C1DEA13BA}\offreg.dll
2013-01-15 13:14 . 2013-01-15 13:14 -------- d-----w- c:\users\Martin\AppData\Local\Programs
2013-01-15 13:10 . 2013-01-15 13:10 -------- d-----w- c:\users\Martin\AppData\Local\ATI
2013-01-15 08:47 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{705D72CC-C69F-4D2B-9959-F50C1DEA13BA}\mpengine.dll
2013-01-09 12:12 . 2012-11-02 05:30 2001408 ----a-w- c:\windows\system32\msxml6.dll
2013-01-09 12:12 . 2012-11-02 05:30 1880064 ----a-w- c:\windows\system32\msxml3.dll
2013-01-09 12:12 . 2012-11-02 04:50 1388544 ----a-w- c:\windows\SysWow64\msxml6.dll
2013-01-09 12:12 . 2012-11-02 04:50 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2013-01-09 12:12 . 2012-11-09 05:34 751104 ----a-w- c:\windows\system32\win32spl.dll
2013-01-09 12:12 . 2012-11-09 04:49 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2013-01-09 12:11 . 2012-11-20 05:55 307200 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-09 12:11 . 2012-11-20 05:10 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2013-01-09 12:10 . 2012-11-22 10:32 801280 ----a-w- c:\windows\system32\usp10.dll
2013-01-09 12:10 . 2012-11-22 09:33 627712 ----a-w- c:\windows\SysWow64\usp10.dll
2013-01-09 06:56 . 2012-11-30 05:43 424960 ----a-w- c:\windows\system32\KernelBase.dll
2013-01-08 18:21 . 2013-01-12 23:53 -------- d-----w- C:\BAHN386r3
2013-01-07 15:52 . 2013-01-07 15:52 -------- d-----w- c:\program files (x86)\BAHN400b1a
2013-01-03 10:14 . 2013-01-03 10:14 -------- d-----w- c:\users\Martin\AppData\Local\GHISLER
2013-01-02 20:26 . 2013-01-02 20:47 -------- d-----w- c:\users\Martin\AppData\Roaming\TeamViewer
2013-01-02 20:22 . 2013-01-02 20:22 -------- d-----w- c:\program files (x86)\TeamViewer
2012-12-25 22:01 . 2012-12-25 22:01 -------- d-----w- c:\users\Martin\AppData\Local\ElevatedDiagnostics
2012-12-25 20:23 . 2012-12-25 20:26 -------- d-----w- c:\program files (x86)\Stepmania
2012-12-22 02:01 . 2012-12-16 16:52 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-22 02:01 . 2012-12-16 14:25 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-22 02:01 . 2012-12-16 14:40 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-22 02:01 . 2012-12-16 14:25 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-10 08:47 . 2012-05-23 15:44 67599240 ----a-w- c:\windows\system32\MRT.exe
2013-01-09 19:06 . 2012-05-15 20:28 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-09 19:06 . 2012-05-15 20:28 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-14 15:49 . 2012-10-04 17:48 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-30 04:56 . 2013-01-09 06:56 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-21 16:57 . 2012-11-21 16:57 2516 --sha-w- c:\programdata\KGyGaAvL.sys
2012-11-12 14:11 . 2012-12-13 07:40 9375232 ----a-w- c:\windows\system32\mshtml.dll
2012-11-12 12:18 . 2012-12-13 07:39 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-12 11:51 . 2012-12-13 07:39 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-11-09 05:34 . 2012-12-13 07:40 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-09 04:49 . 2012-12-13 07:40 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-11-02 05:27 . 2012-12-13 07:38 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-11-02 04:48 . 2012-12-13 07:38 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-10-27 05:36 . 2012-12-13 07:39 1501696 ----a-w- c:\windows\system32\urlmon.dll
2012-10-27 05:36 . 2012-12-13 07:39 1197568 ----a-w- c:\windows\system32\wininet.dll
2012-10-27 05:36 . 2012-12-13 07:39 134144 ----a-w- c:\windows\system32\url.dll
2012-10-27 05:36 . 2012-12-13 07:39 1026560 ----a-w- c:\windows\system32\mstime.dll
2012-10-27 05:36 . 2012-12-13 07:39 97792 ----a-w- c:\windows\system32\mshtmled.dll
2012-10-27 05:36 . 2012-12-13 07:39 736256 ----a-w- c:\windows\system32\msfeeds.dll
2012-10-27 05:36 . 2012-12-13 07:39 82944 ----a-w- c:\windows\system32\msfeedsbs.dll
2012-10-27 05:36 . 2012-12-13 07:39 57856 ----a-w- c:\windows\system32\licmgr10.dll
2012-10-27 05:36 . 2012-12-13 07:39 64512 ----a-w- c:\windows\system32\jsproxy.dll
2012-10-27 05:35 . 2012-12-13 07:39 247808 ----a-w- c:\windows\system32\ieui.dll
2012-10-27 05:35 . 2012-12-13 07:39 2458624 ----a-w- c:\windows\system32\iertutil.dll
2012-10-27 05:35 . 2012-12-13 07:40 12404736 ----a-w- c:\windows\system32\ieframe.dll
2012-10-27 05:35 . 2012-12-13 07:39 256000 ----a-w- c:\windows\system32\iepeers.dll
2012-10-27 05:35 . 2012-12-13 07:39 445952 ----a-w- c:\windows\system32\iedkcs32.dll
2012-10-27 05:33 . 2012-12-13 07:39 12288 ----a-w- c:\windows\system32\msfeedssync.exe
2012-10-27 05:00 . 2012-12-13 07:39 981504 ----a-w- c:\windows\SysWow64\wininet.dll
2012-10-27 04:59 . 2012-12-13 07:39 44544 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-10-27 04:23 . 2012-12-13 07:39 482816 ----a-w- c:\windows\system32\html.iec
2012-10-27 03:52 . 2012-12-13 07:39 386048 ----a-w- c:\windows\SysWow64\html.iec
2012-10-25 19:26 . 2012-10-25 19:26 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-10-25 19:26 . 2012-10-25 19:26 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-10-25 19:26 . 2012-10-25 19:26 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-10-20 18:38 . 2012-10-20 18:38 411024 ----a-r- c:\users\Martin\AppData\Roaming\Microsoft\Installer\{05181A78-3BA6-4B63-BCE8-888A4BCAACFA}\ARPPRODUCTICON.exe
2012-10-20 18:23 . 2012-10-20 18:23 405504 ----a-r- c:\users\Martin\AppData\Roaming\Microsoft\Installer\{7D0F4ACC-698A-41B9-B1E2-17594988FBEF}\ARPPRODUCTICON.exe
2012-07-25 14:49 . 2006-01-19 11:32 65024 ----a-w- c:\program files (x86)\ColorCop.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-09-29 1685048]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-06-17 2363392]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-11-09 17877168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2010-03-01 256056]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2009-10-23 563736]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"File Sanitizer"="c:\program files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2009-12-12 11265536]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-08-05 98304]
"DTRun"="c:\program files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe" [2009-11-18 518656]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-06-29 600936]
"SMART Board Service"="c:\program files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe" [2011-07-13 1761136]
"SMART Board Tools"="c:\program files (x86)\SMART Technologies\Education Software\SMARTBoardTools.exe" [2011-06-23 9800560]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"Family Tree Builder Update"="c:\program files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe" [2011-12-21 229376]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2009-11-17 21:39 75320 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe [2009-12-14 2019120]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys [2010-04-09 52736]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys [2009-10-21 40760]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe [2009-11-17 362040]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-11-11 232480]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-01-12 325152]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-05-17 1255736]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-07-13 283200]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2012-03-14 209768]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2012-03-14 148528]
S1 RsvLock;RsvLock; [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe [2009-03-03 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-08-04 203264]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\Motorola\Bluetooth\obexsrv.exe [2010-05-20 677128]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2012-03-07 913144]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2012-03-14 137144]
S2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2010-06-18 103992]
S2 HP ProtectTools Service;HP ProtectTools Service;c:\program files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2009-11-18 36864]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-04-05 103992]
S2 HPDayStarterService;HP DayStarter Service;c:\program files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe [2010-05-10 90112]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-06-25 92216]
S2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2009-12-16 281192]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2009-12-12 297984]
S2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-03-01 264248]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2009-07-08 30520]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [2011-12-21 578264]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2009-10-23 635416]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2012-12-14 3467768]
S2 uArcCapture;ArcCapture;c:\windows\system\uArcCapture.exe [2009-12-04 506472]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-04 2320920]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2009-12-04 32640]
S3 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [2010-06-29 4181256]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files\Motorola\Bluetooth\audiosrv.exe [2010-05-20 1096968]
S3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys [2010-06-29 3232768]
S3 DEBridge;DEBridge;c:\program files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [2009-12-16 704512]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-05-15 1028096]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-10 158720]
S3 InputFilter_Hid_FlexDef2b;Siliten HID Devices(FlexDef2b) Driver Service;c:\windows\system32\DRIVERS\InputFilter_FlexDef2b.sys [2010-06-18 17920]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2010-06-29 931168]
S3 SMARTMouseFilterx64;HID-compliant mouse;c:\windows\system32\DRIVERS\SMARTMouseFilterx64.sys [2011-07-13 13168]
S3 SMARTVHidMiniVistaAmd64;SMART HID Device;c:\windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [2011-07-13 16368]
S3 SMARTVTabletPCx64;SMART Virtual TabletPC;c:\windows\system32\DRIVERS\SMARTVTabletPCx64.sys [2011-07-13 24944]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 19:11 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-15 19:06]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" [2010-06-18 1691192]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-04-05 8192]
"BTMTrayAgent"="c:\program files\Motorola\Bluetooth\btmshell.dll" [2010-06-10 24783624]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-17 487424]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2012-03-07 4081008]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://www.bing.com
mStart Page = hxxp://search.myheritage.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{bd707fe6-39f6-4bda-9265-86a76719bdc5} - c:\program files\Motorola\Bluetooth\btmiesend.htm
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //FWEvent.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: mcafee.com\*
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\14ydu06m.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-{FC17E0A7-EAA9-4902-92F8-C83B9FD02246} - c:\program files (x86)\InstallShield Installation Information\{FC17E0A7-EAA9-4902-92F8-C83B9FD02246}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2013-01-16 22:49:21
ComboFix-quarantined-files.txt 2013-01-16 21:49
ComboFix2.txt 2013-01-16 19:32
ComboFix3.txt 2012-10-05 21:35
.
Před spuštěním: Volných bajtů: 293 742 088 192
Po spuštění: Volných bajtů: 293 681 778 688
.
- - End Of File - - 78ABA0D9A00586BA5F8FCD9E831B234A