Prosím o kontrolu logu /CPU*/

lukasgereg · Příspěvekod **lukasgereg** » 23 úno 2013 19:29

Zdravím,

nevím jestli se mi to jenom zdá, nebo pc už dosluhuje, ale je děsně pomalé. Nevím čím to už je, pročistil jsem ho ccleanerem, projel antivirem a atd... Nyní mi můžete snad pomoci jenom vy. Chtěl vědět zda s pc dá ještě něco dělat nebo je odepsaný a bude tak pomalé už navždy :-(

.

Sestava:

CPU : Intel Pentium D 2.8 GHz @ 3.2 GHz
GPU : GeForce 7600 GT 256MB
Motherboard : ASUS P5L 1394
RAM : 3GB
OS : Windows 7 Ultimate 32bit

Přikládám HJT

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:20:17, on 23.2.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Program Files\SweetIM\Messenger\SweetIM.exe
C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Innovative Solutions\DriverMax\drivermax.exe
C:\Program Files\TeamViewer\Version8\TeamViewer.exe
C:\Program Files\TP-LINK\COMMON\TWCU.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_149.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_149.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\doma\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.com/?cid={9AB531E1-7017-4269-9F08-F9C47B32D5CD}&mid=1a86271312fc47d090665aebac0090a8-9b57334846ff2a4d5544c29494dcb10110af52a6&lang=cs&ds=is015&pr=sa&d=2012-10-23 09:47:17&v=13.2.0.5&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000.10014&barid={7CF3CBF3-4A7D-11E2-9FC5-001D92A62A32}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files\SimilarSites\similarsites.dll
R3 - URLSearchHook: (no name) - {e9df9360-97f8-4690-afe6-996c80790da4} - (no file)
R3 - URLSearchHook: (no name) - {70df8d13-bdd3-448e-944c-efde21b77161} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll
O3 - Toolbar: SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files\SimilarSites\similarsites.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Advanced SystemCare 6] "C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\Windows\TEMP\E_S6E8B.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [DriverMax] "C:\Program Files\Innovative Solutions\DriverMax\drivermax.exe" -agent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\doma\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil32_11_5_502_149_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: speedfan – zástupce.lnk = C:\Program Files\SpeedFan\speedfan.exe
O4 - Global Startup: TP-LINK Wireless Client Utility.lnk = C:\Program Files\TP-LINK\COMMON\TWCU.exe
O9 - Extra button: SimilarSites - {807DF5E0-4EF7-48a8-A405-239F3E29FFA9} - C:\Program Files\SimilarSites\similarsites.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/select/asusTek_sys_ctrl3.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/f ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files\TP-LINK\COMMON\RaRegistry.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: TpMediaServer - Unknown owner - C:\Program Files\TP-LINK\COMMON\RaMediaServer.exe
O23 - Service: vToolbarUpdater14.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe

--
End of file - 8982 bytes

Děkuji za všechny rady.

Reklama

Příspěvekod **Adys301** » 23 úno 2013 19:35

Pokud se ti PC zdá pomalý, dej sem screen z programu HW monitor. Třeba se ti něco přehřívá.

lukasgereg · Příspěvekod **lukasgereg** » 23 úno 2013 19:38

Nepřehřívá se mi nic právě, mám SpeedFan a teplota CPU na 35°C a GPU na 50°C

Příspěvekod **jaro3** » 23 úno 2013 20:00

2 antiviry..
Odinstaluj:
AVG-----
http://www.avg.com/eu-en/utilities

Verze pro 32 bit OS:
http://download.avg.com/filedir/util/av ... 3_2706.exe

http://www.avg.com/cz-cs/stahnout-nastroje

http://www.avg.com/filedir/util/avg_arm ... emover.exe

a
SWEETIEM

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

+nový log z HJT.

lukasgereg · Příspěvekod **lukasgereg** » 23 úno 2013 20:35

LOG z HiJackThis

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:29:56, on 23.2.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\TP-LINK\COMMON\TWCU.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Users\doma\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\doma\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\doma\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\doma\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\doma\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\notepad.exe
C:\Users\doma\Downloads\HiJackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.com/?cid={9AB531E1-7017-4269-9F08-F9C47B32D5CD}&mid=1a86271312fc47d090665aebac0090a8-9b57334846ff2a4d5544c29494dcb10110af52a6&lang=cs&ds=is015&pr=sa&d=2012-10-23 09:47:17&v=13.2.0.5&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files\SimilarSites\similarsites.dll
R3 - URLSearchHook: (no name) - {e9df9360-97f8-4690-afe6-996c80790da4} - (no file)
R3 - URLSearchHook: (no name) - {70df8d13-bdd3-448e-944c-efde21b77161} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll (file missing)
O3 - Toolbar: SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files\SimilarSites\similarsites.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Advanced SystemCare 6] "C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\Windows\TEMP\E_S6E8B.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [DriverMax] "C:\Program Files\Innovative Solutions\DriverMax\drivermax.exe" -agent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\doma\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: speedfan – zástupce.lnk = C:\Program Files\SpeedFan\speedfan.exe
O4 - Global Startup: TP-LINK Wireless Client Utility.lnk = C:\Program Files\TP-LINK\COMMON\TWCU.exe
O9 - Extra button: SimilarSites - {807DF5E0-4EF7-48a8-A405-239F3E29FFA9} - C:\Program Files\SimilarSites\similarsites.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/select/asusTek_sys_ctrl3.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/f ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files\TP-LINK\COMMON\RaRegistry.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: TpMediaServer - Unknown owner - C:\Program Files\TP-LINK\COMMON\RaMediaServer.exe
O23 - Service: vToolbarUpdater14.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe

--
End of file - 8371 bytes

LOG z MBAM

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.70.0.1100
www.malwarebytes.org

Verze: v2013.02.23.07

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
doma :: DOMA-PC [administrátor]

Ochrana: Povolena

23.2.2013 20:21:53
mbam-log-2013-02-23 (20-21-53).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 219745
Uplynulý čas: 5 minut,

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

LOG z AdwCleaner

# AdwCleaner v2.112 - Logfile created 02/23/2013 at 20:20:16
# Updated 10/02/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : doma - DOMA-PC
# Boot Mode : Normal
# Running from : C:\Users\doma\Downloads\adwcleaner0.exe
# Option [Search]

***** [Services] *****

***** [Files / Folders] *****

File Found : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
Folder Found : C:\Program Files\AVG Secure Search
Folder Found : C:\Program Files\Common Files\AVG Secure Search
Folder Found : C:\Program Files\Conduit
Folder Found : C:\Program Files\SimilarSites
Folder Found : C:\Program Files\SweetIM
Folder Found : C:\ProgramData\AVG Secure Search
Folder Found : C:\ProgramData\SimilarSites
Folder Found : C:\ProgramData\Trymedia
Folder Found : C:\Users\doma\AppData\LocalLow\AVG Secure Search
Folder Found : C:\Users\doma\AppData\LocalLow\Conduit
Folder Found : C:\Users\doma\AppData\LocalLow\PriceGong
Folder Found : C:\Users\doma\AppData\Roaming\OpenCandy
Folder Found : C:\Users\doma\AppData\Roaming\SimilarSites

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE69C007-C452-4D3E-86D2-1730DF8BC871}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE69C007-C452-4D3E-86D2-1730DF8BC871}
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FE69C007-C452-4D3E-86D2-1730DF8BC871}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A36BCB13-778D-4A40-99C1-D686086D268F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{CCA8F2AB-BE4E-41F0-A289-4D960CEA58EA}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\hidjnkeodmholilgafgdlgmgggbhnigl
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{FE69C007-C452-4D3E-86D2-1730DF8BC871}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{807DF5E0-4EF7-48A8-A405-239F3E29FFA9}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SimilarSites
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\Software\SimilarSites
Key Found : HKU\S-1-5-21-4020533193-2274794661-2165323434-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{FE69C007-C452-4D3E-86D2-1730DF8BC871}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FE69C007-C452-4D3E-86D2-1730DF8BC871}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FE69C007-C452-4D3E-86D2-1730DF8BC871}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://isearch.avg.com/?cid={9AB531E1-7017-4269-9F08-F9C47B32D5CD}&mid=1a86271312fc47d090665aebac0090a8-9b57334846ff2a4d5544c29494dcb10110af52a6&lang=cs&ds=is015&pr=sa&d=2012-10-23 09:47:17&v=13.2.0.5&sap=hp

-\\ Mozilla Firefox v18.0.1 (cs)

File : C:\Users\doma\AppData\Roaming\Mozilla\Firefox\Profiles\kqzmicoi.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v24.0.1312.57

File : C:\Users\doma\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found [l.12] : homepage = "hxxp://home.sweetim.com/?crg=3.1010000.10014&barid={7CF3CBF3-4A7D-11E2-9FC5-001D92A62A32}",
Found [l.16] : urls_to_restore_on_startup = [ "hxxp://home.sweetim.com/?crg=3.1010000.10014&barid={7CF3CBF3-4A7D-11E2-9FC5-001D92A62A32}", "hxxp://isearch.avg.com/?cid={9AB531E1-7017-4269-9F08-F9C47B32D5CD}&mid=1a86271312fc47d090665aebac0090a8-9b57334846ff2a4d5544c29494dcb10110af52a6&lang=cs&ds=is015&pr=sa&d=2012-10-23 09:47:17&v=14.2.0.1&pid=avg&sg=&sap=hp" ]
Found [l.1878] : homepage = "hxxp://home.sweetim.com/?crg=3.1010000.10014&barid={7CF3CBF3-4A7D-11E2-9FC5-001D92A62A32}",
Found [l.2460] : urls_to_restore_on_startup = [ "hxxp://home.sweetim.com/?crg=3.1010000.10014&barid={7CF3CBF3-4A7D-11E2-9FC5-001D92A62A32}", "hxxp://isearch.avg.com/?cid={9AB531E1-7017-4269-9F08-F9C47B32D5CD}&mid=1a86271312fc47d090665aebac0090a8-9b57334846ff2a4d5544c29494dcb10110af52a6&lang=cs&ds=is015&pr=sa&d=2012-10-23 09:47:17&v=14.2.0.1&pid=avg&sg=&sap=hp" ]

-\\ Opera v12.12.1707.0

File : C:\Users\doma\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [8273 octets] - [23/02/2013 20:20:16]

########## EOF - C:\AdwCleaner[R1].txt - [8333 octets] ##########

Příspěvekod **jaro3** » 24 úno 2013 10:02

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Delete“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.com/?cid={9AB531E1-7017-4269-9F08-F9C47B32D5CD}&mid=1a86271312fc47d090665aebac0090a8-9b57334846ff2a4d5544c29494dcb10110af52a6&lang=cs&ds=is015&pr=sa&d=2012-10-23 09:47:17&v=13.2.0.5&sap=hp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {e9df9360-97f8-4690-afe6-996c80790da4} - (no file)
R3 - URLSearchHook: (no name) - {70df8d13-bdd3-448e-944c-efde21b77161} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll (file missing)
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll (file missing)
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\doma\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/f ... wflash.cab

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

A nedávej logy do code!

lukasgereg · Příspěvekod **lukasgereg** » 24 úno 2013 18:51

LOG z ComboFix

ComboFix 13-02-24.01 - doma 24.02.2013 18:16:55.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.3071.2173 [GMT 1:00]
Spuštěný z: c:\users\doma\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\doma\AppData\Local\Temp\sfamcc00001.dll
c:\users\doma\AppData\Local\Temp\sfareca00001.dll
c:\windows\security\Database\tmp.edb
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-24 do 2013-02-24 )))))))))))))))))))))))))))))))
.
.
2013-02-24 17:37 . 2013-02-24 17:40 -------- d-----w- c:\users\doma\AppData\Local\temp
2013-02-24 17:37 . 2013-02-24 17:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-24 16:47 . 2013-02-24 16:47 388096 ----a-r- c:\users\doma\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-02-24 16:47 . 2013-02-24 16:47 -------- d-----w- c:\program files\Trend Micro
2013-02-24 01:28 . 2012-12-16 14:13 295424 ----a-w- c:\windows\system32\atmfd.dll
2013-02-24 01:28 . 2012-12-16 14:13 34304 ----a-w- c:\windows\system32\atmlib.dll
2013-02-24 01:14 . 2013-01-08 22:01 768000 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-24 00:57 . 2013-02-24 00:57 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-24 00:57 . 2013-02-24 00:57 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-24 00:17 . 2013-02-24 00:17 -------- d-----w- c:\users\doma\Doctor Web
2013-02-23 23:27 . 2013-01-04 03:00 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-02-23 23:27 . 2012-11-22 04:45 626688 ----a-w- c:\windows\system32\usp10.dll
2013-02-23 23:27 . 2012-11-09 04:43 492032 ----a-w- c:\windows\system32\win32spl.dll
2013-02-23 23:25 . 2012-11-30 04:45 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-02-23 23:24 . 2012-12-07 10:46 43520 ----a-w- c:\windows\system32\csrr.rs
2013-02-23 23:23 . 2012-11-20 04:51 220160 ----a-w- c:\windows\system32\ncrypt.dll
2013-02-23 23:23 . 2012-11-23 02:48 49152 ----a-w- c:\windows\system32\taskhost.exe
2013-02-23 23:23 . 2013-01-04 04:50 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-02-23 23:18 . 2013-02-23 23:18 -------- d-----w- c:\users\doma\AppData\Local\Adobe
2013-02-23 23:11 . 2013-02-19 02:58 6954968 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{48A96613-31C1-49CF-953E-77B579D84959}\mpengine.dll
2013-02-23 21:49 . 2013-02-23 21:49 -------- d-----w- c:\users\doma\AppData\Local\Apple
2013-02-23 20:44 . 2013-02-23 20:44 -------- d-----w- c:\users\UpdatusUser
2013-02-23 20:43 . 2013-01-31 09:01 2859296 ------w- c:\windows\system32\nvsvc.dll
2013-02-23 20:43 . 2013-01-31 09:01 3970848 ------w- c:\windows\system32\nvcpl.dll
2013-02-23 20:43 . 2013-01-31 09:00 634656 ------w- c:\windows\system32\nvvsvc.exe
2013-02-23 20:43 . 2013-01-31 09:00 62752 ------w- c:\windows\system32\nvshext.dll
2013-02-23 20:43 . 2013-01-31 09:00 2557728 ------w- c:\windows\system32\nvsvcr.dll
2013-02-23 20:43 . 2013-01-31 09:00 108832 ------w- c:\windows\system32\nvmctray.dll
2013-02-23 20:43 . 2013-02-19 20:33 53024 ------w- c:\windows\system32\OpenCL.dll
2013-02-23 20:42 . 2013-02-23 20:42 -------- d-----w- c:\programdata\NVIDIA Corporation
2013-02-23 18:59 . 2013-02-23 18:59 -------- d-----w- c:\users\doma\AppData\Roaming\Malwarebytes
2013-02-23 18:54 . 2013-02-23 18:54 -------- d-----w- c:\programdata\Malwarebytes
2013-02-23 18:54 . 2013-02-23 18:54 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-02-23 18:54 . 2012-12-14 15:49 21104 ------w- c:\windows\system32\drivers\mbam.sys
2013-02-23 18:54 . 2013-02-23 18:54 -------- d-----w- c:\users\doma\AppData\Local\Programs
2013-02-23 17:44 . 2013-02-23 17:44 -------- d-----w- C:\7dni7noci
2013-02-19 20:32 . 2013-02-19 20:32 6162704 ------w- c:\windows\system32\nvopencl.dll
2013-02-19 20:32 . 2013-02-19 20:32 10919200 ------w- c:\windows\system32\drivers\nvlddmkm.sys
2013-02-19 20:32 . 2013-02-19 20:32 2446416 ------w- c:\windows\system32\nvapi.dll
2013-02-19 20:32 . 2013-02-19 20:32 17560352 ------w- c:\windows\system32\nvcompiler.dll
2013-02-19 20:32 . 2013-02-19 20:32 2577184 ------w- c:\windows\system32\nvcuvid.dll
2013-02-19 20:32 . 2013-02-19 20:32 1869088 ------w- c:\windows\system32\nvcuvenc.dll
2013-02-19 20:32 . 2013-02-19 20:32 15413704 ------w- c:\windows\system32\nvd3dum.dll
2013-02-19 20:32 . 2013-02-19 20:32 892704 ------w- c:\windows\system32\nvdispgenco32.dll
2013-02-19 20:32 . 2013-02-19 20:32 1010464 ------w- c:\windows\system32\nvdispco32.dll
2013-02-19 20:32 . 2013-02-19 20:32 7754560 ------w- c:\windows\system32\nvcuda.dll
2013-02-19 20:32 . 2013-02-19 20:32 19915552 ------w- c:\windows\system32\nvoglv32.dll
2013-02-16 16:09 . 2013-02-16 16:09 -------- d-----w- c:\program files\Astroburn Lite
2013-02-16 16:09 . 2013-02-16 16:09 -------- d-----w- c:\programdata\Astroburn Lite
2013-02-16 16:07 . 2013-02-16 16:07 242240 ------w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-02-16 16:07 . 2013-02-16 16:07 -------- d-----w- C:\DAEMON Tools Lite
2013-01-31 08:47 . 2013-01-31 08:47 -------- d-----w- c:\users\doma\.thumbnails
2013-01-31 08:42 . 2013-01-31 08:42 -------- d-----w- c:\users\doma\AppData\Roaming\EPSON
2013-01-31 08:40 . 2013-01-31 08:40 -------- d-----w- c:\users\doma\AppData\Local\fontconfig
2013-01-31 08:40 . 2013-02-23 23:40 -------- d-----w- c:\users\doma\.gimp-2.8
2013-01-31 08:40 . 2013-01-31 08:40 -------- d-----w- c:\users\doma\AppData\Local\gegl-0.2
2013-01-31 08:37 . 2013-01-31 08:39 -------- d-----w- c:\program files\GIMP 2
2013-01-28 16:06 . 2013-01-28 16:06 -------- d-----w- c:\users\doma\AppData\Local\Macromedia
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-19 13:25 . 2012-10-23 07:47 33112 ------w- c:\windows\system32\drivers\avgtpx86.sys
2013-01-17 00:28 . 2012-03-19 15:47 232336 ------w- c:\windows\system32\MpSigStub.exe
2012-12-18 11:46 . 2012-12-17 20:54 138032 ------w- c:\windows\system32\drivers\PnkBstrK.sys
2012-12-18 11:45 . 2012-12-17 20:38 281688 ------w- c:\windows\system32\PnkBstrB.exe
2012-12-18 11:45 . 2012-12-15 11:24 281688 ------w- c:\windows\system32\PnkBstrB.xtr
2012-12-17 20:54 . 2012-12-14 19:39 281688 ------w- c:\windows\system32\PnkBstrB.ex0
2012-12-17 20:38 . 2012-12-17 20:38 76888 ------w- c:\windows\system32\PnkBstrA.exe
2013-01-28 16:50 . 2013-01-28 16:49 262552 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\daemon tools lite\DTLite.exe" [2013-01-08 3674320]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-09-07 43608]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-12-13 11487848]
.
c:\users\doma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
speedfan – zástupce.lnk - c:\program files\SpeedFan\speedfan.exe [2012-9-12 4679672]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
TP-LINK Wireless Client Utility.lnk - c:\program files\TP-LINK\COMMON\TWCU.exe [2002-1-1 10918400]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2012-03-19 15:48 136176 ----atw- c:\users\doma\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-07-03 07:04 252848 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R2 vToolbarUpdater14.2.0;vToolbarUpdater14.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [x]
R3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;c:\program files\FinalWire\AIDA64 Extreme Edition\kerneld.x32 [x]
R3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TpMediaServer;TpMediaServer;c:\program files\TP-LINK\COMMON\RaMediaServer.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 MxEFUF;Matrox Extio Upper Function Filter;c:\windows\system32\DRIVERS\MxEFUF32.sys [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 TeamViewer8;TeamViewer 8;c:\program files\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 netr28u;RT2870 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr28u.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2013-02-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4020533193-2274794661-2165323434-1000Core.job
- c:\users\doma\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-19 15:48]
.
2013-02-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4020533193-2274794661-2165323434-1000UA.job
- c:\users\doma\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-19 15:48]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = <local>
TCP: DhcpNameServer = 83.240.0.214 83.240.0.136
FF - ProfilePath - c:\users\doma\AppData\Roaming\Mozilla\Firefox\Profiles\kqzmicoi.default\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{70DF8D13-BDD3-448E-944C-EFDE21B77161} - (no file)
WebBrowser-{E9DF9360-97F8-4690-AFE6-996C80790DA4} - (no file)
MSConfigStartUp-Advanced SystemCare 5 - c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe
MSConfigStartUp-DriverMax - c:\program files\Innovative Solutions\DriverMax\drivermax.exe
MSConfigStartUp-DriverMax_RESTART - c:\program files\Innovative Solutions\DriverMax\drivermax.exe
MSConfigStartUp-DriverUpdaterPro - c:\program files\XPC Tools\Driver Updater Pro\DriverUpdaterPro.exe
MSConfigStartUp-RivaTunerStartupDaemon - c:\program files\RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition\RivaTunerWrapper.exe
MSConfigStartUp-USBToolTip - c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AIDA64Driver]
"ImagePath"="\??\c:\program files\FinalWire\AIDA64 Extreme Edition\kerneld.x32"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\programdata\EPSON\EPW!3 SSRP\E_S40RP7.EXE
c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\conhost.exe
c:\program files\TP-LINK\COMMON\RaRegistry.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\system32\PrintIsolationHost.exe
.
**************************************************************************
.
Celkový čas: 2013-02-24 18:46:54 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-02-24 17:46
.
Před spuštěním: Volných bajtů: 165 181 259 776
Po spuštění: Volných bajtů: 164 985 782 272
.
- - End Of File - - F459DA0CB39AFF62F4AC9D55F133739D

LOG z AdwCleaner

# AdwCleaner v2.113 - Logfile created 02/24/2013 at 17:35:12
# Updated 23/02/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : doma - DOMA-PC
# Boot Mode : Normal
# Running from : C:\Users\doma\Downloads\adwcleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

Deleted on reboot : C:\Program Files\Common Files\AVG Secure Search
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\SweetIM
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\Users\doma\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\doma\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\doma\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\doma\AppData\Roaming\OpenCandy

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE69C007-C452-4D3E-86D2-1730DF8BC871}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE69C007-C452-4D3E-86D2-1730DF8BC871}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE69C007-C452-4D3E-86D2-1730DF8BC871}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36BCB13-778D-4A40-99C1-D686086D268F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CCA8F2AB-BE4E-41F0-A289-4D960CEA58EA}
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hidjnkeodmholilgafgdlgmgggbhnigl
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{FE69C007-C452-4D3E-86D2-1730DF8BC871}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\Software\SimilarSites
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{FE69C007-C452-4D3E-86D2-1730DF8BC871}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FE69C007-C452-4D3E-86D2-1730DF8BC871}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16464

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://isearch.avg.com/?cid={9AB531E1-7017-4269-9F08-F9C47B32D5CD}&mid=1a86271312fc47d090665aebac0090a8-9b57334846ff2a4d5544c29494dcb10110af52a6&lang=cs&ds=is015&pr=sa&d=2012-10-23 09:47:17&v=13.2.0.5&sap=hp --> hxxp://www.google.com

-\\ Mozilla Firefox v18.0.1 (cs)

File : C:\Users\doma\AppData\Roaming\Mozilla\Firefox\Profiles\kqzmicoi.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v24.0.1312.57

File : C:\Users\doma\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.12] : homepage = "hxxp://home.sweetim.com/?crg=3.1010000.10014&barid={7CF3CBF3-4A7D-11E2-9FC5-001D9[...]
Deleted [l.16] : urls_to_restore_on_startup = [ "hxxp://home.sweetim.com/?crg=3.1010000.10014&barid={7CF3CB[...]
Deleted [l.1875] : homepage = "hxxp://home.sweetim.com/?crg=3.1010000.10014&barid={7CF3CBF3-4A7D-11E2-9FC5-001D92A6[...]
Deleted [l.2403] : urls_to_restore_on_startup = [ "hxxp://home.sweetim.com/?crg=3.1010000.10014&barid={7CF3CBF3-[...]

-\\ Opera v12.12.1707.0

File : C:\Users\doma\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [8402 octets] - [23/02/2013 20:20:16]
AdwCleaner[S1].txt - [7836 octets] - [24/02/2013 17:35:12]

########## EOF - C:\AdwCleaner[S1].txt - [7896 octets] ##########

lukasgereg · Příspěvekod **lukasgereg** » 24 úno 2013 18:52

LOG z TDSSkiller

18:01:21.0368 4456 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:01:21.0633 4456 ============================================================
18:01:21.0633 4456 Current date / time: 2013/02/24 18:01:21.0633
18:01:21.0633 4456 SystemInfo:
18:01:21.0633 4456
18:01:21.0633 4456 OS Version: 6.1.7601 ServicePack: 1.0
18:01:21.0633 4456 Product type: Workstation
18:01:21.0633 4456 ComputerName: DOMA-PC
18:01:21.0633 4456 UserName: doma
18:01:21.0633 4456 Windows directory: C:\Windows
18:01:21.0633 4456 System windows directory: C:\Windows
18:01:21.0633 4456 Processor architecture: Intel x86
18:01:21.0633 4456 Number of processors: 2
18:01:21.0633 4456 Page size: 0x1000
18:01:21.0633 4456 Boot type: Normal boot
18:01:21.0633 4456 ============================================================
18:01:23.0243 4456 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:01:23.0258 4456 ============================================================
18:01:23.0258 4456 \Device\Harddisk0\DR0:
18:01:23.0258 4456 MBR partitions:
18:01:23.0258 4456 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x254297C1
18:01:23.0258 4456 ============================================================
18:01:23.0274 4456 C: <-> \Device\Harddisk0\DR0\Partition1
18:01:23.0274 4456 ============================================================
18:01:23.0274 4456 Initialize success
18:01:23.0274 4456 ============================================================
18:02:37.0581 4028 ============================================================
18:02:37.0581 4028 Scan started
18:02:37.0581 4028 Mode: Manual;
18:02:37.0581 4028 ============================================================
18:02:38.0065 4028 ================ Scan system memory ========================
18:02:38.0065 4028 System memory - ok
18:02:38.0065 4028 ================ Scan services =============================
18:02:38.0284 4028 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:02:38.0299 4028 1394ohci - ok
18:02:38.0346 4028 [ BEB5E6A8C17C3C7485563281E0F9E77E ] 61883 C:\Windows\system32\DRIVERS\61883.sys
18:02:38.0346 4028 61883 - ok
18:02:38.0393 4028 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:02:38.0409 4028 ACPI - ok
18:02:38.0440 4028 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:02:38.0440 4028 AcpiPmi - ok
18:02:38.0549 4028 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
18:02:38.0565 4028 AdobeARMservice - ok
18:02:38.0612 4028 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:02:38.0627 4028 adp94xx - ok
18:02:38.0659 4028 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:02:38.0674 4028 adpahci - ok
18:02:38.0706 4028 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:02:38.0706 4028 adpu320 - ok
18:02:38.0768 4028 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:02:38.0768 4028 AeLookupSvc - ok
18:02:38.0831 4028 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
18:02:38.0831 4028 AFD - ok
18:02:38.0862 4028 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
18:02:38.0862 4028 agp440 - ok
18:02:38.0893 4028 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
18:02:38.0909 4028 aic78xx - ok
18:02:38.0956 4028 AIDA64Driver - ok
18:02:38.0987 4028 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
18:02:38.0987 4028 ALG - ok
18:02:39.0018 4028 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
18:02:39.0018 4028 aliide - ok
18:02:39.0065 4028 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
18:02:39.0065 4028 amdagp - ok
18:02:39.0096 4028 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
18:02:39.0096 4028 amdide - ok
18:02:39.0143 4028 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:02:39.0143 4028 AmdK8 - ok
18:02:39.0174 4028 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:02:39.0174 4028 AmdPPM - ok
18:02:39.0237 4028 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:02:39.0237 4028 amdsata - ok
18:02:39.0268 4028 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:02:39.0284 4028 amdsbs - ok
18:02:39.0315 4028 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:02:39.0315 4028 amdxata - ok
18:02:39.0362 4028 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
18:02:39.0377 4028 AppID - ok
18:02:39.0393 4028 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:02:39.0409 4028 AppIDSvc - ok
18:02:39.0456 4028 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
18:02:39.0456 4028 Appinfo - ok
18:02:39.0518 4028 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
18:02:39.0518 4028 AppMgmt - ok
18:02:39.0549 4028 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
18:02:39.0549 4028 arc - ok
18:02:39.0581 4028 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:02:39.0581 4028 arcsas - ok
18:02:39.0643 4028 [ 2B4E66FAC6503494A2C6F32BB6AB3826 ] AsIO C:\Windows\system32\drivers\AsIO.sys
18:02:39.0659 4028 AsIO - ok
18:02:39.0690 4028 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
18:02:39.0690 4028 aswFsBlk - ok
18:02:39.0752 4028 [ E2FEE0486D68BF85355D3EDA1A24FF68 ] aswKbd C:\Windows\system32\drivers\aswKbd.sys
18:02:39.0752 4028 aswKbd - ok
18:02:39.0784 4028 [ 62F9DCEC95F91B8E0203E85D344A7E65 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
18:02:39.0784 4028 aswMonFlt - ok
18:02:39.0831 4028 [ 81F638A2DD94ABBF0B43880AB38D8DBD ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
18:02:39.0831 4028 aswRdr - ok
18:02:39.0877 4028 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
18:02:39.0877 4028 aswSnx - ok
18:02:39.0924 4028 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\Windows\system32\drivers\aswSP.sys
18:02:39.0924 4028 aswSP - ok
18:02:39.0940 4028 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
18:02:39.0940 4028 aswTdi - ok
18:02:39.0971 4028 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:02:39.0987 4028 AsyncMac - ok
18:02:40.0081 4028 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
18:02:40.0081 4028 atapi - ok
18:02:40.0143 4028 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:02:40.0143 4028 AudioEndpointBuilder - ok
18:02:40.0174 4028 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
18:02:40.0174 4028 Audiosrv - ok
18:02:40.0252 4028 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:02:40.0252 4028 avast! Antivirus - ok
18:02:40.0284 4028 avast! Firewall - ok
18:02:40.0346 4028 [ C44BDD77E06053CF5AFE046F3A47C16B ] Avc C:\Windows\system32\DRIVERS\avc.sys
18:02:40.0346 4028 Avc - ok
18:02:40.0393 4028 [ CAE7B6E4D7EB17829C526153D19B9C95 ] avgtp C:\Windows\system32\drivers\avgtpx86.sys
18:02:40.0393 4028 avgtp - ok
18:02:40.0456 4028 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:02:40.0456 4028 AxInstSV - ok
18:02:40.0502 4028 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
18:02:40.0518 4028 b06bdrv - ok
18:02:40.0549 4028 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
18:02:40.0549 4028 b57nd60x - ok
18:02:40.0596 4028 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
18:02:40.0612 4028 BDESVC - ok
18:02:40.0627 4028 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
18:02:40.0627 4028 Beep - ok
18:02:40.0674 4028 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
18:02:40.0690 4028 BFE - ok
18:02:40.0721 4028 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
18:02:40.0752 4028 BITS - ok
18:02:40.0768 4028 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:02:40.0784 4028 blbdrive - ok
18:02:40.0815 4028 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:02:40.0815 4028 bowser - ok
18:02:40.0846 4028 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:02:40.0846 4028 BrFiltLo - ok
18:02:40.0877 4028 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:02:40.0877 4028 BrFiltUp - ok
18:02:40.0940 4028 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
18:02:40.0940 4028 Browser - ok
18:02:40.0971 4028 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:02:40.0971 4028 Brserid - ok
18:02:41.0002 4028 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:02:41.0002 4028 BrSerWdm - ok
18:02:41.0034 4028 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:02:41.0049 4028 BrUsbMdm - ok
18:02:41.0065 4028 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:02:41.0081 4028 BrUsbSer - ok
18:02:41.0112 4028 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:02:41.0112 4028 BTHMODEM - ok
18:02:41.0174 4028 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
18:02:41.0174 4028 bthserv - ok
18:02:41.0206 4028 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:02:41.0206 4028 cdfs - ok
18:02:41.0252 4028 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:02:41.0252 4028 cdrom - ok
18:02:41.0299 4028 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
18:02:41.0299 4028 CertPropSvc - ok
18:02:41.0331 4028 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:02:41.0346 4028 circlass - ok
18:02:41.0377 4028 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
18:02:41.0393 4028 CLFS - ok
18:02:41.0456 4028 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:02:41.0456 4028 clr_optimization_v2.0.50727_32 - ok
18:02:41.0549 4028 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:02:41.0549 4028 clr_optimization_v4.0.30319_32 - ok
18:02:41.0581 4028 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:02:41.0596 4028 CmBatt - ok
18:02:41.0627 4028 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:02:41.0643 4028 cmdide - ok
18:02:41.0690 4028 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
18:02:41.0706 4028 CNG - ok
18:02:41.0721 4028 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:02:41.0737 4028 Compbatt - ok
18:02:41.0768 4028 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:02:41.0768 4028 CompositeBus - ok
18:02:41.0784 4028 COMSysApp - ok
18:02:41.0815 4028 cpudrv - ok
18:02:41.0862 4028 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:02:41.0877 4028 crcdisk - ok
18:02:41.0924 4028 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:02:41.0940 4028 CryptSvc - ok
18:02:42.0002 4028 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
18:02:42.0002 4028 CSC - ok
18:02:42.0034 4028 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
18:02:42.0049 4028 CscService - ok
18:02:42.0096 4028 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
18:02:42.0112 4028 DcomLaunch - ok
18:02:42.0159 4028 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
18:02:42.0174 4028 defragsvc - ok
18:02:42.0221 4028 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:02:42.0237 4028 DfsC - ok
18:02:42.0299 4028 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
18:02:42.0299 4028 Dhcp - ok
18:02:42.0331 4028 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
18:02:42.0346 4028 discache - ok
18:02:42.0362 4028 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:02:42.0377 4028 Disk - ok
18:02:42.0424 4028 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:02:42.0440 4028 Dnscache - ok
18:02:42.0502 4028 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
18:02:42.0502 4028 dot3svc - ok
18:02:42.0534 4028 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
18:02:42.0549 4028 DPS - ok
18:02:42.0596 4028 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:02:42.0596 4028 drmkaud - ok
18:02:42.0643 4028 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
18:02:42.0659 4028 dtsoftbus01 - ok
18:02:42.0706 4028 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:02:42.0721 4028 DXGKrnl - ok
18:02:42.0752 4028 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
18:02:42.0752 4028 EapHost - ok
18:02:42.0862 4028 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
18:02:42.0924 4028 ebdrv - ok
18:02:42.0987 4028 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
18:02:42.0987 4028 EFS - ok
18:02:43.0065 4028 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:02:43.0081 4028 ehRecvr - ok
18:02:43.0112 4028 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
18:02:43.0127 4028 ehSched - ok
18:02:43.0159 4028 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
18:02:43.0190 4028 elxstor - ok
18:02:43.0299 4028 [ 8FE6AB59CAB8F2C038FEA9522A5EEBA7 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
18:02:43.0299 4028 EPSON_PM_RPCV4_01 - ok
18:02:43.0346 4028 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:02:43.0346 4028 ErrDev - ok
18:02:43.0393 4028 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
18:02:43.0409 4028 EventSystem - ok
18:02:43.0440 4028 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
18:02:43.0456 4028 exfat - ok
18:02:43.0487 4028 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:02:43.0487 4028 fastfat - ok
18:02:43.0534 4028 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
18:02:43.0549 4028 Fax - ok
18:02:43.0581 4028 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:02:43.0581 4028 fdc - ok
18:02:43.0612 4028 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
18:02:43.0612 4028 fdPHost - ok
18:02:43.0643 4028 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
18:02:43.0643 4028 FDResPub - ok
18:02:43.0674 4028 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:02:43.0674 4028 FileInfo - ok
18:02:43.0690 4028 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:02:43.0706 4028 Filetrace - ok
18:02:43.0721 4028 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:02:43.0721 4028 flpydisk - ok
18:02:43.0752 4028 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:02:43.0768 4028 FltMgr - ok
18:02:43.0831 4028 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
18:02:43.0846 4028 FontCache - ok
18:02:43.0909 4028 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:02:43.0924 4028 FontCache3.0.0.0 - ok
18:02:43.0940 4028 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:02:43.0956 4028 FsDepends - ok
18:02:43.0987 4028 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:02:43.0987 4028 Fs_Rec - ok
18:02:44.0018 4028 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:02:44.0018 4028 fvevol - ok
18:02:44.0049 4028 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
18:02:44.0049 4028 gagp30kx - ok
18:02:44.0096 4028 [ 77EBF3E9386DAA51551AF429052D88D0 ] giveio C:\Windows\system32\giveio.sys
18:02:44.0096 4028 giveio - ok
18:02:44.0159 4028 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
18:02:44.0174 4028 gpsvc - ok
18:02:44.0221 4028 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:02:44.0221 4028 hcw85cir - ok
18:02:44.0268 4028 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:02:44.0284 4028 HdAudAddService - ok
18:02:44.0315 4028 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:02:44.0315 4028 HDAudBus - ok
18:02:44.0346 4028 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
18:02:44.0346 4028 HidBatt - ok
18:02:44.0377 4028 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:02:44.0393 4028 HidBth - ok
18:02:44.0424 4028 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:02:44.0424 4028 HidIr - ok
18:02:44.0456 4028 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
18:02:44.0471 4028 hidserv - ok
18:02:44.0518 4028 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:02:44.0518 4028 HidUsb - ok
18:02:44.0565 4028 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:02:44.0581 4028 hkmsvc - ok
18:02:44.0627 4028 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:02:44.0643 4028 HomeGroupListener - ok
18:02:44.0690 4028 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:02:44.0706 4028 HomeGroupProvider - ok
18:02:44.0752 4028 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:02:44.0752 4028 HpSAMD - ok
18:02:44.0815 4028 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:02:44.0831 4028 HTTP - ok
18:02:44.0893 4028 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:02:44.0893 4028 hwpolicy - ok
18:02:44.0924 4028 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:02:44.0924 4028 i8042prt - ok
18:02:44.0971 4028 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:02:44.0987 4028 iaStorV - ok
18:02:45.0049 4028 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:02:45.0065 4028 idsvc - ok
18:02:45.0112 4028 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
18:02:45.0112 4028 iirsp - ok
18:02:45.0174 4028 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
18:02:45.0190 4028 IKEEXT - ok
18:02:45.0346 4028 [ 0DBEF9CD5A2CD71240DD5AFCEE56D073 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
18:02:45.0409 4028 IntcAzAudAddService - ok
18:02:45.0456 4028 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
18:02:45.0456 4028 intelide - ok
18:02:45.0471 4028 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:02:45.0487 4028 intelppm - ok
18:02:45.0534 4028 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:02:45.0534 4028 IPBusEnum - ok
18:02:45.0565 4028 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:02:45.0565 4028 IpFilterDriver - ok
18:02:45.0643 4028 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:02:45.0659 4028 iphlpsvc - ok
18:02:45.0690 4028 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:02:45.0690 4028 IPMIDRV - ok
18:02:45.0721 4028 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:02:45.0737 4028 IPNAT - ok
18:02:45.0768 4028 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:02:45.0784 4028 IRENUM - ok
18:02:45.0799 4028 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:02:45.0815 4028 isapnp - ok
18:02:45.0862 4028 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:02:45.0862 4028 iScsiPrt - ok
18:02:45.0924 4028 [ 15D6BE1F12CC749391EC2FB3556E5A60 ] JRAID C:\Windows\system32\DRIVERS\jraid.sys
18:02:45.0924 4028 JRAID - ok
18:02:45.0956 4028 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:02:45.0956 4028 kbdclass - ok
18:02:45.0987 4028 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
18:02:46.0002 4028 kbdhid - ok
18:02:46.0034 4028 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
18:02:46.0049 4028 KeyIso - ok
18:02:46.0096 4028 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:02:46.0112 4028 KSecDD - ok
18:02:46.0159 4028 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:02:46.0174 4028 KSecPkg - ok
18:02:46.0221 4028 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
18:02:46.0237 4028 KtmRm - ok
18:02:46.0299 4028 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
18:02:46.0315 4028 LanmanServer - ok
18:02:46.0362 4028 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:02:46.0393 4028 LanmanWorkstation - ok
18:02:46.0424 4028 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:02:46.0440 4028 lltdio - ok
18:02:46.0471 4028 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:02:46.0487 4028 lltdsvc - ok
18:02:46.0518 4028 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
18:02:46.0534 4028 lmhosts - ok
18:02:46.0565 4028 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
18:02:46.0565 4028 LSI_FC - ok
18:02:46.0612 4028 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
18:02:46.0612 4028 LSI_SAS - ok
18:02:46.0643 4028 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:02:46.0643 4028 LSI_SAS2 - ok
18:02:46.0674 4028 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:02:46.0674 4028 LSI_SCSI - ok
18:02:46.0706 4028 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
18:02:46.0706 4028 luafv - ok
18:02:46.0768 4028 [ A3E700D78EEC390F1208098CDCA5C6B6 ] MarvinBus C:\Windows\system32\DRIVERS\MarvinBus.sys
18:02:46.0768 4028 MarvinBus - ok
18:02:46.0831 4028 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
18:02:46.0831 4028 MBAMProtector - ok
18:02:46.0893 4028 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:02:46.0909 4028 MBAMScheduler - ok
18:02:46.0956 4028 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
18:02:46.0971 4028 MBAMService - ok
18:02:47.0018 4028 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:02:47.0034 4028 Mcx2Svc - ok
18:02:47.0065 4028 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
18:02:47.0065 4028 megasas - ok
18:02:47.0096 4028 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
18:02:47.0112 4028 MegaSR - ok
18:02:47.0159 4028 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
18:02:47.0174 4028 MMCSS - ok
18:02:47.0206 4028 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
18:02:47.0206 4028 Modem - ok
18:02:47.0252 4028 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:02:47.0252 4028 monitor - ok
18:02:47.0299 4028 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:02:47.0299 4028 mouclass - ok
18:02:47.0315 4028 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:02:47.0331 4028 mouhid - ok
18:02:47.0377 4028 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:02:47.0393 4028 mountmgr - ok
18:02:47.0471 4028 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:02:47.0471 4028 MozillaMaintenance - ok
18:02:47.0518 4028 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
18:02:47.0518 4028 mpio - ok
18:02:47.0549 4028 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:02:47.0549 4028 mpsdrv - ok
18:02:47.0612 4028 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:02:47.0643 4028 MpsSvc - ok
18:02:47.0674 4028 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:02:47.0690 4028 MRxDAV - ok
18:02:47.0752 4028 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:02:47.0752 4028 mrxsmb - ok
18:02:47.0784 4028 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:02:47.0784 4028 mrxsmb10 - ok
18:02:47.0815 4028 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:02:47.0815 4028 mrxsmb20 - ok
18:02:47.0846 4028 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
18:02:47.0846 4028 msahci - ok
18:02:47.0893 4028 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:02:47.0909 4028 msdsm - ok
18:02:47.0940 4028 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
18:02:47.0956 4028 MSDTC - ok
18:02:48.0034 4028 [ 114B67C324D64C8195FD3BF93B4DF02A ] MSDV C:\Windows\system32\DRIVERS\msdv.sys
18:02:48.0034 4028 MSDV - ok
18:02:48.0065 4028 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:02:48.0065 4028 Msfs - ok
18:02:48.0096 4028 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:02:48.0096 4028 mshidkmdf - ok
18:02:48.0127 4028 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:02:48.0127 4028 msisadrv - ok
18:02:48.0159 4028 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:02:48.0190 4028 MSiSCSI - ok
18:02:48.0206 4028 msiserver - ok
18:02:48.0237 4028 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:02:48.0252 4028 MSKSSRV - ok
18:02:48.0268 4028 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:02:48.0268 4028 MSPCLOCK - ok
18:02:48.0299 4028 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:02:48.0299 4028 MSPQM - ok
18:02:48.0331 4028 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:02:48.0346 4028 MsRPC - ok
18:02:48.0393 4028 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:02:48.0393 4028 mssmbios - ok
18:02:48.0409 4028 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:02:48.0424 4028 MSTEE - ok
18:02:48.0440 4028 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
18:02:48.0456 4028 MTConfig - ok
18:02:48.0502 4028 [ CBE71C122434805CB73FFB6619F60598 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
18:02:48.0502 4028 MTsensor - ok
18:02:48.0534 4028 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
18:02:48.0534 4028 Mup - ok
18:02:48.0581 4028 [ 363B85773D001E35DC977058956A1486 ] MxEFUF C:\Windows\system32\DRIVERS\MxEFUF32.sys
18:02:48.0581 4028 MxEFUF - ok
18:02:48.0643 4028 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
18:02:48.0659 4028 napagent - ok
18:02:48.0690 4028 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:02:48.0690 4028 NativeWifiP - ok
18:02:48.0752 4028 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:02:48.0768 4028 NDIS - ok
18:02:48.0799 4028 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:02:48.0799 4028 NdisCap - ok
18:02:48.0831 4028 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:02:48.0831 4028 NdisTapi - ok
18:02:48.0893 4028 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:02:48.0893 4028 Ndisuio - ok
18:02:48.0940 4028 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:02:48.0956 4028 NdisWan - ok
18:02:48.0987 4028 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:02:48.0987 4028 NDProxy - ok
18:02:49.0018 4028 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:02:49.0034 4028 NetBIOS - ok
18:02:49.0081 4028 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:02:49.0096 4028 NetBT - ok
18:02:49.0112 4028 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
18:02:49.0127 4028 Netlogon - ok
18:02:49.0190 4028 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
18:02:49.0221 4028 Netman - ok
18:02:49.0252 4028 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
18:02:49.0268 4028 netprofm - ok
18:02:49.0331 4028 [ EA80490BB988EA22B7D3B3A4133CC9D1 ] netr28u C:\Windows\system32\DRIVERS\netr28u.sys
18:02:49.0362 4028 netr28u - ok
18:02:49.0393 4028 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:02:49.0393 4028 NetTcpPortSharing - ok
18:02:49.0424 4028 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
18:02:49.0424 4028 nfrd960 - ok
18:02:49.0471 4028 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
18:02:49.0502 4028 NlaSvc - ok
18:02:49.0518 4028 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:02:49.0534 4028 Npfs - ok
18:02:49.0549 4028 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
18:02:49.0565 4028 nsi - ok
18:02:49.0596 4028 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:02:49.0596 4028 nsiproxy - ok
18:02:49.0690 4028 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:02:49.0706 4028 Ntfs - ok
18:02:49.0737 4028 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
18:02:49.0737 4028 Null - ok
18:02:50.0081 4028 [ 9A77B1C13BCCEDDF78DFD7AFC25B4F5E ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:02:50.0252 4028 nvlddmkm - ok
18:02:50.0299 4028 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:02:50.0299 4028 nvraid - ok
18:02:50.0331 4028 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:02:50.0346 4028 nvstor - ok
18:02:50.0409 4028 [ 31B8835B003CAA6D31BEAD83DDBF98E5 ] nvsvc C:\Windows\system32\nvvsvc.exe
18:02:50.0440 4028 nvsvc - ok
18:02:50.0534 4028 [ F935E817409F78FA50C5921DB39124B3 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
18:02:50.0565 4028 nvUpdatusService - ok
18:02:50.0612 4028 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:02:50.0612 4028 nv_agp - ok
18:02:50.0659 4028 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:02:50.0659 4028 ohci1394 - ok
18:02:50.0706 4028 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:02:50.0721 4028 p2pimsvc - ok
18:02:50.0768 4028 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
18:02:50.0784 4028 p2psvc - ok
18:02:50.0831 4028 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:02:50.0831 4028 Parport - ok
18:02:50.0877 4028 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:02:50.0893 4028 partmgr - ok
18:02:50.0909 4028 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
18:02:50.0924 4028 Parvdm - ok
18:02:50.0940 4028 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:02:50.0956 4028 PcaSvc - ok
18:02:50.0987 4028 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
18:02:50.0987 4028 pci - ok
18:02:51.0018 4028 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
18:02:51.0018 4028 pciide - ok
18:02:51.0049 4028 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:02:51.0065 4028 pcmcia - ok
18:02:51.0081 4028 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
18:02:51.0096 4028 pcw - ok
18:02:51.0127 4028 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:02:51.0143 4028 PEAUTH - ok
18:02:51.0221 4028 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
18:02:51.0268 4028 PeerDistSvc - ok
18:02:51.0377 4028 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
18:02:51.0424 4028 pla - ok
18:02:51.0471 4028 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:02:51.0487 4028 PlugPlay - ok
18:02:51.0565 4028 [ 3A2E85F7D90D15460C337CE80C2E3B29 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
18:02:51.0581 4028 PnkBstrA - ok
18:02:51.0612 4028 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:02:51.0627 4028 PNRPAutoReg - ok
18:02:51.0659 4028 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:02:51.0674 4028 PNRPsvc - ok
18:02:51.0706 4028 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:02:51.0721 4028 PolicyAgent - ok
18:02:51.0784 4028 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
18:02:51.0815 4028 Power - ok
18:02:51.0831 4028 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:02:51.0846 4028 PptpMiniport - ok
18:02:51.0877 4028 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:02:51.0877 4028 Processor - ok
18:02:51.0940 4028 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
18:02:51.0956 4028 ProfSvc - ok
18:02:51.0971 4028 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:02:51.0987 4028 ProtectedStorage - ok
18:02:52.0018 4028 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:02:52.0018 4028 Psched - ok
18:02:52.0081 4028 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
18:02:52.0127 4028 ql2300 - ok
18:02:52.0159 4028 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
18:02:52.0159 4028 ql40xx - ok
18:02:52.0221 4028 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
18:02:52.0237 4028 QWAVE - ok
18:02:52.0268 4028 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:02:52.0268 4028 QWAVEdrv - ok
18:02:52.0346 4028 [ 3FC8252625F2574036777D2981F839EE ] RalinkRegistryWriter C:\Program Files\TP-LINK\COMMON\RaRegistry.exe
18:02:52.0346 4028 RalinkRegistryWriter - ok
18:02:52.0377 4028 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:02:52.0377 4028 RasAcd - ok
18:02:52.0424 4028 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:02:52.0424 4028 RasAgileVpn - ok
18:02:52.0440 4028 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
18:02:52.0471 4028 RasAuto - ok
18:02:52.0487 4028 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:02:52.0487 4028 Rasl2tp - ok
18:02:52.0549 4028 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
18:02:52.0565 4028 RasMan - ok
18:02:52.0596 4028 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:02:52.0596 4028 RasPppoe - ok
18:02:52.0627 4028 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:02:52.0643 4028 RasSstp - ok
18:02:52.0674 4028 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:02:52.0690 4028 rdbss - ok
18:02:52.0721 4028 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:02:52.0721 4028 rdpbus - ok
18:02:52.0768 4028 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:02:52.0784 4028 RDPCDD - ok
18:02:52.0831 4028 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
18:02:52.0831 4028 RDPDR - ok
18:02:52.0846 4028 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:02:52.0846 4028 RDPENCDD - ok
18:02:52.0893 4028 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:02:52.0893 4028 RDPREFMP - ok
18:02:52.0940 4028 [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:02:52.0940 4028 RdpVideoMiniport - ok
18:02:52.0987 4028 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:02:53.0002 4028 RDPWD - ok
18:02:53.0049 4028 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:02:53.0065 4028 rdyboost - ok
18:02:53.0112 4028 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
18:02:53.0127 4028 RemoteAccess - ok
18:02:53.0174 4028 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:02:53.0190 4028 RemoteRegistry - ok
18:02:53.0221 4028 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:02:53.0237 4028 RpcEptMapper - ok
18:02:53.0252 4028 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
18:02:53.0268 4028 RpcLocator - ok
18:02:53.0299 4028 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
18:02:53.0315 4028 RpcSs - ok
18:02:53.0346 4028 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:02:53.0346 4028 rspndr - ok
18:02:53.0409 4028 [ 3983CEA05BB855351D75F5482B6C42CE ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
18:02:53.0424 4028 RTL8167 - ok
18:02:53.0456 4028 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
18:02:53.0456 4028 s3cap - ok
18:02:53.0487 4028 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
18:02:53.0487 4028 SamSs - ok
18:02:53.0518 4028 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:02:53.0534 4028 sbp2port - ok
18:02:53.0565 4028 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:02:53.0581 4028 SCardSvr - ok
18:02:53.0627 4028 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:02:53.0643 4028 scfilter - ok
18:02:53.0706 4028 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
18:02:53.0737 4028 Schedule - ok
18:02:53.0752 4028 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:02:53.0768 4028 SCPolicySvc - ok
18:02:53.0815 4028 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:02:53.0831 4028 SDRSVC - ok
18:02:53.0862 4028 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:02:53.0862 4028 secdrv - ok
18:02:53.0893 4028 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
18:02:53.0909 4028 seclogon - ok
18:02:53.0924 4028 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
18:02:53.0940 4028 SENS - ok
18:02:53.0971 4028 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:02:53.0987 4028 SensrSvc - ok
18:02:54.0002 4028 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:02:54.0018 4028 Serenum - ok
18:02:54.0049 4028 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:02:54.0049 4028 Serial - ok
18:02:54.0081 4028 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
18:02:54.0096 4028 sermouse - ok
18:02:54.0174 4028 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
18:02:54.0190 4028 SessionEnv - ok
18:02:54.0237 4028 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:02:54.0237 4028 sffdisk - ok
18:02:54.0252 4028 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:02:54.0268 4028 sffp_mmc - ok
18:02:54.0299 4028 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:02:54.0299 4028 sffp_sd - ok
18:02:54.0331 4028 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:02:54.0331 4028 sfloppy - ok
18:02:54.0393 4028 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:02:54.0409 4028 SharedAccess - ok
18:02:54.0471 4028 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:02:54.0487 4028 ShellHWDetection - ok
18:02:54.0518 4028 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
18:02:54.0518 4028 sisagp - ok
18:02:54.0549 4028 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:02:54.0565 4028 SiSRaid2 - ok
18:02:54.0596 4028 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
18:02:54.0596 4028 SiSRaid4 - ok
18:02:54.0659 4028 [ 68EA68D03BF58389FE6AD2B38FAD798C ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
18:02:54.0659 4028 SkypeUpdate - ok
18:02:54.0690 4028 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:02:54.0690 4028 Smb - ok
18:02:54.0768 4028 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:02:54.0799 4028 SNMPTRAP - ok
18:02:54.0846 4028 [ 3FA2E254BFBCE52B3C6F1BF23AAB6911 ] speedfan C:\Windows\system32\speedfan.sys
18:02:54.0862 4028 speedfan - ok
18:02:54.0893 4028 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
18:02:54.0909 4028 spldr - ok
18:02:54.0956 4028 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
18:02:54.0971 4028 Spooler - ok
18:02:55.0081 4028 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
18:02:55.0159 4028 sppsvc - ok
18:02:55.0237 4028 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:02:55.0252 4028 sppuinotify - ok
18:02:55.0315 4028 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:02:55.0331 4028 srv - ok
18:02:55.0362 4028 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:02:55.0362 4028 srv2 - ok
18:02:55.0393 4028 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:02:55.0393 4028 srvnet - ok
18:02:55.0440 4028 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:02:55.0456 4028 SSDPSRV - ok
18:02:55.0487 4028 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:02:55.0502 4028 SstpSvc - ok
18:02:55.0549 4028 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
18:02:55.0549 4028 stexstor - ok
18:02:55.0612 4028 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
18:02:55.0643 4028 StiSvc - ok
18:02:55.0674 4028 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
18:02:55.0690 4028 storflt - ok
18:02:55.0721 4028 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
18:02:55.0737 4028 storvsc - ok
18:02:55.0799 4028 [ 2AA2D356CB735CD3CCA9F671BD75C9B5 ] SWDUMon C:\Windows\system32\DRIVERS\SWDUMon.sys
18:02:55.0799 4028 SWDUMon - ok
18:02:55.0846 4028 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
18:02:55.0846 4028 swenum - ok
18:02:55.0877 4028 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
18:02:55.0893 4028 swprv - ok
18:02:55.0909 4028 Synth3dVsc - ok
18:02:55.0987 4028 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
18:02:56.0034 4028 SysMain - ok
18:02:56.0065 4028 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:02:56.0081 4028 TabletInputService - ok
18:02:56.0127 4028 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
18:02:56.0159 4028 TapiSrv - ok
18:02:56.0190 4028 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
18:02:56.0206 4028 TBS - ok
18:02:56.0284 4028 [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:02:56.0315 4028 Tcpip - ok
18:02:56.0362 4028 [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:02:56.0393 4028 TCPIP6 - ok
18:02:56.0456 4028 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:02:56.0456 4028 tcpipreg - ok
18:02:56.0502 4028 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:02:56.0518 4028 TDPIPE - ok
18:02:56.0534 4028 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:02:56.0549 4028 TDTCP - ok
18:02:56.0596 4028 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:02:56.0612 4028 tdx - ok
18:02:56.0737 4028 [ 9F3E7CABE86BBDECA009DE291DB6D9E2 ] TeamViewer8 C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
18:02:56.0799 4028 TeamViewer8 - ok
18:02:56.0846 4028 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
18:02:56.0846 4028 TermDD - ok
18:02:56.0909 4028 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
18:02:56.0940 4028 TermService - ok
18:02:56.0971 4028 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
18:02:57.0002 4028 Themes - ok
18:02:57.0018 4028 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
18:02:57.0034 4028 THREADORDER - ok
18:02:57.0081 4028 [ 25F16B72A7CC494EAC01A90A44218456 ] TpMediaServer C:\Program Files\TP-LINK\COMMON\RaMediaServer.exe
18:02:57.0096 4028 TpMediaServer - ok
18:02:57.0127 4028 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
18:02:57.0143 4028 TrkWks - ok
18:02:57.0221 4028 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:02:57.0221 4028 TrustedInstaller - ok
18:02:57.0284 4028 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:02:57.0284 4028 tssecsrv - ok
18:02:57.0315 4028 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:02:57.0315 4028 TsUsbFlt - ok
18:02:57.0331 4028 tsusbhub - ok
18:02:57.0377 4028 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:02:57.0393 4028 tunnel - ok
18:02:57.0424 4028 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
18:02:57.0440 4028 uagp35 - ok
18:02:57.0487 4028 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:02:57.0502 4028 udfs - ok
18:02:57.0549 4028 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:02:57.0565 4028 UI0Detect - ok
18:02:57.0596 4028 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:02:57.0596 4028 uliagpkx - ok
18:02:57.0627 4028 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:02:57.0643 4028 umbus - ok
18:02:57.0674 4028 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:02:57.0674 4028 UmPass - ok
18:02:57.0737 4028 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
18:02:57.0752 4028 UmRdpService - ok
18:02:57.0784 4028 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
18:02:57.0815 4028 upnphost - ok
18:02:57.0846 4028 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:02:57.0846 4028 usbccgp - ok
18:02:57.0893 4028 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:02:57.0893 4028 usbcir - ok
18:02:57.0940 4028 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:02:57.0940 4028 usbehci - ok
18:02:57.0971 4028 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:02:57.0987 4028 usbhub - ok
18:02:58.0018 4028 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:02:58.0018 4028 usbohci - ok
18:02:58.0049 4028 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:02:58.0065 4028 usbprint - ok
18:02:58.0096 4028 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:02:58.0112 4028 usbscan - ok
18:02:58.0143 4028 [ 31181DE6190B39FC8007DFFD1A48FFD6 ] usbser C:\Windows\system32\drivers\usbser.sys
18:02:58.0143 4028 usbser - ok
18:02:58.0174 4028 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:02:58.0190 4028 USBSTOR - ok
18:02:58.0221 4028 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
18:02:58.0221 4028 usbuhci - ok
18:02:58.0237 4028 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
18:02:58.0268 4028 UxSms - ok
18:02:58.0284 4028 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
18:02:58.0299 4028 VaultSvc - ok
18:02:58.0331 4028 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:02:58.0331 4028 vdrvroot - ok
18:02:58.0377 4028 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
18:02:58.0409 4028 vds - ok
18:02:58.0440 4028 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:02:58.0440 4028 vga - ok
18:02:58.0487 4028 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:02:58.0487 4028 VgaSave - ok
18:02:58.0502 4028 VGPU - ok
18:02:58.0549 4028 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:02:58.0549 4028 vhdmp - ok
18:02:58.0581 4028 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
18:02:58.0581 4028 viaagp - ok
18:02:58.0612 4028 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
18:02:58.0627 4028 ViaC7 - ok
18:02:58.0659 4028 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
18:02:58.0659 4028 viaide - ok
18:02:58.0706 4028 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
18:02:58.0706 4028 vmbus - ok
18:02:58.0737 4028 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
18:02:58.0737 4028 VMBusHID - ok
18:02:58.0768 4028 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:02:58.0768 4028 volmgr - ok
18:02:58.0799 4028 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:02:58.0815 4028 volmgrx - ok
18:02:58.0846 4028 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:02:58.0846 4028 volsnap - ok
18:02:58.0893 4028 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
18:02:58.0893 4028 vsmraid - ok
18:02:58.0956 4028 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
18:02:58.0987 4028 VSS - ok

lukasgereg · Příspěvekod **lukasgereg** » 24 úno 2013 18:52

18:02:59.0018 4028 vToolbarUpdater14.2.0 - ok
18:02:59.0034 4028 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:02:59.0049 4028 vwifibus - ok
18:02:59.0065 4028 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:02:59.0081 4028 vwififlt - ok
18:02:59.0096 4028 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
18:02:59.0096 4028 vwifimp - ok
18:02:59.0159 4028 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
18:02:59.0190 4028 W32Time - ok
18:02:59.0237 4028 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
18:02:59.0237 4028 WacomPen - ok
18:02:59.0284 4028 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:02:59.0284 4028 WANARP - ok
18:02:59.0299 4028 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:02:59.0315 4028 Wanarpv6 - ok
18:02:59.0393 4028 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:02:59.0424 4028 WatAdminSvc - ok
18:02:59.0487 4028 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
18:02:59.0518 4028 wbengine - ok
18:02:59.0565 4028 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:02:59.0581 4028 WbioSrvc - ok
18:02:59.0643 4028 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:02:59.0659 4028 wcncsvc - ok
18:02:59.0690 4028 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:02:59.0706 4028 WcsPlugInService - ok
18:02:59.0737 4028 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
18:02:59.0737 4028 Wd - ok
18:02:59.0799 4028 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:02:59.0815 4028 Wdf01000 - ok
18:02:59.0846 4028 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:02:59.0862 4028 WdiServiceHost - ok
18:02:59.0877 4028 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:02:59.0909 4028 WdiSystemHost - ok
18:02:59.0956 4028 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
18:02:59.0987 4028 WebClient - ok
18:03:00.0002 4028 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:03:00.0034 4028 Wecsvc - ok
18:03:00.0065 4028 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:03:00.0081 4028 wercplsupport - ok
18:03:00.0112 4028 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
18:03:00.0143 4028 WerSvc - ok
18:03:00.0159 4028 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:03:00.0159 4028 WfpLwf - ok
18:03:00.0206 4028 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:03:00.0221 4028 WIMMount - ok
18:03:00.0284 4028 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
18:03:00.0299 4028 WinDefend - ok
18:03:00.0315 4028 WinHttpAutoProxySvc - ok
18:03:00.0393 4028 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:03:00.0409 4028 Winmgmt - ok
18:03:00.0456 4028 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
18:03:00.0502 4028 WinRM - ok
18:03:00.0565 4028 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
18:03:00.0565 4028 WinUsb - ok
18:03:00.0612 4028 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:03:00.0643 4028 Wlansvc - ok
18:03:00.0690 4028 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:03:00.0690 4028 WmiAcpi - ok
18:03:00.0737 4028 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:03:00.0737 4028 wmiApSrv - ok
18:03:00.0799 4028 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
18:03:00.0815 4028 WMPNetworkSvc - ok
18:03:00.0846 4028 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:03:00.0877 4028 WPCSvc - ok
18:03:00.0940 4028 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:03:00.0956 4028 WPDBusEnum - ok
18:03:01.0002 4028 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:03:01.0002 4028 ws2ifsl - ok
18:03:01.0034 4028 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
18:03:01.0065 4028 wscsvc - ok
18:03:01.0081 4028 WSearch - ok
18:03:01.0190 4028 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
18:03:01.0237 4028 wuauserv - ok
18:03:01.0299 4028 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:03:01.0299 4028 WudfPf - ok
18:03:01.0331 4028 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:03:01.0331 4028 WUDFRd - ok
18:03:01.0362 4028 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:03:01.0393 4028 wudfsvc - ok
18:03:01.0440 4028 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
18:03:01.0456 4028 WwanSvc - ok
18:03:01.0549 4028 ================ Scan global ===============================
18:03:01.0596 4028 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
18:03:01.0659 4028 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
18:03:01.0690 4028 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
18:03:01.0721 4028 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
18:03:01.0768 4028 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
18:03:01.0784 4028 [Global] - ok
18:03:01.0799 4028 ================ Scan MBR ==================================
18:03:01.0815 4028 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:03:02.0768 4028 \Device\Harddisk0\DR0 - ok
18:03:02.0768 4028 ================ Scan VBR ==================================
18:03:02.0784 4028 [ BC779C629505F82F54041E619D30CECA ] \Device\Harddisk0\DR0\Partition1
18:03:02.0784 4028 \Device\Harddisk0\DR0\Partition1 - ok
18:03:02.0784 4028 ============================================================
18:03:02.0784 4028 Scan finished
18:03:02.0784 4028 ============================================================
18:03:02.0831 1084 Detected object count: 0
18:03:02.0831 1084 Actual detected object count: 0

Příspěvekod **memphisto** » 24 úno 2013 22:23

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
Driver::
SkypeUpdate
vToolbarUpdater14.2.0
cpudrv

File::
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4020533193-2274794661-2165323434-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4020533193-2274794661-2165323434-1000UA.job

Folder::
c:\program files\Skype\Updater
c:\program files\Common Files\AVG Secure Search
c:\program files\SystemRequirementsLab

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upus.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

lukasgereg · Příspěvekod **lukasgereg** » 25 úno 2013 01:03

ComboFix 13-02-24.01 - doma 25.02.2013 0:31.2.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.3071.2122 [GMT 1:00]
Spuštěný z: c:\users\doma\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\doma\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4020533193-2274794661-2165323434-1000Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4020533193-2274794661-2165323434-1000UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\doma\AppData\Local\Temp\sfamcc00001.dll
c:\users\doma\AppData\Local\Temp\sfareca00001.dll
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4020533193-2274794661-2165323434-1000Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4020533193-2274794661-2165323434-1000UA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_CPUDRV
-------\Service_cpudrv
-------\Service_SkypeUpdate
-------\Service_vToolbarUpdater14.2.0
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-01-24 do 2013-02-24 )))))))))))))))))))))))))))))))
.
.
2013-02-24 23:52 . 2013-02-24 23:55 -------- d-----w- c:\users\doma\AppData\Local\temp
2013-02-24 23:52 . 2013-02-24 23:52 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-24 18:56 . 2013-02-24 18:56 -------- d-----w- C:\SkyDriveTemp
2013-02-24 18:38 . 2013-02-24 18:38 -------- d-----w- c:\program files\Microsoft SkyDrive
2013-02-24 18:38 . 2013-02-24 23:55 -------- d-----r- c:\users\doma\SkyDrive
2013-02-24 18:36 . 2013-02-24 18:36 -------- d-----w- c:\programdata\Microsoft SkyDrive
2013-02-24 17:17 . 2013-02-24 17:17 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{48A96613-31C1-49CF-953E-77B579D84959}\offreg.dll
2013-02-24 16:47 . 2013-02-24 16:47 388096 ----a-r- c:\users\doma\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-02-24 16:47 . 2013-02-24 16:47 -------- d-----w- c:\program files\Trend Micro
2013-02-24 01:28 . 2012-12-16 14:13 295424 ----a-w- c:\windows\system32\atmfd.dll
2013-02-24 01:28 . 2012-12-16 14:13 34304 ----a-w- c:\windows\system32\atmlib.dll
2013-02-24 01:14 . 2013-01-08 22:01 768000 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-24 00:57 . 2013-02-24 00:57 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-24 00:57 . 2013-02-24 00:57 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-24 00:17 . 2013-02-24 00:17 -------- d-----w- c:\users\doma\Doctor Web
2013-02-23 23:27 . 2013-01-04 03:00 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-02-23 23:27 . 2012-11-22 04:45 626688 ----a-w- c:\windows\system32\usp10.dll
2013-02-23 23:27 . 2012-11-09 04:43 492032 ----a-w- c:\windows\system32\win32spl.dll
2013-02-23 23:25 . 2012-11-30 04:45 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-02-23 23:24 . 2012-12-07 10:46 43520 ----a-w- c:\windows\system32\csrr.rs
2013-02-23 23:23 . 2012-11-20 04:51 220160 ----a-w- c:\windows\system32\ncrypt.dll
2013-02-23 23:23 . 2012-11-23 02:48 49152 ----a-w- c:\windows\system32\taskhost.exe
2013-02-23 23:23 . 2013-01-04 04:50 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-02-23 23:18 . 2013-02-23 23:18 -------- d-----w- c:\users\doma\AppData\Local\Adobe
2013-02-23 23:11 . 2013-02-19 02:58 6954968 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{48A96613-31C1-49CF-953E-77B579D84959}\mpengine.dll
2013-02-23 21:49 . 2013-02-23 21:49 -------- d-----w- c:\users\doma\AppData\Local\Apple
2013-02-23 20:44 . 2013-02-23 20:44 -------- d-----w- c:\users\UpdatusUser
2013-02-23 20:43 . 2013-01-31 09:01 2859296 ------w- c:\windows\system32\nvsvc.dll
2013-02-23 20:43 . 2013-01-31 09:01 3970848 ------w- c:\windows\system32\nvcpl.dll
2013-02-23 20:43 . 2013-01-31 09:00 634656 ------w- c:\windows\system32\nvvsvc.exe
2013-02-23 20:43 . 2013-01-31 09:00 62752 ------w- c:\windows\system32\nvshext.dll
2013-02-23 20:43 . 2013-01-31 09:00 2557728 ------w- c:\windows\system32\nvsvcr.dll
2013-02-23 20:43 . 2013-01-31 09:00 108832 ------w- c:\windows\system32\nvmctray.dll
2013-02-23 20:43 . 2013-02-19 20:33 53024 ------w- c:\windows\system32\OpenCL.dll
2013-02-23 20:42 . 2013-02-23 20:42 -------- d-----w- c:\programdata\NVIDIA Corporation
2013-02-23 18:59 . 2013-02-23 18:59 -------- d-----w- c:\users\doma\AppData\Roaming\Malwarebytes
2013-02-23 18:54 . 2013-02-23 18:54 -------- d-----w- c:\programdata\Malwarebytes
2013-02-23 18:54 . 2013-02-23 18:54 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-02-23 18:54 . 2012-12-14 15:49 21104 ------w- c:\windows\system32\drivers\mbam.sys
2013-02-23 18:54 . 2013-02-23 18:54 -------- d-----w- c:\users\doma\AppData\Local\Programs
2013-02-23 17:44 . 2013-02-23 17:44 -------- d-----w- C:\7dni7noci
2013-02-19 20:32 . 2013-02-19 20:32 6162704 ------w- c:\windows\system32\nvopencl.dll
2013-02-19 20:32 . 2013-02-19 20:32 10919200 ------w- c:\windows\system32\drivers\nvlddmkm.sys
2013-02-19 20:32 . 2013-02-19 20:32 2446416 ------w- c:\windows\system32\nvapi.dll
2013-02-19 20:32 . 2013-02-19 20:32 17560352 ------w- c:\windows\system32\nvcompiler.dll
2013-02-19 20:32 . 2013-02-19 20:32 2577184 ------w- c:\windows\system32\nvcuvid.dll
2013-02-19 20:32 . 2013-02-19 20:32 1869088 ------w- c:\windows\system32\nvcuvenc.dll
2013-02-19 20:32 . 2013-02-19 20:32 15413704 ------w- c:\windows\system32\nvd3dum.dll
2013-02-19 20:32 . 2013-02-19 20:32 892704 ------w- c:\windows\system32\nvdispgenco32.dll
2013-02-19 20:32 . 2013-02-19 20:32 1010464 ------w- c:\windows\system32\nvdispco32.dll
2013-02-19 20:32 . 2013-02-19 20:32 7754560 ------w- c:\windows\system32\nvcuda.dll
2013-02-19 20:32 . 2013-02-19 20:32 19915552 ------w- c:\windows\system32\nvoglv32.dll
2013-02-16 16:09 . 2013-02-16 16:09 -------- d-----w- c:\program files\Astroburn Lite
2013-02-16 16:09 . 2013-02-16 16:09 -------- d-----w- c:\programdata\Astroburn Lite
2013-02-16 16:07 . 2013-02-16 16:07 242240 ------w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-02-16 16:07 . 2013-02-16 16:07 -------- d-----w- C:\DAEMON Tools Lite
2013-01-31 08:47 . 2013-01-31 08:47 -------- d-----w- c:\users\doma\.thumbnails
2013-01-31 08:42 . 2013-01-31 08:42 -------- d-----w- c:\users\doma\AppData\Roaming\EPSON
2013-01-31 08:40 . 2013-01-31 08:40 -------- d-----w- c:\users\doma\AppData\Local\fontconfig
2013-01-31 08:40 . 2013-02-23 23:40 -------- d-----w- c:\users\doma\.gimp-2.8
2013-01-31 08:40 . 2013-01-31 08:40 -------- d-----w- c:\users\doma\AppData\Local\gegl-0.2
2013-01-31 08:37 . 2013-01-31 08:39 -------- d-----w- c:\program files\GIMP 2
2013-01-28 16:06 . 2013-01-28 16:06 -------- d-----w- c:\users\doma\AppData\Local\Macromedia
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-19 13:25 . 2012-10-23 07:47 33112 ------w- c:\windows\system32\drivers\avgtpx86.sys
2013-01-17 00:28 . 2012-03-19 15:47 232336 ------w- c:\windows\system32\MpSigStub.exe
2012-12-18 11:46 . 2012-12-17 20:54 138032 ------w- c:\windows\system32\drivers\PnkBstrK.sys
2012-12-18 11:45 . 2012-12-17 20:38 281688 ------w- c:\windows\system32\PnkBstrB.exe
2012-12-18 11:45 . 2012-12-15 11:24 281688 ------w- c:\windows\system32\PnkBstrB.xtr
2012-12-17 20:54 . 2012-12-14 19:39 281688 ------w- c:\windows\system32\PnkBstrB.ex0
2012-12-17 20:38 . 2012-12-17 20:38 76888 ------w- c:\windows\system32\PnkBstrA.exe
2013-01-28 16:50 . 2013-01-28 16:49 262552 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-02-24 18:37 222712 ----a-w- c:\users\doma\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-02-24 18:37 222712 ----a-w- c:\users\doma\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-02-24 18:37 222712 ----a-w- c:\users\doma\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\daemon tools lite\DTLite.exe" [2013-01-08 3674320]
"SkyDrive"="c:\users\doma\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" [2013-02-24 255992]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-09-07 43608]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-12-13 11487848]
.
c:\users\doma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
speedfan – zástupce.lnk - c:\program files\SpeedFan\speedfan.exe [2012-9-12 4679672]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
TP-LINK Wireless Client Utility.lnk - c:\program files\TP-LINK\COMMON\TWCU.exe [2002-1-1 10918400]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2012-03-19 15:48 136176 ----atw- c:\users\doma\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-07-03 07:04 252848 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;c:\program files\FinalWire\AIDA64 Extreme Edition\kerneld.x32 [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TpMediaServer;TpMediaServer;c:\program files\TP-LINK\COMMON\RaMediaServer.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 MxEFUF;Matrox Extio Upper Function Filter;c:\windows\system32\DRIVERS\MxEFUF32.sys [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 TeamViewer8;TeamViewer 8;c:\program files\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 netr28u;RT2870 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr28u.sys [x]
.
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = <local>
TCP: DhcpNameServer = 83.240.0.214 83.240.0.136
FF - ProfilePath - c:\users\doma\AppData\Roaming\Mozilla\Firefox\Profiles\kqzmicoi.default\
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AIDA64Driver]
"ImagePath"="\??\c:\program files\FinalWire\AIDA64 Extreme Edition\kerneld.x32"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\windows\system32\taskhost.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\programdata\EPSON\EPW!3 SSRP\E_S40RP7.EXE
c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\TP-LINK\COMMON\RaRegistry.exe
c:\windows\system32\conhost.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2013-02-25 01:01:33 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-02-25 00:01
ComboFix2.txt 2013-02-24 17:46
.
Před spuštěním: Volných bajtů: 157 715 591 168
Po spuštění: Volných bajtů: 156 951 207 936
.
- - End Of File - - A1BB6C7714922F73321921005A01F436

Příspěvekod **memphisto** » 25 úno 2013 08:19

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem
a použij i T-Cleaner
smaže vše po Combu,MWAVu atd.-stáhneš>spustíš

pozn. před stažením T-Cleaneru a po dobu čištění deaktivuj antivir a antispyware ,následně T-Cleaner smaž a zapni si znovu antivir a antispyware.

+ HJT

Jak se chová PC?

Prosím o kontrolu logu /CPU*/ Vyřešeno

Prosím o kontrolu logu /CPU*/

Re: Prosím o kontrolu logu /CPU*/

Re: Prosím o kontrolu logu /CPU*/

Re: Prosím o kontrolu logu /CPU*/

Re: Prosím o kontrolu logu /CPU*/

Re: Prosím o kontrolu logu /CPU*/

Re: Prosím o kontrolu logu /CPU*/

Re: Prosím o kontrolu logu /CPU*/

Re: Prosím o kontrolu logu /CPU*/

Re: Prosím o kontrolu logu /CPU*/

Re: Prosím o kontrolu logu /CPU*/

Re: Prosím o kontrolu logu /CPU*/

Kdo je online