Prosím o kontrolu logu Vyřešeno

[Johnny82]

zdravím Stránky se pomalu načítají .PC jsem pročistil ATF clenerem a projel antiviriem

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:24:49, on 2.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\SRS Labs\SRS Audio Essentials\AENotifier.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\CapsUnlock\CapsUnlock.exe
C:\Program Files\YoWindow\yowindow.exe
C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
C:\Program Files\Trillian\trillian.exe
c:\program files\trillian\plugins\skypekit.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
E:\programy\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SRSAENotifier] C:\Program Files\SRS Labs\SRS Audio Essentials\AENotifier.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe" /Manual
O4 - Startup: CapsUnlock.lnk = C:\Program Files\CapsUnlock\CapsUnlock.exe
O4 - Startup: YoWindow.lnk = C:\Program Files\YoWindow\yowindow.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Stáhnout s IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Stáhnout s IDM všechny odkazy - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - (no CLSID) - (no file)
O18 - Filter hijack: text/xml - (no CLSID) - (no file)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: SRS HDAudio Lab Service (SRSHDAudioService) - SRS Labs, Inc. - C:\Program Files\Common Files\SRS Labs\SRS HD Audio Lab Service 2\SRSAudioLabService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe

--
End of file - 6009 bytes

[Reklama]

[Orcus]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

===================================================

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

===================================================

Stáhni si MiniToolBox a spusť ho.
V okně zaškrtni čtverečky:
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log

Potom klikni na GO , po chvíli skenu se objeví log s názvem „Result“ , zkopíruj sem celý jeho obsah.

[Johnny82]

Malwarebytes Anti-Malware (PRO) 1.70.0.1100
www.malwarebytes.org

Verze: v2013.03.03.02

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
JOHNNY :: JOHNNY-PC [administrátor]

Ochrana: Zakázána

3.3.2013 7:45:32
mbam-log-2013-03-03 (07-45-32).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 230429
Uplynulý čas: 10 minut, 11 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

[Johnny82]

MiniToolBox by Farbar Version:01-03-2013
Ran by JOHNNY (administrator) on 03-03-2013 at 08:03:17
Running from "C:\Users\JOHNNY\Desktop"
Windows 7 Ultimate Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Připojení k místní síti (Connected)


# ----------------------------------
# Konfigurace protokolu IPv4
# ----------------------------------
pushd interface ipv4

reset
set global defaultcurhoplimit=64
set interface interface="Loopback Pseudo-Interface 1" forwarding=disabled advertise=disabled mtu=1500 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
set interface interface="Pýipojenˇ k mˇstnˇ sˇti" forwarding=disabled advertise=disabled mtu=1500 metric=0 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled


popd
# Konec konfigurace protokolu IPv4



Konfigurace protokolu IP syst‚mu Windows

N zev hostitele . . . . . . . . . : JOHNNY-PC
Prim rnˇ pýˇpona DNS. . . . . . . :
Typ uzlu . . . . . . . . . . . . : hybridnˇ
Povoleno smŘrov nˇ IP . . . . . . : Ne
WINS Proxy povoleno . . . . . . . : Ne

Adapt‚r sˇtŘ Ethernet Pýipojenˇ k mˇstnˇ sˇti:

Pýˇpona DNS podle pýipojenˇ . . . :
Popis . . . . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Fyzick  Adresa. . . . . . . . . . : 00-19-21-47-A8-5B
Protokol DHCP povolen . . . . . . : Ano
Automatick  konfigurace povolena : Ano
Mˇstnˇ IPv6 adresa v r mci propojenˇ . . . : fe80::58ee:8874:69c0:559d%11(Preferovan‚)
Adresa IPv4 . . . . . . . . . . . : 89.176.150.150(Preferovan‚)
Maska podsˇtŘ . . . . . . . . . . : 255.255.255.0
Zap…jźeno . . . . . . . . . . . . : 3. býezna 2013 7:23:37
Z p…jźka vyprçˇ . . . . . . . . . : 3. býezna 2013 8:23:44
Věchozˇ br na . . . . . . . . . . : 89.176.150.1
Server DHCP . . . . . . . . . . . : 10.126.128.1
IAID DHCPv6 . . . . . . . . . . : 234887457
DUID klienta DHCPv6. . . . . . . : 00-01-00-01-18-72-85-3A-00-19-21-47-A8-5B
Servery DNS . . . . . . . . . . . : 213.46.172.36
213.46.172.37
Rozhranˇ NetBios nad protokolem TCP/IP. . . . . . . . : Povoleno

Adapt‚r pro tunelov‚ pýipojenˇ isatap.{73514EEF-67F8-4A5A-80AB-B7080420400C}:

Stav m‚dia . . . . . . . . . . . : odpojeno
Pýˇpona DNS podle pýipojenˇ . . . :
Popis . . . . . . . . . . . . . . : Microsoft ISATAP Adapter
Fyzick  Adresa. . . . . . . . . . : 00-00-00-00-00-00-00-E0
Protokol DHCP povolen . . . . . . : Ne
Automatick  konfigurace povolena : Ano

Adapt‚r pro tunelov‚ pýipojenˇ 6TO4 Adapter:

Stav m‚dia . . . . . . . . . . . : odpojeno
Pýˇpona DNS podle pýipojenˇ . . . :
Popis . . . . . . . . . . . . . . : Microsoft 6to4 Adapter
Fyzick  Adresa. . . . . . . . . . : 00-00-00-00-00-00-00-E0
Protokol DHCP povolen . . . . . . : Ne
Automatick  konfigurace povolena : Ano

Adapt‚r pro tunelov‚ pýipojenˇ Teredo Tunneling Pseudo-Interface:

Stav m‚dia . . . . . . . . . . . : odpojeno
Pýˇpona DNS podle pýipojenˇ . . . :
Popis . . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Fyzick  Adresa. . . . . . . . . . : 00-00-00-00-00-00-00-E0
Protokol DHCP povolen . . . . . . : Ne
Automatick  konfigurace povolena : Ano
Server: cz-prg01a-dns01.chello.cz
Address: 213.46.172.36

Nazev: google.com
Addresses: 2a00:1450:4008:c01::71
173.194.35.70
173.194.35.67
173.194.35.66
173.194.35.68
173.194.35.71
173.194.35.65
173.194.35.72
173.194.35.64
173.194.35.78
173.194.35.69
173.194.35.73


Pýˇkaz PING na google.com [173.194.35.70] - 32 bajt… dat:
OdpovŘÔ od 173.194.35.70: bajty=32 źas=18ms TTL=56
OdpovŘÔ od 173.194.35.70: bajty=32 źas=17ms TTL=56

Statistika ping pro 173.194.35.70:
Pakety: Odeslan‚ = 2, Pýijat‚ = 2, Ztracen‚ = 0 (ztr ta 0%),
Pýibli§n  doba do pýijetˇ odezvy v milisekund ch:
Minimum = 17ms, Maximum = 18ms, Pr…mŘr = 17ms
Server: cz-prg01a-dns01.chello.cz
Address: 213.46.172.36

Nazev: yahoo.com
Addresses: 98.138.253.109
206.190.36.45
98.139.183.24


Pýˇkaz PING na yahoo.com [98.138.253.109] - 32 bajt… dat:
OdpovŘÔ od 98.138.253.109: bajty=32 źas=198ms TTL=48
OdpovŘÔ od 98.138.253.109: bajty=32 źas=232ms TTL=48

Statistika ping pro 98.138.253.109:
Pakety: Odeslan‚ = 2, Pýijat‚ = 2, Ztracen‚ = 0 (ztr ta 0%),
Pýibli§n  doba do pýijetˇ odezvy v milisekund ch:
Minimum = 198ms, Maximum = 232ms, Pr…mŘr = 215ms

Pýˇkaz PING na 127.0.0.1 - 32 bajt… dat:
OdpovŘÔ od 127.0.0.1: bajty=32 źas < 1ms TTL=64
OdpovŘÔ od 127.0.0.1: bajty=32 źas < 1ms TTL=64

Statistika ping pro 127.0.0.1:
Pakety: Odeslan‚ = 2, Pýijat‚ = 2, Ztracen‚ = 0 (ztr ta 0%),
Pýibli§n  doba do pýijetˇ odezvy v milisekund ch:
Minimum = 0ms, Maximum = 0ms, Pr…mŘr = 0ms
===========================================================================
Seznam rozhranˇ
11...00 19 21 47 a8 5b ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 SmŘrovacˇ tabulka
===========================================================================
Aktivnˇ smŘrov nˇ:
Cˇl v sˇti Sˇśov  maska Br na Rozhranˇ Metrika
0.0.0.0 0.0.0.0 89.176.150.1 89.176.150.150 10
89.176.150.0 255.255.255.0 Propojen‚ 89.176.150.150 266
89.176.150.150 255.255.255.255 Propojen‚ 89.176.150.150 266
89.176.150.255 255.255.255.255 Propojen‚ 89.176.150.150 266
127.0.0.0 255.0.0.0 Propojen‚ 127.0.0.1 306
127.0.0.1 255.255.255.255 Propojen‚ 127.0.0.1 306
127.255.255.255 255.255.255.255 Propojen‚ 127.0.0.1 306
224.0.0.0 240.0.0.0 Propojen‚ 127.0.0.1 306
224.0.0.0 240.0.0.0 Propojen‚ 89.176.150.150 266
255.255.255.255 255.255.255.255 Propojen‚ 127.0.0.1 306
255.255.255.255 255.255.255.255 Propojen‚ 89.176.150.150 266
===========================================================================
Trval‚ trasy:
¦ dn‚

IPv6 SmŘrovacˇ tabulka
===========================================================================
Aktivnˇ smŘrov nˇ:
Rozhranˇ Metrika Cˇl v sˇti Br na
1 306 ::1/128 Propojen‚
11 266 fe80::/64 Propojen‚
11 266 fe80::58ee:8874:69c0:559d/128
Propojen‚
1 306 ff00::/8 Propojen‚
11 266 ff00::/8 Propojen‚
===========================================================================
Trval‚ trasy:
¦ dn‚
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/02/2013 08:30:33 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/02/2013 08:18:59 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/02/2013 08:14:36 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/02/2013 07:24:10 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/01/2013 08:32:55 PM) (Source: VSS) (User: )
Description: Chyba služby Stínová kopie svazků: Při vytváření třídy zprostředkovatele stínové kopie modelu COM s identifikátorem CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
] došlo k chybě.


Operace:
Získat rozhraní umožňující volání pro tohoto zprostředkovatele
Zobrazit seznam rozhraní pro všechny zprostředkovatele podporující tento kontext
Dotaz na stínové kopie

Kontext:
ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}
ID třídy: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Kontext snímku: 13
Kontext snímku: 13
Kontext spuštění: Coordinator

Error: (03/01/2013 08:32:55 PM) (Source: VSS) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} a názvem SW_PROV nelze spustit. [0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.
]


Operace:
Získat rozhraní umožňující volání pro tohoto zprostředkovatele
Zobrazit seznam rozhraní pro všechny zprostředkovatele podporující tento kontext
Dotaz na stínové kopie

Kontext:
ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}
ID třídy: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Kontext snímku: 13
Kontext snímku: 13
Kontext spuštění: Coordinator

Error: (03/01/2013 08:26:10 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/01/2013 07:49:34 PM) (Source: Application Error) (User: )
Description: Název chybující aplikace: app.n3app, verze: 0.0.0.0, časové razítko: 0x512f75be
Název chybujícího modulu: app.n3app, verze: 0.0.0.0, časové razítko: 0x512f75be
Kód výjimky: 0x40000015
Posun chyby: 0x0064f04d
ID chybujícího procesu: 0x480
Čas spuštění chybující aplikace: 0xapp.n3app0
Cesta k chybující aplikaci: app.n3app1
Cesta k chybujícímu modulu: app.n3app2
ID zprávy: app.n3app3

Error: (03/01/2013 07:45:18 PM) (Source: Application Error) (User: )
Description: Název chybující aplikace: app.n3app, verze: 0.0.0.0, časové razítko: 0x512f75be
Název chybujícího modulu: app.n3app, verze: 0.0.0.0, časové razítko: 0x512f75be
Kód výjimky: 0x40000015
Posun chyby: 0x0064f04d
ID chybujícího procesu: 0xf84
Čas spuštění chybující aplikace: 0xapp.n3app0
Cesta k chybující aplikaci: app.n3app1
Cesta k chybujícímu modulu: app.n3app2
ID zprávy: app.n3app3

Error: (03/01/2013 07:42:11 PM) (Source: Application Error) (User: )
Description: Název chybující aplikace: app.n3app, verze: 0.0.0.0, časové razítko: 0x512f75be
Název chybujícího modulu: app.n3app, verze: 0.0.0.0, časové razítko: 0x512f75be
Kód výjimky: 0x40000015
Posun chyby: 0x0064f04d
ID chybujícího procesu: 0xe08
Čas spuštění chybující aplikace: 0xapp.n3app0
Cesta k chybující aplikaci: app.n3app1
Cesta k chybujícímu modulu: app.n3app2
ID zprávy: app.n3app3


System errors:
=============
Error: (03/03/2013 07:23:40 AM) (Source: Service Control Manager) (User: )
Description: Služba Zprostředkovatel domácích skupin závisí na službě Hostitel poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující chyby:
%%1058

Error: (03/02/2013 08:30:37 AM) (Source: Service Control Manager) (User: )
Description: Služba Zprostředkovatel domácích skupin závisí na službě Hostitel poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující chyby:
%%1058

Error: (03/02/2013 08:28:36 AM) (Source: BugCheck) (User: )
Description: 0x00000050 (0xa499c000, 0x00000001, 0x82c7be76, 0x00000000)C:\Windows\MEMORY.DMP030213-32484-01

Error: (03/02/2013 08:28:35 AM) (Source: EventLog) (User: )
Description: Předchozí vypnutí systému (8:27:11, ?2.?3.?2013) bylo neočekávané.

Error: (03/02/2013 08:19:15 AM) (Source: Service Control Manager) (User: )
Description: Služba Zprostředkovatel domácích skupin závisí na službě Hostitel poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující chyby:
%%1058

Error: (03/02/2013 08:07:00 AM) (Source: Service Control Manager) (User: )
Description: Služba Zprostředkovatel domácích skupin závisí na službě Hostitel poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující chyby:
%%1058

Error: (03/02/2013 08:04:58 AM) (Source: Service Control Manager) (User: )
Description: Služba Advanced SystemCare Service 5 byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/02/2013 07:24:06 AM) (Source: Service Control Manager) (User: )
Description: Služba Zprostředkovatel domácích skupin závisí na službě Hostitel poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující chyby:
%%1058

Error: (03/01/2013 08:26:01 PM) (Source: Service Control Manager) (User: )
Description: Služba Zprostředkovatel domácích skupin závisí na službě Hostitel poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující chyby:
%%1058

Error: (03/01/2013 08:21:15 PM) (Source: Service Control Manager) (User: )
Description: Služba Zprostředkovatel domácích skupin závisí na službě Hostitel poskytovatele rozpoznávání funkce, která neuspěla při spuštění v důsledku následující chyby:
%%1058


Microsoft Office Sessions:
=========================
Error: (03/02/2013 08:30:33 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/02/2013 08:18:59 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/02/2013 08:14:36 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/02/2013 07:24:10 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/01/2013 08:32:55 PM) (Source: VSS)(User: )
Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.


Operace:
Získat rozhraní umožňující volání pro tohoto zprostředkovatele
Zobrazit seznam rozhraní pro všechny zprostředkovatele podporující tento kontext
Dotaz na stínové kopie

Kontext:
ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}
ID třídy: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Kontext snímku: 13
Kontext snímku: 13
Kontext spuštění: Coordinator

Error: (03/01/2013 08:32:55 PM) (Source: VSS)(User: )
Description: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}SW_PROV0x80070422, Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.


Operace:
Získat rozhraní umožňující volání pro tohoto zprostředkovatele
Zobrazit seznam rozhraní pro všechny zprostředkovatele podporující tento kontext
Dotaz na stínové kopie

Kontext:
ID zprostředkovatele: {b5946137-7b9f-4925-af80-51abd60b20d5}
ID třídy: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a}
Kontext snímku: 13
Kontext snímku: 13
Kontext spuštění: Coordinator

Error: (03/01/2013 08:26:10 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/01/2013 07:49:34 PM) (Source: Application Error)(User: )
Description: app.n3app0.0.0.0512f75beapp.n3app0.0.0.0512f75be400000150064f04d48001ce16ad81a53d86C:\Users\JOHNNY\AppData\Local\Temp\DSOClient\app.n3appC:\Users\JOHNNY\AppData\Local\Temp\DSOClient\app.n3appc22326de-82a0-11e2-b55d-00192147a85b

Error: (03/01/2013 07:45:18 PM) (Source: Application Error)(User: )
Description: app.n3app0.0.0.0512f75beapp.n3app0.0.0.0512f75be400000150064f04df8401ce16acde0980e4C:\Users\JOHNNY\AppData\Local\Temp\DSOClient\app.n3appC:\Users\JOHNNY\AppData\Local\Temp\DSOClient\app.n3app292c63ed-82a0-11e2-b55d-00192147a85b

Error: (03/01/2013 07:42:11 PM) (Source: Application Error)(User: )
Description: app.n3app0.0.0.0512f75beapp.n3app0.0.0.0512f75be400000150064f04de0801ce16ac76b057bfC:\Users\JOHNNY\AppData\Local\Temp\DSOClient\app.n3appC:\Users\JOHNNY\AppData\Local\Temp\DSOClient\app.n3appb9e11275-829f-11e2-b55d-00192147a85b


CodeIntegrity Errors:
===================================
Date: 2013-01-13 10:03:03.184
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-13 09:54:52.983
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-13 09:41:25.169
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-13 09:12:19.682
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-13 08:46:05.859
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-13 08:33:55.439
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-13 08:28:43.499
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-12 19:34:13.164
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-12 19:19:30.318
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-01-12 19:07:08.851
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.


**** End of log ****

[memphisto]

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.

[Johnny82]

# AdwCleaner v2.113 - Logfile created 03/03/2013 at 09:45:54
# Updated 23/02/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
# User : JOHNNY - JOHNNY-PC
# Boot Mode : Normal
# Running from : C:\Users\JOHNNY\Desktop\AdwCleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\ProgramData\Browser Manager

***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16464

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0 (cs)

File : C:\Users\JOHNNY\AppData\Roaming\Mozilla\Firefox\Profiles\3n3x2xdk.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v25.0.1364.97

File : C:\Users\JOHNNY\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v12.13.1734.0

File : C:\Users\JOHNNY\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R6].txt - [4005 octets] - [02/03/2013 08:09:54]
AdwCleaner[R7].txt - [4065 octets] - [02/03/2013 08:10:20]
AdwCleaner[R8].txt - [1281 octets] - [02/03/2013 08:14:46]
AdwCleaner[R9].txt - [1152 octets] - [03/03/2013 09:45:54]
AdwCleaner[S2].txt - [3897 octets] - [02/03/2013 08:10:35]
AdwCleaner[S3].txt - [1346 octets] - [02/03/2013 08:15:05]

########## EOF - C:\AdwCleaner[R9].txt - [1332 octets] ##########

[jaro3]

ZoneAlarm--používáš? Jsou tam zbytky,

89.176.150.150 266---tu IP znáš?

Pokračuj podle rad memphista.

[Johnny82]

09:57:41.0850 0652 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
09:57:42.0000 0652 ============================================================
09:57:42.0000 0652 Current date / time: 2013/03/03 09:57:42.0000
09:57:42.0000 0652 SystemInfo:
09:57:42.0000 0652
09:57:42.0000 0652 OS Version: 6.1.7601 ServicePack: 1.0
09:57:42.0000 0652 Product type: Workstation
09:57:42.0001 0652 ComputerName: JOHNNY-PC
09:57:42.0001 0652 UserName: JOHNNY
09:57:42.0001 0652 Windows directory: C:\Windows
09:57:42.0001 0652 System windows directory: C:\Windows
09:57:42.0001 0652 Processor architecture: Intel x86
09:57:42.0001 0652 Number of processors: 2
09:57:42.0001 0652 Page size: 0x1000
09:57:42.0001 0652 Boot type: Normal boot
09:57:42.0001 0652 ============================================================
09:57:44.0726 0652 Drive \Device\Harddisk0\DR0 - Size: 0x6FD590000 (27.96 Gb), SectorSize: 0x200, Cylinders: 0xE41, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:57:44.0742 0652 Drive \Device\Harddisk1\DR1 - Size: 0x53D67B6000 (335.35 Gb), SectorSize: 0x200, Cylinders: 0xAB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:57:44.0779 0652 ============================================================
09:57:44.0779 0652 \Device\Harddisk0\DR0:
09:57:44.0779 0652 MBR partitions:
09:57:44.0779 0652 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x2711637
09:57:44.0779 0652 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0x2711800, BlocksNum 0x10D8000
09:57:44.0779 0652 \Device\Harddisk1\DR1:
09:57:44.0800 0652 MBR partitions:
09:57:44.0800 0652 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x1770800, BlocksNum 0x1B0D0000
09:57:44.0800 0652 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x1C840800, BlocksNum 0xD672800
09:57:44.0800 0652 ============================================================
09:57:44.0968 0652 C: <-> \Device\Harddisk1\DR1\Partition1
09:57:44.0969 0652 D: <-> \Device\Harddisk0\DR0\Partition1
09:57:44.0988 0652 E: <-> \Device\Harddisk0\DR0\Partition2
09:57:45.0146 0652 F: <-> \Device\Harddisk1\DR1\Partition2
09:57:45.0146 0652 ============================================================
09:57:45.0146 0652 Initialize success
09:57:45.0146 0652 ============================================================
09:57:47.0394 1268 ============================================================
09:57:47.0394 1268 Scan started
09:57:47.0394 1268 Mode: Manual;
09:57:47.0394 1268 ============================================================
09:57:49.0006 1268 ================ Scan system memory ========================
09:57:49.0006 1268 System memory - ok
09:57:49.0006 1268 ================ Scan services =============================
09:57:49.0336 1268 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
09:57:49.0339 1268 1394ohci - ok
09:57:49.0398 1268 [ 7F5C19527F580EDFFF9E759320CE6B36 ] Abyssus03 C:\Windows\system32\Drivers\Abyssus.sys
09:57:49.0420 1268 Abyssus03 - ok
09:57:49.0478 1268 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:57:49.0489 1268 ACPI - ok
09:57:49.0504 1268 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:57:49.0524 1268 AcpiPmi - ok
09:57:49.0662 1268 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:57:49.0719 1268 AdobeFlashPlayerUpdateSvc - ok
09:57:49.0834 1268 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
09:57:49.0900 1268 adp94xx - ok
09:57:49.0974 1268 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
09:57:50.0058 1268 adpahci - ok
09:57:50.0109 1268 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
09:57:50.0123 1268 adpu320 - ok
09:57:50.0591 1268 [ E410DA575FF48D976B41670C6D262A82 ] AdvancedSystemCareService5 C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
09:57:50.0597 1268 AdvancedSystemCareService5 - ok
09:57:50.0656 1268 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:57:50.0692 1268 AeLookupSvc - ok
09:57:50.0804 1268 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
09:57:50.0899 1268 AFD - ok
09:57:50.0952 1268 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
09:57:50.0976 1268 agp440 - ok
09:57:51.0059 1268 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
09:57:51.0100 1268 aic78xx - ok
09:57:51.0137 1268 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
09:57:51.0202 1268 ALG - ok
09:57:51.0222 1268 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
09:57:51.0262 1268 aliide - ok
09:57:51.0304 1268 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
09:57:51.0330 1268 amdagp - ok
09:57:51.0353 1268 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
09:57:51.0373 1268 amdide - ok
09:57:51.0391 1268 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
09:57:51.0410 1268 AmdK8 - ok
09:57:51.0441 1268 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
09:57:51.0462 1268 AmdPPM - ok
09:57:51.0507 1268 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:57:51.0547 1268 amdsata - ok
09:57:51.0590 1268 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
09:57:51.0648 1268 amdsbs - ok
09:57:51.0684 1268 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:57:51.0709 1268 amdxata - ok
09:57:51.0890 1268 [ 0A1CC583E8147004E4AD4625D7FBF88C ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
09:57:51.0892 1268 AntiVirSchedulerService - ok
09:57:51.0918 1268 [ C9A36EF935ACED86AEDF93E97E606911 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
09:57:51.0919 1268 AntiVirService - ok
09:57:51.0948 1268 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
09:57:51.0970 1268 AppID - ok
09:57:51.0994 1268 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:57:52.0008 1268 AppIDSvc - ok
09:57:52.0020 1268 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
09:57:52.0040 1268 Appinfo - ok
09:57:52.0103 1268 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
09:57:52.0152 1268 AppMgmt - ok
09:57:52.0195 1268 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
09:57:52.0216 1268 arc - ok
09:57:52.0231 1268 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
09:57:52.0252 1268 arcsas - ok
09:57:52.0418 1268 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
09:57:52.0462 1268 aspnet_state - ok
09:57:52.0503 1268 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:57:52.0517 1268 AsyncMac - ok
09:57:52.0533 1268 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
09:57:52.0534 1268 atapi - ok
09:57:52.0657 1268 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:57:52.0748 1268 AudioEndpointBuilder - ok
09:57:52.0800 1268 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
09:57:52.0806 1268 Audiosrv - ok
09:57:52.0837 1268 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
09:57:52.0859 1268 avgntflt - ok
09:57:52.0910 1268 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
09:57:52.0971 1268 avipbb - ok
09:57:52.0993 1268 [ 53E56450DA16A1A7F0D002F511113F67 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
09:57:53.0024 1268 avkmgr - ok
09:57:53.0063 1268 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:57:53.0103 1268 AxInstSV - ok
09:57:53.0211 1268 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
09:57:53.0276 1268 b06bdrv - ok
09:57:53.0323 1268 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
09:57:53.0352 1268 b57nd60x - ok
09:57:53.0404 1268 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
09:57:53.0425 1268 BDESVC - ok
09:57:53.0450 1268 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
09:57:53.0464 1268 Beep - ok
09:57:53.0539 1268 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
09:57:53.0588 1268 BFE - ok
09:57:53.0720 1268 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\system32\qmgr.dll
09:57:53.0745 1268 BITS - ok
09:57:53.0775 1268 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:57:53.0798 1268 blbdrive - ok
09:57:53.0831 1268 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:57:53.0847 1268 bowser - ok
09:57:53.0882 1268 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
09:57:53.0906 1268 BrFiltLo - ok
09:57:53.0940 1268 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
09:57:53.0969 1268 BrFiltUp - ok
09:57:53.0985 1268 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
09:57:54.0017 1268 BridgeMP - ok
09:57:54.0055 1268 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
09:57:54.0105 1268 Browser - ok
09:57:54.0166 1268 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:57:54.0245 1268 Brserid - ok
09:57:54.0277 1268 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:57:54.0298 1268 BrSerWdm - ok
09:57:54.0318 1268 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:57:54.0356 1268 BrUsbMdm - ok
09:57:54.0377 1268 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:57:54.0396 1268 BrUsbSer - ok
09:57:54.0422 1268 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
09:57:54.0455 1268 BTHMODEM - ok
09:57:54.0496 1268 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
09:57:54.0537 1268 bthserv - ok
09:57:54.0544 1268 catchme - ok
09:57:54.0613 1268 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:57:54.0680 1268 cdfs - ok
09:57:54.0698 1268 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:57:54.0728 1268 cdrom - ok
09:57:54.0768 1268 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
09:57:54.0784 1268 CertPropSvc - ok
09:57:54.0847 1268 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
09:57:54.0867 1268 circlass - ok
09:57:54.0946 1268 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
09:57:54.0951 1268 CLFS - ok
09:57:55.0076 1268 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:57:55.0131 1268 clr_optimization_v2.0.50727_32 - ok
09:57:55.0188 1268 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:57:55.0191 1268 clr_optimization_v4.0.30319_32 - ok
09:57:55.0214 1268 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
09:57:55.0229 1268 CmBatt - ok
09:57:55.0244 1268 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:57:55.0262 1268 cmdide - ok
09:57:55.0312 1268 [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG C:\Windows\system32\Drivers\cng.sys
09:57:55.0374 1268 CNG - ok
09:57:55.0406 1268 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\drivers\compbatt.sys
09:57:55.0438 1268 Compbatt - ok
09:57:55.0460 1268 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
09:57:55.0488 1268 CompositeBus - ok
09:57:55.0496 1268 COMSysApp - ok
09:57:55.0522 1268 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
09:57:55.0553 1268 crcdisk - ok
09:57:55.0594 1268 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:57:55.0645 1268 CryptSvc - ok
09:57:55.0734 1268 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
09:57:55.0784 1268 CSC - ok
09:57:55.0807 1268 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
09:57:55.0840 1268 CscService - ok
09:57:55.0894 1268 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
09:57:55.0903 1268 DcomLaunch - ok
09:57:55.0994 1268 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
09:57:56.0044 1268 defragsvc - ok
09:57:56.0087 1268 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:57:56.0110 1268 DfsC - ok
09:57:56.0206 1268 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
09:57:56.0217 1268 Dhcp - ok
09:57:56.0224 1268 digitalpower - ok
09:57:56.0260 1268 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
09:57:56.0275 1268 discache - ok
09:57:56.0315 1268 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
09:57:56.0359 1268 Disk - ok
09:57:56.0407 1268 [ 2A958EF85DB1B61FFCA65044FA4BCE9E ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
09:57:56.0462 1268 dmvsc - ok
09:57:56.0532 1268 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:57:56.0569 1268 Dnscache - ok
09:57:56.0649 1268 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
09:57:56.0702 1268 dot3svc - ok
09:57:56.0780 1268 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
09:57:56.0783 1268 DPS - ok
09:57:56.0814 1268 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:57:56.0825 1268 drmkaud - ok
09:57:56.0897 1268 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
09:57:56.0901 1268 dtsoftbus01 - ok
09:57:57.0129 1268 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:57:57.0168 1268 DXGKrnl - ok
09:57:57.0226 1268 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
09:57:57.0285 1268 EapHost - ok
09:57:57.0789 1268 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
09:57:57.0956 1268 ebdrv - ok
09:57:57.0986 1268 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
09:57:58.0010 1268 EFS - ok
09:57:58.0136 1268 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:57:58.0247 1268 ehRecvr - ok
09:57:58.0259 1268 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
09:57:58.0295 1268 ehSched - ok
09:57:58.0439 1268 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
09:57:58.0536 1268 elxstor - ok
09:57:58.0560 1268 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:57:58.0585 1268 ErrDev - ok
09:57:58.0713 1268 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
09:57:58.0718 1268 EventSystem - ok
09:57:58.0763 1268 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
09:57:58.0788 1268 exfat - ok
09:57:58.0834 1268 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:57:58.0877 1268 fastfat - ok
09:57:58.0977 1268 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
09:57:59.0011 1268 Fax - ok
09:57:59.0030 1268 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\drivers\fdc.sys
09:57:59.0059 1268 fdc - ok
09:57:59.0130 1268 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
09:57:59.0162 1268 fdPHost - ok
09:57:59.0191 1268 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
09:57:59.0211 1268 FDResPub - ok
09:57:59.0227 1268 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:57:59.0274 1268 FileInfo - ok
09:57:59.0330 1268 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:57:59.0373 1268 Filetrace - ok
09:57:59.0662 1268 [ 8669BE94F63944E4F899C3950B520241 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
09:57:59.0837 1268 FLEXnet Licensing Service - ok
09:57:59.0872 1268 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
09:57:59.0887 1268 flpydisk - ok
09:57:59.0929 1268 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:57:59.0975 1268 FltMgr - ok
09:58:00.0229 1268 [ E12C4928B32ACE04610259647F072635 ] FontCache C:\Windows\system32\FntCache.dll
09:58:00.0381 1268 FontCache - ok
09:58:00.0480 1268 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:58:00.0507 1268 FontCache3.0.0.0 - ok
09:58:00.0529 1268 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:58:00.0564 1268 FsDepends - ok
09:58:00.0618 1268 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:58:00.0639 1268 Fs_Rec - ok
09:58:00.0688 1268 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:58:00.0739 1268 fvevol - ok
09:58:00.0770 1268 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
09:58:00.0790 1268 gagp30kx - ok
09:58:00.0933 1268 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
09:58:01.0023 1268 gpsvc - ok
09:58:01.0103 1268 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
09:58:01.0104 1268 gupdate - ok
09:58:01.0115 1268 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
09:58:01.0116 1268 gupdatem - ok
09:58:01.0147 1268 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:58:01.0161 1268 hcw85cir - ok
09:58:01.0221 1268 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:58:01.0364 1268 HdAudAddService - ok
09:58:01.0393 1268 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
09:58:01.0396 1268 HDAudBus - ok
09:58:01.0450 1268 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
09:58:01.0476 1268 HidBatt - ok
09:58:01.0500 1268 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\drivers\hidbth.sys
09:58:01.0530 1268 HidBth - ok
09:58:01.0554 1268 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
09:58:01.0574 1268 HidIr - ok
09:58:01.0615 1268 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
09:58:01.0641 1268 hidserv - ok
09:58:01.0666 1268 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:58:01.0676 1268 HidUsb - ok
09:58:01.0748 1268 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:58:01.0797 1268 hkmsvc - ok
09:58:01.0884 1268 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:58:01.0957 1268 HomeGroupListener - ok
09:58:02.0030 1268 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:58:02.0035 1268 HomeGroupProvider - ok
09:58:02.0064 1268 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:58:02.0092 1268 HpSAMD - ok
09:58:02.0141 1268 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:58:02.0237 1268 HTTP - ok
09:58:02.0253 1268 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:58:02.0286 1268 hwpolicy - ok
09:58:02.0305 1268 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
09:58:02.0359 1268 i8042prt - ok
09:58:02.0414 1268 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:58:02.0612 1268 iaStorV - ok
09:58:02.0652 1268 [ 8DC6F8A868B06F7B21C5683053509C8F ] IDMWFP C:\Windows\system32\DRIVERS\idmwfp.sys
09:58:02.0673 1268 IDMWFP - ok
09:58:02.0789 1268 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:58:03.0010 1268 idsvc - ok
09:58:03.0054 1268 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
09:58:03.0091 1268 iirsp - ok
09:58:03.0293 1268 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
09:58:03.0384 1268 IKEEXT - ok
09:58:04.0048 1268 [ F2C17D2C3D70C389193D9954E375E5E3 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
09:58:04.0091 1268 IntcAzAudAddService - ok
09:58:04.0110 1268 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
09:58:04.0147 1268 intelide - ok
09:58:04.0187 1268 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:58:04.0188 1268 intelppm - ok
09:58:04.0250 1268 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:58:04.0293 1268 IPBusEnum - ok
09:58:04.0309 1268 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:58:04.0325 1268 IpFilterDriver - ok
09:58:04.0420 1268 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:58:04.0495 1268 iphlpsvc - ok
09:58:04.0534 1268 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:58:04.0570 1268 IPMIDRV - ok
09:58:04.0592 1268 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:58:04.0622 1268 IPNAT - ok
09:58:04.0633 1268 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:58:04.0642 1268 IRENUM - ok
09:58:04.0662 1268 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:58:04.0743 1268 isapnp - ok
09:58:04.0817 1268 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:58:04.0905 1268 iScsiPrt - ok
09:58:04.0932 1268 [ A16B3C62473F0EB6B25D3FE01D94D20A ] KAVBootC C:\Windows\system32\Drivers\KAVBootC.sys
09:58:04.0960 1268 KAVBootC - ok
09:58:04.0989 1268 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:58:05.0042 1268 kbdclass - ok
09:58:05.0064 1268 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:58:05.0079 1268 kbdhid - ok
09:58:05.0092 1268 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
09:58:05.0095 1268 KeyIso - ok
09:58:05.0126 1268 [ 588BA0F597C7C8D1D10D75F32C9EA21A ] kisknl C:\Windows\system32\drivers\kisknl.sys
09:58:05.0207 1268 kisknl - ok
09:58:05.0239 1268 [ 054F7C0B40C3C6A2716FC951643A9F9A ] ksapi C:\Windows\system32\drivers\ksapi.sys
09:58:05.0339 1268 ksapi - ok
09:58:05.0392 1268 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:58:05.0420 1268 KSecDD - ok
09:58:05.0449 1268 [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:58:05.0462 1268 KSecPkg - ok
09:58:05.0541 1268 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
09:58:05.0642 1268 KtmRm - ok
09:58:05.0682 1268 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll
09:58:05.0706 1268 LanmanServer - ok
09:58:05.0726 1268 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:58:05.0770 1268 LanmanWorkstation - ok
09:58:05.0797 1268 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:58:05.0815 1268 lltdio - ok
09:58:05.0884 1268 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:58:05.0938 1268 lltdsvc - ok
09:58:05.0969 1268 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
09:58:06.0007 1268 lmhosts - ok
09:58:06.0039 1268 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
09:58:06.0082 1268 LSI_FC - ok
09:58:06.0125 1268 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
09:58:06.0176 1268 LSI_SAS - ok
09:58:06.0195 1268 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
09:58:06.0223 1268 LSI_SAS2 - ok
09:58:06.0239 1268 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
09:58:06.0276 1268 LSI_SCSI - ok
09:58:06.0297 1268 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
09:58:06.0387 1268 luafv - ok
09:58:06.0453 1268 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
09:58:06.0500 1268 MBAMProtector - ok
09:58:06.0649 1268 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
09:58:06.0654 1268 MBAMScheduler - ok
09:58:06.0772 1268 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
09:58:06.0778 1268 MBAMService - ok
09:58:06.0801 1268 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:58:06.0813 1268 Mcx2Svc - ok
09:58:06.0840 1268 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
09:58:06.0863 1268 megasas - ok
09:58:06.0913 1268 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
09:58:06.0940 1268 MegaSR - ok
09:58:06.0999 1268 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
09:58:07.0011 1268 MMCSS - ok
09:58:07.0032 1268 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
09:58:07.0047 1268 Modem - ok
09:58:07.0089 1268 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:58:07.0090 1268 monitor - ok
09:58:07.0113 1268 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:58:07.0158 1268 mouclass - ok
09:58:07.0178 1268 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:58:07.0195 1268 mouhid - ok
09:58:07.0216 1268 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:58:07.0258 1268 mountmgr - ok
09:58:07.0320 1268 [ 5C5E45DDABEFBC9F564F1D5C83258B8F ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
09:58:07.0322 1268 MozillaMaintenance - ok
09:58:07.0365 1268 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
09:58:07.0406 1268 mpio - ok
09:58:07.0432 1268 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:58:07.0466 1268 mpsdrv - ok
09:58:07.0589 1268 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:58:07.0622 1268 MpsSvc - ok
09:58:07.0637 1268 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:58:07.0665 1268 MRxDAV - ok
09:58:07.0708 1268 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:58:07.0727 1268 mrxsmb - ok
09:58:07.0775 1268 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:58:07.0835 1268 mrxsmb10 - ok
09:58:07.0848 1268 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:58:07.0905 1268 mrxsmb20 - ok
09:58:07.0944 1268 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
09:58:07.0987 1268 msahci - ok
09:58:08.0010 1268 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:58:08.0057 1268 msdsm - ok
09:58:08.0099 1268 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
09:58:08.0150 1268 MSDTC - ok
09:58:08.0202 1268 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:58:08.0235 1268 Msfs - ok
09:58:08.0262 1268 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:58:08.0282 1268 mshidkmdf - ok
09:58:08.0302 1268 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:58:08.0316 1268 msisadrv - ok
09:58:08.0355 1268 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:58:08.0389 1268 MSiSCSI - ok
09:58:08.0395 1268 msiserver - ok
09:58:08.0438 1268 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:58:08.0468 1268 MSKSSRV - ok
09:58:08.0489 1268 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:58:08.0507 1268 MSPCLOCK - ok
09:58:08.0548 1268 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:58:08.0571 1268 MSPQM - ok
09:58:08.0584 1268 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:58:08.0596 1268 MsRPC - ok
09:58:08.0612 1268 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
09:58:08.0613 1268 mssmbios - ok
09:58:08.0627 1268 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:58:08.0639 1268 MSTEE - ok
09:58:08.0702 1268 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
09:58:08.0722 1268 MTConfig - ok
09:58:08.0748 1268 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
09:58:08.0777 1268 Mup - ok
09:58:08.0838 1268 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
09:58:08.0848 1268 napagent - ok
09:58:08.0925 1268 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:58:08.0942 1268 NativeWifiP - ok
09:58:09.0086 1268 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:58:09.0111 1268 NDIS - ok
09:58:09.0134 1268 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:58:09.0148 1268 NdisCap - ok
09:58:09.0174 1268 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:58:09.0198 1268 NdisTapi - ok
09:58:09.0219 1268 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:58:09.0234 1268 Ndisuio - ok
09:58:09.0267 1268 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:58:09.0279 1268 NdisWan - ok
09:58:09.0289 1268 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:58:09.0297 1268 NDProxy - ok
09:58:09.0311 1268 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:58:09.0317 1268 NetBIOS - ok
09:58:09.0355 1268 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:58:09.0377 1268 NetBT - ok
09:58:09.0390 1268 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
09:58:09.0392 1268 Netlogon - ok
09:58:09.0451 1268 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
09:58:09.0498 1268 Netman - ok
09:58:09.0537 1268 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:58:09.0633 1268 NetMsmqActivator - ok
09:58:09.0670 1268 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:58:09.0672 1268 NetPipeActivator - ok
09:58:09.0791 1268 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
09:58:09.0823 1268 netprofm - ok
09:58:09.0834 1268 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:58:09.0837 1268 NetTcpActivator - ok
09:58:09.0851 1268 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:58:09.0853 1268 NetTcpPortSharing - ok
09:58:09.0900 1268 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
09:58:09.0929 1268 nfrd960 - ok
09:58:10.0009 1268 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
09:58:10.0015 1268 NlaSvc - ok
09:58:10.0028 1268 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:58:10.0097 1268 Npfs - ok
09:58:10.0202 1268 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
09:58:10.0221 1268 nsi - ok
09:58:10.0253 1268 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:58:10.0274 1268 nsiproxy - ok
09:58:10.0452 1268 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:58:10.0667 1268 Ntfs - ok
09:58:10.0709 1268 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
09:58:10.0714 1268 Null - ok
09:58:11.0902 1268 [ 2FA5434344AF84D73F66BA402FF78690 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:58:12.0006 1268 nvlddmkm - ok
09:58:12.0046 1268 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:58:12.0092 1268 nvraid - ok
09:58:12.0109 1268 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:58:12.0137 1268 nvstor - ok
09:58:12.0193 1268 [ B785320CBCF5021DE9945C803696C511 ] nvsvc C:\Windows\system32\nvvsvc.exe
09:58:12.0205 1268 nvsvc - ok
09:58:12.0245 1268 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:58:12.0257 1268 nv_agp - ok
09:58:12.0284 1268 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:58:12.0301 1268 ohci1394 - ok
09:58:12.0654 1268 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:58:12.0853 1268 osppsvc - ok
09:58:12.0964 1268 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:58:12.0972 1268 p2pimsvc - ok
09:58:12.0994 1268 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
09:58:13.0017 1268 p2psvc - ok
09:58:13.0034 1268 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
09:58:13.0043 1268 Parport - ok
09:58:13.0066 1268 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:58:13.0075 1268 partmgr - ok
09:58:13.0093 1268 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
09:58:13.0097 1268 Parvdm - ok
09:58:13.0125 1268 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:58:13.0142 1268 PcaSvc - ok
09:58:13.0162 1268 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
09:58:13.0175 1268 pci - ok
09:58:13.0193 1268 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
09:58:13.0201 1268 pciide - ok
09:58:13.0220 1268 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
09:58:13.0236 1268 pcmcia - ok
09:58:13.0243 1268 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
09:58:13.0252 1268 pcw - ok
09:58:13.0306 1268 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:58:13.0347 1268 PEAUTH - ok
09:58:13.0433 1268 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
09:58:13.0489 1268 PeerDistSvc - ok
09:58:13.0680 1268 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
09:58:13.0781 1268 pla - ok
09:58:13.0856 1268 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:58:13.0884 1268 PlugPlay - ok
09:58:13.0901 1268 [ 3A2E85F7D90D15460C337CE80C2E3B29 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
09:58:13.0916 1268 PnkBstrA - ok
09:58:13.0928 1268 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:58:13.0939 1268 PNRPAutoReg - ok
09:58:13.0955 1268 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:58:13.0960 1268 PNRPsvc - ok
09:58:13.0990 1268 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:58:14.0019 1268 PolicyAgent - ok
09:58:14.0047 1268 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
09:58:14.0053 1268 Power - ok
09:58:14.0075 1268 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:58:14.0085 1268 PptpMiniport - ok
09:58:14.0104 1268 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys
09:58:14.0117 1268 Processor - ok
09:58:14.0147 1268 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
09:58:14.0166 1268 ProfSvc - ok
09:58:14.0179 1268 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:58:14.0183 1268 ProtectedStorage - ok
09:58:14.0196 1268 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:58:14.0198 1268 Psched - ok
09:58:14.0449 1268 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
09:58:14.0517 1268 ql2300 - ok
09:58:14.0536 1268 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
09:58:14.0557 1268 ql40xx - ok
09:58:14.0586 1268 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
09:58:14.0618 1268 QWAVE - ok
09:58:14.0640 1268 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:58:14.0647 1268 QWAVEdrv - ok
09:58:14.0666 1268 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:58:14.0672 1268 RasAcd - ok
09:58:14.0694 1268 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:58:14.0703 1268 RasAgileVpn - ok
09:58:14.0717 1268 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
09:58:14.0731 1268 RasAuto - ok
09:58:14.0742 1268 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:58:14.0752 1268 Rasl2tp - ok
09:58:14.0794 1268 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
09:58:14.0836 1268 RasMan - ok
09:58:14.0844 1268 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:58:14.0854 1268 RasPppoe - ok
09:58:14.0869 1268 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:58:14.0879 1268 RasSstp - ok
09:58:14.0900 1268 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:58:14.0925 1268 rdbss - ok
09:58:14.0933 1268 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
09:58:14.0939 1268 rdpbus - ok
09:58:14.0952 1268 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:58:14.0958 1268 RDPCDD - ok
09:58:15.0003 1268 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
09:58:15.0016 1268 RDPDR - ok
09:58:15.0022 1268 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:58:15.0027 1268 RDPENCDD - ok
09:58:15.0052 1268 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:58:15.0058 1268 RDPREFMP - ok
09:58:15.0090 1268 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
09:58:15.0101 1268 RdpVideoMiniport - ok
09:58:15.0138 1268 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:58:15.0149 1268 RDPWD - ok
09:58:15.0172 1268 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:58:15.0184 1268 rdyboost - ok
09:58:15.0213 1268 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
09:58:15.0235 1268 RemoteAccess - ok
09:58:15.0274 1268 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:58:15.0293 1268 RemoteRegistry - ok
09:58:15.0302 1268 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:58:15.0312 1268 RpcEptMapper - ok
09:58:15.0330 1268 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
09:58:15.0342 1268 RpcLocator - ok
09:58:15.0361 1268 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\System32\rpcss.dll
09:58:15.0368 1268 RpcSs - ok
09:58:15.0417 1268 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:58:15.0431 1268 rspndr - ok
09:58:15.0460 1268 [ 5283B9A27FF230F2FF70D92451FF409A ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
09:58:15.0472 1268 RTL8167 - ok
09:58:15.0499 1268 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
09:58:15.0509 1268 s3cap - ok
09:58:15.0528 1268 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
09:58:15.0531 1268 SamSs - ok
09:58:15.0551 1268 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:58:15.0562 1268 sbp2port - ok
09:58:15.0592 1268 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:58:15.0606 1268 SCardSvr - ok
09:58:15.0640 1268 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:58:15.0646 1268 scfilter - ok
09:58:15.0674 1268 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
09:58:15.0695 1268 Schedule - ok
09:58:15.0709 1268 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
09:58:15.0711 1268 SCPolicySvc - ok
09:58:15.0729 1268 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:58:15.0746 1268 SDRSVC - ok
09:58:15.0770 1268 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:58:15.0776 1268 secdrv - ok
09:58:15.0798 1268 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
09:58:15.0809 1268 seclogon - ok
09:58:15.0826 1268 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\system32\sens.dll
09:58:15.0830 1268 SENS - ok
09:58:15.0850 1268 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:58:15.0860 1268 SensrSvc - ok
09:58:15.0876 1268 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
09:58:15.0881 1268 Serenum - ok
09:58:15.0904 1268 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
09:58:15.0915 1268 Serial - ok
09:58:15.0932 1268 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys
09:58:15.0938 1268 sermouse - ok
09:58:15.0976 1268 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
09:58:15.0990 1268 SessionEnv - ok
09:58:16.0001 1268 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:58:16.0007 1268 sffdisk - ok
09:58:16.0015 1268 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:58:16.0021 1268 sffp_mmc - ok
09:58:16.0027 1268 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:58:16.0033 1268 sffp_sd - ok
09:58:16.0046 1268 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
09:58:16.0052 1268 sfloppy - ok
09:58:16.0073 1268 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:58:16.0099 1268 SharedAccess - ok
09:58:16.0149 1268 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:58:16.0168 1268 ShellHWDetection - ok
09:58:16.0186 1268 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
09:58:16.0196 1268 sisagp - ok
09:58:16.0212 1268 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
09:58:16.0221 1268 SiSRaid2 - ok
09:58:16.0240 1268 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
09:58:16.0252 1268 SiSRaid4 - ok
09:58:16.0279 1268 [ BF302072DC8374CF4E118FD88AA817A2 ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
09:58:16.0286 1268 SmartDefragDriver - ok
09:58:16.0304 1268 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:58:16.0339 1268 Smb - ok
09:58:16.0370 1268 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:58:16.0388 1268 SNMPTRAP - ok
09:58:16.0412 1268 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
09:58:16.0419 1268 spldr - ok
09:58:16.0498 1268 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
09:58:16.0518 1268 Spooler - ok
09:58:17.0177 1268 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
09:58:17.0247 1268 sppsvc - ok
09:58:17.0271 1268 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:58:17.0296 1268 sppuinotify - ok
09:58:17.0380 1268 [ 614E899FA76A15611DACA4A967260B10 ] SRSHDAudioService C:\Program Files\Common Files\SRS Labs\SRS HD Audio Lab Service 2\SRSAudioLabService.exe
09:58:17.0386 1268 SRSHDAudioService - ok
09:58:17.0569 1268 [ 58CA0690268B85EBA331ABAAA577239E ] SRS_AE_Service C:\Windows\system32\drivers\SRS_AE_i386.sys
09:58:17.0588 1268 SRS_AE_Service - ok
09:58:17.0700 1268 [ 25ECEA986742275ECB23A1CB6BC87A61 ] SRS_SSCFilter C:\Windows\system32\drivers\srs_sscfilter_i386.sys
09:58:17.0759 1268 SRS_SSCFilter - ok
09:58:17.0793 1268 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
09:58:17.0825 1268 srv - ok
09:58:17.0856 1268 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:58:17.0881 1268 srv2 - ok
09:58:17.0893 1268 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:58:17.0905 1268 srvnet - ok
09:58:17.0944 1268 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:58:17.0959 1268 SSDPSRV - ok
09:58:18.0041 1268 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
09:58:18.0049 1268 ssmdrv - ok
09:58:18.0064 1268 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:58:18.0080 1268 SstpSvc - ok
09:58:18.0097 1268 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys
09:58:18.0104 1268 stexstor - ok
09:58:18.0140 1268 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
09:58:18.0164 1268 StiSvc - ok
09:58:18.0196 1268 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
09:58:18.0204 1268 storflt - ok
09:58:18.0234 1268 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
09:58:18.0244 1268 storvsc - ok
09:58:18.0258 1268 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
09:58:18.0265 1268 swenum - ok

[Johnny82]

09:58:18.0577 1268 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
09:58:18.0627 1268 SwitchBoard - ok
09:58:18.0652 1268 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
09:58:18.0693 1268 swprv - ok
09:58:18.0720 1268 [ F2AD8960812FD111E20E84659EF19D43 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys
09:58:18.0733 1268 Synth3dVsc - ok
09:58:18.0793 1268 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
09:58:18.0845 1268 SysMain - ok
09:58:18.0858 1268 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:58:18.0872 1268 TabletInputService - ok
09:58:18.0888 1268 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
09:58:18.0913 1268 TapiSrv - ok
09:58:18.0931 1268 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
09:58:18.0934 1268 TBS - ok
09:58:19.0762 1268 [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:58:19.0877 1268 Tcpip - ok
09:58:20.0129 1268 [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:58:20.0143 1268 TCPIP6 - ok
09:58:20.0170 1268 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:58:20.0186 1268 tcpipreg - ok
09:58:20.0205 1268 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:58:20.0212 1268 TDPIPE - ok
09:58:20.0233 1268 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:58:20.0240 1268 TDTCP - ok
09:58:20.0260 1268 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:58:20.0269 1268 tdx - ok
09:58:20.0279 1268 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
09:58:20.0288 1268 TermDD - ok
09:58:20.0314 1268 [ E951866BAC5A23403F62A349EDBB6EEB ] terminpt C:\Windows\system32\drivers\terminpt.sys
09:58:20.0327 1268 terminpt - ok
09:58:20.0361 1268 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
09:58:20.0411 1268 TermService - ok
09:58:20.0428 1268 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
09:58:20.0439 1268 Themes - ok
09:58:20.0471 1268 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
09:58:20.0475 1268 THREADORDER - ok
09:58:20.0494 1268 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
09:58:20.0507 1268 TrkWks - ok
09:58:20.0600 1268 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:58:20.0602 1268 TrustedInstaller - ok
09:58:20.0639 1268 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:58:20.0663 1268 tssecsrv - ok
09:58:20.0694 1268 [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:58:20.0705 1268 TsUsbFlt - ok
09:58:20.0726 1268 [ 57C527AF84748B5C2F5178C499C0B81F ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
09:58:20.0734 1268 TsUsbGD - ok
09:58:20.0763 1268 [ 045ACB987C650D8186C6B4A692223860 ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
09:58:20.0773 1268 tsusbhub - ok
09:58:20.0849 1268 [ 423B19F510B1BE1952DB95722BC1FC42 ] TuneUp.UtilitiesSvc C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
09:58:20.0885 1268 TuneUp.UtilitiesSvc - ok
09:58:20.0894 1268 [ 94C4CD2D19B8C4137A46261F229FEC24 ] TuneUpUtilitiesDrv C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys
09:58:20.0901 1268 TuneUpUtilitiesDrv - ok
09:58:20.0928 1268 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:58:20.0938 1268 tunnel - ok
09:58:20.0956 1268 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
09:58:20.0966 1268 uagp35 - ok
09:58:20.0986 1268 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:58:21.0009 1268 udfs - ok
09:58:21.0039 1268 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:58:21.0062 1268 UI0Detect - ok
09:58:21.0069 1268 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:58:21.0079 1268 uliagpkx - ok
09:58:21.0103 1268 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:58:21.0123 1268 umbus - ok
09:58:21.0148 1268 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys
09:58:21.0154 1268 UmPass - ok
09:58:21.0183 1268 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
09:58:21.0198 1268 UmRdpService - ok
09:58:21.0290 1268 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
09:58:21.0324 1268 upnphost - ok
09:58:21.0362 1268 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
09:58:21.0389 1268 usbaudio - ok
09:58:21.0428 1268 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:58:21.0436 1268 usbccgp - ok
09:58:21.0454 1268 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:58:21.0468 1268 usbcir - ok
09:58:21.0485 1268 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:58:21.0492 1268 usbehci - ok
09:58:21.0525 1268 [ 5C3E4A9DD10388273CF132A3B168D421 ] Usbfilt C:\Windows\SYSTEM32\DRIVERS\usbfilt.sys
09:58:21.0544 1268 Usbfilt - ok
09:58:21.0586 1268 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:58:21.0610 1268 usbhub - ok
09:58:21.0628 1268 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:58:21.0635 1268 usbohci - ok
09:58:21.0657 1268 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\drivers\usbprint.sys
09:58:21.0663 1268 usbprint - ok
09:58:21.0677 1268 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:58:21.0685 1268 USBSTOR - ok
09:58:21.0697 1268 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
09:58:21.0703 1268 usbuhci - ok
09:58:21.0722 1268 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
09:58:21.0733 1268 UxSms - ok
09:58:21.0767 1268 [ 28154BEB33F82263BA27C6A8F5A13107 ] UxTuneUp C:\Windows\System32\uxtuneup.dll
09:58:21.0800 1268 UxTuneUp - ok
09:58:21.0817 1268 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
09:58:21.0819 1268 VaultSvc - ok
09:58:21.0839 1268 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:58:21.0848 1268 vdrvroot - ok
09:58:21.0883 1268 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
09:58:21.0927 1268 vds - ok
09:58:21.0944 1268 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:58:21.0955 1268 vga - ok
09:58:21.0971 1268 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
09:58:21.0977 1268 VgaSave - ok
09:58:21.0985 1268 VGPU - ok
09:58:21.0996 1268 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:58:22.0013 1268 vhdmp - ok
09:58:22.0043 1268 [ 949AA00A83B0C4D7A3010035D8AF93D9 ] vHidDev C:\Windows\system32\DRIVERS\vHidDev.sys
09:58:22.0049 1268 vHidDev - ok
09:58:22.0057 1268 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
09:58:22.0067 1268 viaagp - ok
09:58:22.0074 1268 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
09:58:22.0085 1268 ViaC7 - ok
09:58:22.0101 1268 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
09:58:22.0111 1268 viaide - ok
09:58:22.0162 1268 [ 07C20E596A0838809BC5FF5DE5A65973 ] VKbms C:\Windows\system32\DRIVERS\VKbms.sys
09:58:22.0184 1268 VKbms - ok
09:58:22.0262 1268 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
09:58:22.0324 1268 vmbus - ok
09:58:22.0375 1268 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
09:58:22.0419 1268 VMBusHID - ok
09:58:22.0465 1268 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:58:22.0538 1268 volmgr - ok
09:58:22.0619 1268 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:58:22.0666 1268 volmgrx - ok
09:58:22.0748 1268 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:58:22.0842 1268 volsnap - ok
09:58:22.0870 1268 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
09:58:22.0900 1268 vsmraid - ok
09:58:22.0999 1268 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
09:58:23.0118 1268 VSS - ok
09:58:23.0142 1268 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
09:58:23.0217 1268 vwifibus - ok
09:58:23.0354 1268 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
09:58:23.0366 1268 W32Time - ok
09:58:23.0441 1268 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
09:58:23.0474 1268 WacomPen - ok
09:58:23.0496 1268 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:58:23.0538 1268 WANARP - ok
09:58:23.0558 1268 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:58:23.0559 1268 Wanarpv6 - ok
09:58:23.0923 1268 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
09:58:24.0178 1268 WatAdminSvc - ok
09:58:24.0445 1268 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
09:58:24.0597 1268 wbengine - ok
09:58:24.0642 1268 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:58:24.0673 1268 WbioSrvc - ok
09:58:24.0764 1268 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:58:24.0872 1268 wcncsvc - ok
09:58:24.0892 1268 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:58:24.0931 1268 WcsPlugInService - ok
09:58:24.0967 1268 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys
09:58:24.0991 1268 Wd - ok
09:58:25.0132 1268 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:58:25.0207 1268 Wdf01000 - ok
09:58:25.0248 1268 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:58:25.0306 1268 WdiServiceHost - ok
09:58:25.0312 1268 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:58:25.0318 1268 WdiSystemHost - ok
09:58:25.0371 1268 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
09:58:25.0424 1268 WebClient - ok
09:58:25.0507 1268 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:58:25.0535 1268 Wecsvc - ok
09:58:25.0579 1268 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:58:25.0611 1268 wercplsupport - ok
09:58:25.0657 1268 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
09:58:25.0684 1268 WerSvc - ok
09:58:25.0714 1268 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:58:25.0743 1268 WfpLwf - ok
09:58:25.0758 1268 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:58:25.0781 1268 WIMMount - ok
09:58:25.0840 1268 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
09:58:25.0882 1268 WinDefend - ok
09:58:25.0893 1268 WinHttpAutoProxySvc - ok
09:58:25.0944 1268 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:58:25.0977 1268 Winmgmt - ok
09:58:26.0021 1268 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
09:58:26.0063 1268 WinRM - ok
09:58:26.0141 1268 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
09:58:26.0173 1268 Wlansvc - ok
09:58:26.0200 1268 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:58:26.0205 1268 WmiAcpi - ok
09:58:26.0230 1268 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:58:26.0243 1268 wmiApSrv - ok
09:58:26.0314 1268 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
09:58:26.0398 1268 WMPNetworkSvc - ok
09:58:26.0428 1268 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:58:26.0441 1268 WPCSvc - ok
09:58:26.0456 1268 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:58:26.0472 1268 WPDBusEnum - ok
09:58:26.0506 1268 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:58:26.0511 1268 ws2ifsl - ok
09:58:26.0526 1268 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll
09:58:26.0541 1268 wscsvc - ok
09:58:26.0549 1268 WSearch - ok
09:58:26.0629 1268 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
09:58:26.0682 1268 wuauserv - ok
09:58:26.0714 1268 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:58:26.0724 1268 WudfPf - ok
09:58:26.0741 1268 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:58:26.0754 1268 WUDFRd - ok
09:58:26.0771 1268 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:58:26.0784 1268 wudfsvc - ok
09:58:26.0808 1268 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
09:58:26.0825 1268 WwanSvc - ok
09:58:26.0833 1268 ================ Scan global ===============================
09:58:26.0885 1268 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
09:58:26.0919 1268 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
09:58:26.0970 1268 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
09:58:26.0997 1268 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
09:58:27.0023 1268 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
09:58:27.0041 1268 [Global] - ok
09:58:27.0042 1268 ================ Scan MBR ==================================
09:58:27.0065 1268 [ 973E9BA32FDBB305C552ED3E1EBF0686 ] \Device\Harddisk0\DR0
09:58:27.0117 1268 \Device\Harddisk0\DR0 - ok
09:58:27.0140 1268 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
09:58:27.0674 1268 \Device\Harddisk1\DR1 - ok
09:58:27.0674 1268 ================ Scan VBR ==================================
09:58:27.0679 1268 [ 2925F99186338985EF8977EC101F9811 ] \Device\Harddisk0\DR0\Partition1
09:58:27.0680 1268 \Device\Harddisk0\DR0\Partition1 - ok
09:58:27.0710 1268 [ 650E9DCD8530E6C33F6F4B40A4691555 ] \Device\Harddisk0\DR0\Partition2
09:58:27.0711 1268 \Device\Harddisk0\DR0\Partition2 - ok
09:58:27.0726 1268 [ 0077EEDC42A4765A1ED47702189A3A95 ] \Device\Harddisk1\DR1\Partition1
09:58:27.0739 1268 \Device\Harddisk1\DR1\Partition1 - ok
09:58:27.0764 1268 [ A86A5C5B515F8F3ABD2FF3F2394920C0 ] \Device\Harddisk1\DR1\Partition2
09:58:27.0782 1268 \Device\Harddisk1\DR1\Partition2 - ok
09:58:27.0785 1268 ============================================================
09:58:27.0785 1268 Scan finished
09:58:27.0785 1268 ============================================================
09:58:27.0802 4004 Detected object count: 0
09:58:27.0802 4004 Actual detected object count: 0

[Johnny82]

Zone Alarm nepoužívám a IP 89.176.150.150 je moje 89.176.150.150 260 ?

[Johnny82]

ComboFix 13-03-02.01 - JOHNNY 03.03.2013 10:15:28.2.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.3327.2477 [GMT 1:00]
Spuštěný z: c:\users\JOHNNY\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\XSxS
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-02-03 do 2013-03-03 )))))))))))))))))))))))))))))))
.
.
2013-03-03 09:23 . 2013-03-03 09:23 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-03-03 09:23 . 2013-03-03 09:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-02-28 23:35 . 2013-02-28 23:35 -------- d-----w- c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-02-27 10:24 . 2013-02-28 23:31 -------- d-----w- c:\users\JOHNNY\AppData\Roaming\Apple Computer
2013-02-27 09:27 . 2013-02-27 09:27 -------- d-----w- c:\program files\Valve
2013-02-25 15:20 . 2013-02-25 15:20 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-02-25 07:33 . 2013-02-25 07:33 -------- d-----w- c:\program files\Common Files\Macrovision Shared
2013-02-25 07:33 . 2013-02-25 07:33 -------- d-----w- c:\program files\Common Files\SRS Labs
2013-02-21 22:06 . 2013-02-21 22:06 -------- d-----w- c:\program files\DIFX
2013-02-21 22:00 . 2004-02-01 04:53 26166 ----a-w- c:\windows\system32\drivers\usbfilt.sys
2013-02-21 22:00 . 2000-03-06 23:00 278581 ----a-w- c:\windows\system32\temp.000
2013-02-21 21:36 . 2010-09-30 23:16 10240 ----a-w- c:\windows\system32\drivers\VKbms.sys
2013-02-21 21:36 . 2010-09-25 11:55 6656 ----a-w- c:\windows\system32\drivers\hidkmdf.sys
2013-02-21 21:36 . 2009-08-27 13:26 110592 ----a-w- c:\windows\system32\Abyssus.cpl
2013-02-21 21:36 . 2013-02-21 21:36 -------- d-----w- c:\users\JOHNNY\AppData\Roaming\InstallShield
2013-02-21 21:06 . 2009-12-21 20:50 5760 ----a-w- c:\windows\system32\drivers\vHidDev.sys
2013-02-21 21:06 . 2009-10-30 09:53 9216 ----a-w- c:\windows\system32\drivers\Abyssus.sys
2013-02-20 05:44 . 2013-02-20 05:44 -------- d-----w- c:\program files\Mozilla Maintenance Service
2013-02-18 14:27 . 2013-02-18 14:34 -------- d-----w- c:\program files\CCleaner
2013-02-17 21:44 . 2013-02-17 22:25 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2013-02-17 19:21 . 2013-02-17 19:21 -------- d-----w- c:\users\JOHNNY\AppData\Roaming\cypress
2013-02-17 19:21 . 2013-02-17 19:21 -------- d-----w- c:\program files\Lenovo
2013-02-17 19:20 . 2013-02-17 19:21 -------- d-----w- C:\Drivers
2013-02-17 19:16 . 2013-02-17 19:16 -------- d-----w- c:\program files\Intel
2013-02-17 19:16 . 2009-06-16 11:05 53248 ----a-w- c:\windows\system32\CSVer.dll
2013-02-17 18:59 . 2013-02-17 18:59 -------- d-----w- c:\users\JOHNNY\AppData\Roaming\Smart PC Solutions
2013-02-17 18:59 . 2013-02-17 18:59 -------- d-----w- c:\program files\Smart PC Solutions
2013-02-17 18:12 . 2013-02-17 18:12 -------- d-----w- c:\program files\XPC Tools
2013-02-17 17:52 . 2013-02-17 17:52 -------- d-----w- c:\users\JOHNNY\AppData\Roaming\Thinstall
2013-02-17 17:52 . 2013-02-17 17:52 -------- d-----w- c:\users\JOHNNY\AppData\Local\Thinstall
2013-02-17 16:35 . 2013-02-17 16:35 87608 ----a-w- c:\users\JOHNNY\AppData\Roaming\inst.exe
2013-02-17 16:35 . 2013-02-17 16:35 47360 ----a-w- c:\users\JOHNNY\AppData\Roaming\pcouffin.sys
2013-02-17 16:26 . 2013-02-18 14:35 -------- d-----w- c:\users\JOHNNY\AppData\Roaming\Vso
2013-02-17 15:46 . 2013-02-17 16:41 -------- d-----w- c:\program files\NirSoft
2013-02-17 14:44 . 2013-02-17 14:44 -------- d-----w- c:\users\JOHNNY\AppData\Roaming\Easeware
2013-02-17 14:14 . 2013-02-17 14:58 -------- d-----w- c:\program files\SmartTweak Software
2013-02-17 14:14 . 2013-02-17 14:14 -------- d-----w- c:\windows\system32\searchplugins
2013-02-17 14:14 . 2013-02-17 14:14 -------- d-----w- c:\windows\system32\Extensions
2013-02-17 10:49 . 2013-02-17 10:49 -------- d-----w- c:\users\JOHNNY\AppData\Roaming\Canneverbe Limited
2013-02-17 10:49 . 2013-02-17 10:49 -------- d-----w- c:\programdata\Canneverbe Limited
2013-02-17 10:39 . 2013-02-17 10:39 -------- d-----w- c:\users\JOHNNY\AppData\Roaming\All Free Disc Burner
2013-02-17 10:39 . 2002-01-05 15:37 344064 ----a-w- c:\windows\system32\msvcr70.dll
2013-02-16 23:43 . 2013-02-16 23:43 -------- d-----w- c:\program files\CapsUnlock
2013-02-16 16:41 . 2013-02-16 16:41 -------- d-----w- c:\programdata\Ashampoo
2013-02-16 16:40 . 2013-02-16 16:40 -------- d-----w- c:\program files\Ashampoo
2013-02-13 17:10 . 2013-01-08 22:05 678912 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2013-02-13 17:10 . 2013-01-08 22:03 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2013-02-13 17:10 . 2013-01-08 22:01 768000 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 17:06 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-02-13 17:06 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-13 17:06 . 2013-01-04 03:00 2347008 ----a-w- c:\windows\system32\win32k.sys
2013-02-13 17:06 . 2013-01-03 05:05 1293672 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-13 17:06 . 2013-01-03 05:04 187752 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-13 17:05 . 2013-01-04 04:50 169984 ----a-w- c:\windows\system32\winsrv.dll
2013-02-11 17:17 . 2013-02-11 17:17 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-02-11 17:17 . 2013-02-27 10:17 -------- d-----w- c:\users\JOHNNY\AppData\Roaming\DAEMON Tools Lite
2013-02-11 17:17 . 2013-02-11 17:17 -------- d-----w- c:\program files\DAEMON Tools Lite
2013-02-11 17:16 . 2013-02-11 17:19 -------- d-----w- c:\programdata\DAEMON Tools Lite
2013-02-11 09:13 . 2013-02-11 09:28 -------- d-----w- c:\users\JOHNNY\AppData\Roaming\Ulozto File Manager
2013-02-10 07:06 . 2013-02-10 07:06 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2013-02-10 07:03 . 2013-02-10 07:03 -------- d-----w- c:\program files\Adobe Media Player
2013-02-09 18:42 . 2013-02-09 18:42 -------- d-----w- c:\users\JOHNNY\AppData\Roaming\BANDISOFT
2013-02-09 18:42 . 2013-02-09 18:42 -------- d-----w- c:\program files\BandiMPEG1
2013-02-09 12:35 . 2013-02-09 15:33 -------- d-----w- c:\program files\Screenshots
2013-02-08 20:31 . 2013-02-08 20:46 -------- dc-h--w- c:\programdata\{3155EF3F-3778-4C4C-B0F3-3E48423B8965}
2013-02-08 20:31 . 2013-02-08 20:31 -------- d-----w- c:\program files\UPC Fiber Power Optimizer
2013-02-08 20:31 . 2013-02-08 20:31 -------- d-----w- c:\users\JOHNNY\AppData\Local\PackageAware
2013-02-08 20:31 . 2013-02-08 20:31 -------- d-----w- c:\program files\ESET
2013-02-06 07:29 . 2013-02-06 07:29 -------- d-----w- c:\users\JOHNNY\AppData\Roaming\SoundSpectrum
2013-02-06 07:29 . 2013-02-06 07:29 -------- d-----w- c:\users\JOHNNY\AppData\Local\SoundSpectrum
2013-02-06 07:23 . 2013-02-06 07:23 -------- d-----w- c:\program files\SoundSpectrum
2013-02-04 06:25 . 2013-02-04 06:28 -------- d-----w- c:\users\JOHNNY\AppData\Roaming\YoWindow
2013-02-04 06:25 . 2013-02-04 06:25 -------- d-----w- c:\programdata\YoWindow
2013-02-04 06:24 . 2013-02-04 06:25 -------- d-----w- c:\program files\YoWindow
2013-02-04 03:50 . 2013-02-09 17:50 -------- d-----w- c:\program files\WinSnapPortable
2013-02-03 16:17 . 2013-02-03 16:17 -------- d-----w- c:\program files\Common Files\Steam
2013-02-03 16:17 . 2013-02-07 19:28 -------- d-----w- c:\program files\Steam
2013-02-02 18:03 . 2013-02-02 18:03 -------- d-----w- C:\.cache
2013-02-02 15:30 . 2013-02-11 17:14 -------- d-----r- c:\users\JOHNNY\MegaCloud
2013-02-02 15:29 . 2013-02-11 17:15 -------- d-----w- c:\users\JOHNNY\AppData\Roaming\MegaCloud
2013-02-02 15:18 . 2013-02-02 15:18 -------- d-----w- c:\programdata\Web Installer
2013-02-02 15:03 . 2013-02-02 15:03 -------- d-s---w- c:\users\JOHNNY\Disk Google
2013-02-02 13:53 . 2013-02-02 13:53 -------- d-----w- c:\users\JOHNNY\AppData\Roaming\PotPlayerMini
2013-02-02 13:53 . 2013-02-02 13:53 -------- d-----w- c:\users\JOHNNY\AppData\Local\Daum
2013-02-02 13:50 . 2013-02-02 13:50 -------- d-----w- c:\program files\Daum
2013-02-01 20:04 . 2013-02-01 20:04 -------- d-----w- c:\program files\Bethesda Softworks
2013-02-01 19:33 . 2013-02-01 19:33 -------- d-----w- c:\windows\system32\RTCOM
2013-02-01 19:31 . 2011-05-31 08:42 458344 ----a-w- c:\windows\system32\DTSNeoPCDLL.dll
2013-02-01 12:42 . 2013-02-25 07:33 -------- d-----w- c:\program files\SRS Labs
2013-02-01 11:45 . 2013-02-01 11:45 -------- d-----w- c:\users\JOHNNY\AppData\Local\SRS Labs
2013-02-01 11:45 . 2013-02-01 11:45 -------- d-----w- c:\programdata\SRS Labs
2013-02-01 11:44 . 2007-05-03 09:27 37248 ----a-w- c:\windows\system32\drivers\csiidecoder_kern_i386.sys
2013-02-01 11:44 . 2007-05-03 09:27 32000 ----a-w- c:\windows\system32\drivers\wowhd_kern_i386.sys
2013-02-01 11:44 . 2007-05-03 09:27 47360 ----a-w- c:\windows\system32\drivers\Surroundhp_kern_i386.sys
2013-02-01 11:44 . 2007-05-03 09:27 46592 ----a-w- c:\windows\system32\drivers\tshd4_kern_i386.sys
2013-02-01 11:14 . 2013-02-09 17:50 -------- d-----w- c:\programdata\AutoKMS
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-27 10:35 . 2012-12-31 02:00 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-27 10:35 . 2012-12-31 02:00 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-25 15:20 . 2012-12-31 23:29 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-02-25 15:20 . 2012-12-31 23:29 861088 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-01-30 12:45 . 2013-01-30 12:45 855360 ----a-w- c:\windows\yowindow.scr
2013-01-28 13:51 . 2013-01-28 13:24 24472 ----a-w- c:\windows\system32\drivers\bc.sys
2013-01-28 13:51 . 2013-01-28 13:24 19352 ----a-w- c:\windows\system32\drivers\ksskrpr.sys
2013-01-28 13:51 . 2013-01-28 13:24 166776 ----a-w- c:\windows\system32\drivers\kdhacker64.sys
2013-01-28 13:51 . 2013-01-28 13:24 127992 ----a-w- c:\windows\system32\drivers\kdhacker.sys
2013-01-28 13:51 . 2013-01-28 13:24 83320 ----a-w- c:\windows\system32\drivers\ksapi.sys
2013-01-28 13:51 . 2013-01-28 13:24 31848 ----a-w- c:\windows\system32\drivers\kavbootc64.sys
2013-01-28 13:51 . 2013-01-28 13:24 27240 ----a-w- c:\windows\system32\drivers\kavbootc.sys
2013-01-28 13:51 . 2013-01-28 13:24 18296 ----a-w- c:\windows\system32\drivers\kusbquery64.sys
2013-01-28 13:51 . 2013-01-28 13:24 175928 ----a-w- c:\windows\system32\drivers\kisknl.sys
2013-01-28 13:51 . 2013-01-28 13:24 14200 ----a-w- c:\windows\system32\drivers\kusbquery.sys
2013-01-12 18:06 . 2013-01-12 18:06 632064 ----a-w- c:\windows\system32\msvcr80.dll
2013-01-12 18:06 . 2013-01-12 18:06 554240 ----a-w- c:\windows\system32\msvcp80.dll
2013-01-12 18:06 . 2013-01-12 18:06 34048 ----a-w- c:\windows\system32\eEmpty.exe
2013-01-10 08:46 . 2013-01-09 15:57 138032 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2013-01-10 08:46 . 2013-01-09 15:47 281688 ----a-w- c:\windows\system32\PnkBstrB.exe
2013-01-10 08:46 . 2013-01-09 14:14 281688 ----a-w- c:\windows\system32\PnkBstrB.xtr
2013-01-09 17:39 . 2013-01-09 14:01 281688 ----a-w- c:\windows\system32\PnkBstrB.ex0
2013-01-09 15:47 . 2013-01-09 15:47 76888 ----a-w- c:\windows\system32\PnkBstrA.exe
2012-12-31 04:35 . 2012-12-31 04:35 163056 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10142.bin
2012-12-30 23:56 . 2012-12-30 23:56 86528 ----a-w- c:\windows\system32\iesysprep.dll
2012-12-30 23:56 . 2012-12-30 23:56 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-12-30 23:56 . 2012-12-30 23:56 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-12-30 23:56 . 2012-12-30 23:56 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-12-30 23:56 . 2012-12-30 23:56 161792 ----a-w- c:\windows\system32\msls31.dll
2012-12-30 23:56 . 2012-12-30 23:56 110592 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-12-30 23:56 . 2012-12-30 23:56 74752 ----a-w- c:\windows\system32\iesetup.dll
2012-12-30 23:56 . 2012-12-30 23:56 63488 ----a-w- c:\windows\system32\tdc.ocx
2012-12-30 23:56 . 2012-12-30 23:56 367104 ----a-w- c:\windows\system32\html.iec
2012-12-30 23:56 . 2012-12-30 23:56 35840 ----a-w- c:\windows\system32\imgutil.dll
2012-12-30 23:56 . 2012-12-30 23:56 23552 ----a-w- c:\windows\system32\licmgr10.dll
2012-12-30 23:56 . 2012-12-30 23:56 152064 ----a-w- c:\windows\system32\wextract.exe
2012-12-30 23:56 . 2012-12-30 23:56 150528 ----a-w- c:\windows\system32\iexpress.exe
2012-12-30 23:56 . 2012-12-30 23:56 11776 ----a-w- c:\windows\system32\mshta.exe
2012-12-30 23:56 . 2012-12-30 23:56 101888 ----a-w- c:\windows\system32\admparse.dll
2012-12-29 10:26 . 2013-01-28 06:00 8904632 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-12-29 10:26 . 2013-01-28 06:00 7931896 ----a-w- c:\windows\system32\nvcuda.dll
2012-12-29 10:26 . 2013-01-28 06:00 6263784 ----a-w- c:\windows\system32\nvopencl.dll
2012-12-29 10:26 . 2013-01-28 06:00 2720696 ----a-w- c:\windows\system32\nvcuvid.dll
2012-12-29 10:26 . 2013-01-28 06:00 20450232 ----a-w- c:\windows\system32\nvoglv32.dll
2012-12-29 10:26 . 2013-01-28 06:00 1985976 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-12-29 10:26 . 2013-01-28 06:00 17560504 ----a-w- c:\windows\system32\nvcompiler.dll
2012-12-29 10:26 . 2013-01-28 06:00 12641120 ----a-w- c:\windows\system32\nvwgf2um.dll
2012-12-29 10:26 . 2012-10-10 20:14 889784 ----a-w- c:\windows\system32\nvdispgenco32.dll
2012-12-29 10:26 . 2012-10-10 20:14 2504248 ----a-w- c:\windows\system32\nvapi.dll
2012-12-29 10:26 . 2012-10-10 20:14 1017272 ----a-w- c:\windows\system32\nvdispco32.dll
2012-12-29 10:26 . 2012-10-10 20:14 15129064 ----a-w- c:\windows\system32\nvd3dum.dll
2012-12-29 08:26 . 2012-12-31 00:08 4129720 ----a-w- c:\windows\system32\nvcpl.dll
2012-12-29 08:26 . 2012-12-31 00:08 3001272 ----a-w- c:\windows\system32\nvsvc.dll
2012-12-29 08:25 . 2012-12-31 00:08 639928 ----a-w- c:\windows\system32\nvvsvc.exe
2012-12-29 08:25 . 2012-12-31 00:08 62904 ----a-w- c:\windows\system32\nvshext.dll
2012-12-29 08:25 . 2012-12-31 00:08 108984 ----a-w- c:\windows\system32\nvmctray.dll
2012-12-29 01:54 . 2012-12-29 01:54 550328 ----a-w- c:\windows\system32\nvStreaming.exe
2012-12-28 21:04 . 2012-12-28 21:04 36352 ----a-w- c:\windows\system32\xfcodec.dll
2012-12-16 14:13 . 2012-12-31 00:31 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-31 00:31 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-14 15:49 . 2013-01-04 04:01 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-07 12:26 . 2013-01-09 07:04 308736 ----a-w- c:\windows\system32\Wpc.dll
2012-12-07 12:20 . 2013-01-09 07:04 2576384 ----a-w- c:\windows\system32\gameux.dll
2012-12-07 10:46 . 2013-01-09 07:04 43520 ----a-w- c:\windows\system32\csrr.rs
2012-12-07 10:46 . 2013-01-09 07:04 30720 ----a-w- c:\windows\system32\usk.rs
2012-12-07 10:46 . 2013-01-09 07:04 45568 ----a-w- c:\windows\system32\oflc-nz.rs
2012-12-07 10:46 . 2013-01-09 07:04 44544 ----a-w- c:\windows\system32\pegibbfc.rs
2012-12-07 10:46 . 2013-01-09 07:04 23552 ----a-w- c:\windows\system32\oflc.rs
2012-12-07 10:46 . 2013-01-09 07:04 20480 ----a-w- c:\windows\system32\pegi-pt.rs
2012-12-07 10:46 . 2013-01-09 07:04 20480 ----a-w- c:\windows\system32\pegi-fi.rs
2012-12-07 10:46 . 2013-01-09 07:04 46592 ----a-w- c:\windows\system32\fpb.rs
2012-12-07 10:46 . 2013-01-09 07:04 20480 ----a-w- c:\windows\system32\pegi.rs
2012-12-07 10:46 . 2013-01-09 07:04 21504 ----a-w- c:\windows\system32\grb.rs
2012-12-07 10:46 . 2013-01-09 07:04 40960 ----a-w- c:\windows\system32\cob-au.rs
2012-12-07 10:46 . 2013-01-09 07:04 15360 ----a-w- c:\windows\system32\djctq.rs
2012-12-07 10:46 . 2013-01-09 07:04 55296 ----a-w- c:\windows\system32\cero.rs
2012-12-07 10:46 . 2013-01-09 07:04 51712 ----a-w- c:\windows\system32\esrb.rs
2013-02-16 00:34 . 2013-02-20 05:44 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0MegaCloudNormal]
@="{03FB4211-3964-44E8-97D7-A2FA49CF5576}"
[HKEY_CLASSES_ROOT\CLSID\{03FB4211-3964-44E8-97D7-A2FA49CF5576}]
2012-12-19 15:57 244480 ----a-w- c:\users\JOHNNY\AppData\Roaming\MegaCloud\MegaCloudShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1MegaCloudModified]
@="{03FB4212-3964-44E8-97D7-A2FA49CF5576}"
[HKEY_CLASSES_ROOT\CLSID\{03FB4212-3964-44E8-97D7-A2FA49CF5576}]
2012-12-19 15:57 244480 ----a-w- c:\users\JOHNNY\AppData\Roaming\MegaCloud\MegaCloudShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2MeagCloudError]
@="{03FB4213-3964-44E8-97D7-A2FA49CF5576}"
[HKEY_CLASSES_ROOT\CLSID\{03FB4213-3964-44E8-97D7-A2FA49CF5576}]
2012-12-19 15:57 244480 ----a-w- c:\users\JOHNNY\AppData\Roaming\MegaCloud\MegaCloudShellExt.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2012-02-08 00:49 22376 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2013-01-08 3674320]
"Advanced SystemCare 5"="c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe" [2011-12-29 620376]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-12-30 348664]
"AdobeCS5ServiceManager"="c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"SRSAENotifier"="c:\program files\SRS Labs\SRS Audio Essentials\AENotifier.exe" [2012-06-25 548768]
.
c:\users\JOHNNY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CapsUnlock.lnk - c:\program files\CapsUnlock\CapsUnlock.exe [2013-2-17 13312]
YoWindow.lnk - c:\program files\YoWindow\yowindow.exe [2013-1-30 888128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKLM\~\startupfolder\C:^Users^JOHNNY^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^HDDlife.lnk]
backup=c:\windows\pss\HDDlife.lnk.Startup
backupExtension=.Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SRS Audio Sandbox
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Abyssus]
2011-03-10 12:04 231936 ----a-w- c:\program files\Razer\Abyssus\razerhid.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-12-03 07:35 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 5]
2011-12-29 15:43 620376 ----a-w- c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2013-01-08 08:41 3674320 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-01-08 11:59 18705664 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Smart Driver Updater]
2013-01-31 11:31 341304 ----a-w- c:\program files\Smart PC Solutions\Smart Driver Updater\SDULauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SRSHDAudioLab]
2012-06-25 14:16 5446056 ----a-w- c:\program files\SRS Labs\SRS Audio Essentials\AudioEssentials.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Standard8inRight]
2011-09-06 13:38 3515904 ----a-w- c:\program files\Standard8-in-Right\Standard8inRight.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Standard8inRight"="c:\program files\Standard8-in-Right\Standard8inRight.exe" Minimum
"SRSHDAudioLab"="c:\program files\SRS Labs\SRS Audio Essentials\AudioEssentials.exe" auto
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"SwitchBoard"=c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
"SRSAENotifier"=c:\program files\SRS Labs\SRS Audio Essentials\AENotifier.exe
.
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 digitalpower;Digital Power Station service;c:\windows\system32\drivers\digitalpower.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [x]
R3 ksapi;ksapi;c:\windows\system32\drivers\ksapi.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 Usbfilt;Usbfilt;c:\windows\SYSTEM32\DRIVERS\usbfilt.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 vHidDev;Razer Gaming Device;c:\windows\system32\DRIVERS\vHidDev.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 KAVBootC;KAVBootC;c:\windows\system32\Drivers\KAVBootC.sys [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [x]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [x]
S2 kisknl;kisknl;c:\windows\system32\drivers\kisknl.sys [x]
S2 SRSHDAudioService;SRS HDAudio Lab Service;c:\program files\Common Files\SRS Labs\SRS HD Audio Lab Service 2\SRSAudioLabService.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [x]
S3 Abyssus03;Razer Abyssus USB Filter Driver;c:\windows\system32\Drivers\Abyssus.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
S3 SRS_AE_Service;SRS Audio;c:\windows\system32\drivers\SRS_AE_i386.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [x]
S3 VKbms;Virtual HID Minidriver;c:\windows\system32\DRIVERS\VKbms.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc Mcx2Svc SensrSvc
GPSvcGroup REG_MULTI_SZ GPSvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-03-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-31 10:35]
.
2013-03-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-01-19 22:19]
.
2013-03-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-01-19 22:19]
.
2013-02-10 c:\windows\Tasks\MegaCloud Backup.job
- c:\users\JOHNNY\AppData\Roaming\MegaCloudBackup\MegaCloudBackup.exe [2013-02-02 14:43]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: Stáhnout s IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Stáhnout s IDM všechny odkazy - c:\program files\Internet Download Manager\IEGetAll.htm
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\users\JOHNNY\AppData\Roaming\Mozilla\Firefox\Profiles\3n3x2xdk.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=green ... =668083&p=
FF - ExtSQL: 2013-02-12 00:45; firefox@mega.co.nz; c:\users\JOHNNY\AppData\Roaming\Mozilla\Firefox\Profiles\3n3x2xdk.default\extensions\firefox@mega.co.nz.xpi
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-DriverUpdaterPro - c:\program files\XPC Tools\Driver Updater Pro\DriverUpdaterPro.exe
HKLM_ActiveSetup-{8A69D345-D564-463c-AFF1-A69D9E530F96} - 25.0.1364.97\Installer\chrmstp.exe --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1955006978-3361955648-2227706555-1000_Classes\CLSID\{26d2f811-f41a-4723-ae75-bd8f31a26785}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000038
"Therad"=dword:00000001
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_USERS\S-1-5-21-1955006978-3361955648-2227706555-1000_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):c4,a2,eb,a3,e8,e5,67,11,f4,4a,59,d0,3b,17,3e,a5,ed,7a,71,87,6f,
7a,c3,14,79,4a,e4,69,65,88,22,b0,16,96,ad,30,45,5d,28,06,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\nvvsvc.exe
c:\windows\system32\taskhost.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\conhost.exe
c:\program files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2013-03-03 10:30:49 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-03-03 09:30
.
Před spuštěním: Volných bajtů: 118 363 402 240
Po spuštění: Volných bajtů: 118 139 023 360
.
- - End Of File - - 24ABF99731B9198F996D612D4D7EA10C

[memphisto]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
Folder::
c:\programdata\Spybot - Search & Destroy
c:\programdata\AutoKMS

File::
c:\windows\system32\temp.000
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Firefox::
FF - ProfilePath - c:\users\JOHNNY\AppData\Roaming\Mozilla\Firefox\Profiles\3n3x2xdk.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=green ... =668083&p=

RegLock::
[HKEY_USERS\S-1-5-21-1955006978-3361955648-2227706555-1000_Classes\CLSID\{26d2f811-f41a-4723-ae75-bd8f31a26785}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000038
"Therad"=dword:00000001
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_USERS\S-1-5-21-1955006978-3361955648-2227706555-1000_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):c4,a2,eb,a3,e8,e5,67,11,f4,4a,59,d0,3b,17,3e,a5,ed,7a,71,87,6f,
7a,c3,14,79,4a,e4,69,65,88,22,b0,16,96,ad,30,45,5d,28,06,00,00,00,00,00,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upus.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu