zblbnutá klávesnica asus x54c

[makuko271]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:01:47, on 4. 3. 2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16464)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Windows\SysWOW64\jmdp\stij.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\michal\Downloads\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IB Updater Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\IB Updater\Extension32.dll
O2 - BHO: Incredibar.com Helper Object - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20130224083830.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll" (file missing)
O3 - Toolbar: Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [SDP] C:\Program Files (x86)\FilesFrog Update Checker\update_checker.exe /auto
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: hamachi.lnk = michal\Desktop\gi\hamachi.exe
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: IBUpdaterService - Unknown owner - C:\windows\system32\dmwu.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 14170 bytes

[Reklama]

[memphisto]

Máš tam AVAST a McAfee. Jedno odinstaluj! DOporučuji nechat AVAST

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

[makuko271]

Malwarebytes Anti-Malware (Skúšobná verzia) 1.70.0.1100
www.malwarebytes.org

Verzia databázy: v2013.03.06.13

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
michal :: MICHAL-PC [administrátor]

Ochrana: Zapnuté

6. 3. 2013 23:03:19
MBAM-log-2013-03-06 (23-07-18).txt

Typ kontroly: Rýchla kontrola
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 224485
Uplynutý čas: 2 min, 58 sek

Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 1
HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService (PUP.InstallBrain) -> Žiadna úloha nevykonaná.

Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)

Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)

Detegované priečinky: 0
(Škodlivé položky neboli zistené)

Detegované súbory: 0
(Škodlivé položky neboli zistené)

(koniec)

[makuko271]

# AdwCleaner v2.114 - Logfile created 03/06/2013 at 23:10:38
# Updated 05/03/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : michal - MICHAL-PC
# Boot Mode : Normal
# Running from : C:\Users\michal\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****

Found : IBUpdaterService

***** [Files / Folders] *****

File Found : C:\user.js
Folder Found : C:\Program Files (x86)\FilesFrog Update Checker
Folder Found : C:\Program Files (x86)\incredibar.com
Folder Found : C:\Program Files\IB Updater
Folder Found : C:\Users\michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Folder Found : C:\Users\michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
Folder Found : C:\windows\SysWOW64\WNLT

***** [Registry] *****

Key Found : HKCU\Software\IM
Key Found : HKCU\Software\ImInstaller
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Found : HKCU\Software\Somoto
Key Found : HKCU\Software\WNLT
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Found : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1
Key Found : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Key Found : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Key Found : HKLM\SOFTWARE\Classes\I
Key Found : HKLM\SOFTWARE\Classes\Incredibar.dskBnd
Key Found : HKLM\SOFTWARE\Classes\Incredibar.dskBnd.1
Key Found : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr
Key Found : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr.1
Key Found : HKLM\SOFTWARE\Classes\IncredibarApp.appCore
Key Found : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\Software\IB Updater
Key Found : HKLM\Software\incredibar.com
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Key Found : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Found : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Found : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Key Found : HKU\S-1-5-21-6360699-2583704273-3681457248-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SDP]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{F9639E4A-801B-4843-AEE3-03D9DA199E77}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16464

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0 (sk)

File : C:\Users\michal\AppData\Roaming\Mozilla\Firefox\Profiles\12k3mu47.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v25.0.1364.152

File : C:\Users\michal\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [9554 octets] - [06/03/2013 23:10:38]

########## EOF - C:\AdwCleaner[R1].txt - [9614 octets] ##########

[Žbeky]

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“)
Klikni na „ Delete“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt), jeho obsah sem celý vlož.

Znovu spusť MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.

[makuko271]

# AdwCleaner v2.114 - Logfile created 03/08/2013 at 00:07:06
# Updated 05/03/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : michal - MICHAL-PC
# Boot Mode : Normal
# Running from : C:\Users\michal\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\user.js
Folder Deleted : C:\Program Files (x86)\FilesFrog Update Checker
Folder Deleted : C:\Program Files (x86)\incredibar.com
Folder Deleted : C:\Program Files\IB Updater
Folder Deleted : C:\Users\michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Folder Deleted : C:\Users\michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
Folder Deleted : C:\windows\SysWOW64\WNLT

***** [Registry] *****

Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKCU\Software\Somoto
Key Deleted : HKCU\Software\WNLT
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\I
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr
Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\IncredibarApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\Software\IB Updater
Key Deleted : HKLM\Software\incredibar.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WNLT
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SDP]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{F9639E4A-801B-4843-AEE3-03D9DA199E77}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16464

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0 (sk)

File : C:\Users\michal\AppData\Roaming\Mozilla\Firefox\Profiles\12k3mu47.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v25.0.1364.152

File : C:\Users\michal\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [9643 octets] - [06/03/2013 23:10:38]
AdwCleaner[R2].txt - [9797 octets] - [08/03/2013 00:06:13]
AdwCleaner[R3].txt - [9857 octets] - [08/03/2013 00:06:50]
AdwCleaner[S1].txt - [396 octets] - [07/03/2013 22:40:44]
AdwCleaner[S2].txt - [358 octets] - [07/03/2013 22:57:02]
AdwCleaner[S3].txt - [9799 octets] - [08/03/2013 00:07:06]

########## EOF - C:\AdwCleaner[S3].txt - [9859 octets] ##########

[makuko271]

Malwarebytes Anti-Malware (Skúšobná verzia) 1.70.0.1100
www.malwarebytes.org

Verzia databázy: v2013.03.06.13

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
michal :: MICHAL-PC [administrátor]

Ochrana: Zapnuté

8. 3. 2013 0:25:48
mbam-log-2013-03-08 (00-25-48).txt

Typ kontroly: Rýchla kontrola
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 224376
Uplynutý čas: 1 min, 18 sek

Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)

Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)

Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)

Detegované priečinky: 0
(Škodlivé položky neboli zistené)

Detegované súbory: 0
(Škodlivé položky neboli zistené)

(koniec)

[makuko271]

00:34:58.0681 2848 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
00:34:58.0897 2848 ============================================================
00:34:58.0897 2848 Current date / time: 2013/03/08 00:34:58.0897
00:34:58.0897 2848 SystemInfo:
00:34:58.0897 2848
00:34:58.0897 2848 OS Version: 6.1.7601 ServicePack: 1.0
00:34:58.0897 2848 Product type: Workstation
00:34:58.0898 2848 ComputerName: MICHAL-PC
00:34:58.0898 2848 UserName: michal
00:34:58.0898 2848 Windows directory: C:\windows
00:34:58.0898 2848 System windows directory: C:\windows
00:34:58.0898 2848 Running under WOW64
00:34:58.0898 2848 Processor architecture: Intel x64
00:34:58.0898 2848 Number of processors: 2
00:34:58.0898 2848 Page size: 0x1000
00:34:58.0898 2848 Boot type: Normal boot
00:34:58.0898 2848 ============================================================
00:34:59.0518 2848 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:34:59.0523 2848 ============================================================
00:34:59.0523 2848 \Device\Harddisk0\DR0:
00:34:59.0524 2848 MBR partitions:
00:34:59.0524 2848 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3232800, BlocksNum 0x37153000
00:34:59.0524 2848 ============================================================
00:34:59.0542 2848 C: <-> \Device\Harddisk0\DR0\Partition1
00:34:59.0542 2848 ============================================================
00:34:59.0542 2848 Initialize success
00:34:59.0542 2848 ============================================================
00:35:05.0143 4232 ============================================================
00:35:05.0144 4232 Scan started
00:35:05.0144 4232 Mode: Manual;
00:35:05.0144 4232 ============================================================
00:35:05.0539 4232 ================ Scan system memory ========================
00:35:05.0539 4232 System memory - ok
00:35:05.0541 4232 ================ Scan services =============================
00:35:05.0905 4232 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
00:35:05.0909 4232 1394ohci - ok
00:35:05.0942 4232 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
00:35:05.0947 4232 ACPI - ok
00:35:05.0978 4232 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
00:35:05.0979 4232 AcpiPmi - ok
00:35:06.0081 4232 [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
00:35:06.0083 4232 AdobeFlashPlayerUpdateSvc - ok
00:35:06.0132 4232 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
00:35:06.0138 4232 adp94xx - ok
00:35:06.0165 4232 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
00:35:06.0169 4232 adpahci - ok
00:35:06.0192 4232 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
00:35:06.0195 4232 adpu320 - ok
00:35:06.0227 4232 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
00:35:06.0229 4232 AeLookupSvc - ok
00:35:06.0281 4232 [ 69FD46FAC0D9C4A8ECD522AC6A7481F5 ] AFBAgent C:\windows\system32\FBAgent.exe
00:35:06.0307 4232 AFBAgent - ok
00:35:06.0352 4232 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
00:35:06.0358 4232 AFD - ok
00:35:06.0414 4232 [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem C:\windows\system32\DRIVERS\agrsm64.sys
00:35:06.0438 4232 AgereSoftModem - ok
00:35:06.0464 4232 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
00:35:06.0466 4232 agp440 - ok
00:35:06.0499 4232 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
00:35:06.0501 4232 ALG - ok
00:35:06.0529 4232 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
00:35:06.0531 4232 aliide - ok
00:35:06.0542 4232 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
00:35:06.0544 4232 amdide - ok
00:35:06.0560 4232 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
00:35:06.0562 4232 AmdK8 - ok
00:35:06.0567 4232 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
00:35:06.0569 4232 AmdPPM - ok
00:35:06.0581 4232 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
00:35:06.0583 4232 amdsata - ok
00:35:06.0604 4232 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
00:35:06.0607 4232 amdsbs - ok
00:35:06.0624 4232 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
00:35:06.0626 4232 amdxata - ok
00:35:06.0655 4232 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
00:35:06.0657 4232 AppID - ok
00:35:06.0683 4232 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
00:35:06.0685 4232 AppIDSvc - ok
00:35:06.0699 4232 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
00:35:06.0701 4232 Appinfo - ok
00:35:06.0726 4232 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
00:35:06.0729 4232 arc - ok
00:35:06.0734 4232 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
00:35:06.0737 4232 arcsas - ok
00:35:06.0813 4232 [ A3626C6D3F2DC95497F3F61842D7FD89 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
00:35:06.0814 4232 ASLDRService - ok
00:35:06.0852 4232 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
00:35:06.0853 4232 ASMMAP64 - ok
00:35:06.0895 4232 [ 8569AF4C73747671194EA9EBB2F2D6CF ] asmthub3 C:\windows\system32\DRIVERS\asmthub3.sys
00:35:06.0898 4232 asmthub3 - ok
00:35:06.0923 4232 [ 073716FBFFAC7057CD5FF00A1B558331 ] asmtxhci C:\windows\system32\DRIVERS\asmtxhci.sys
00:35:06.0929 4232 asmtxhci - ok
00:35:07.0008 4232 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
00:35:07.0024 4232 aspnet_state - ok
00:35:07.0071 4232 [ 52436245AAEF3B65DF7859949AB6A14E ] ASUS InstantOn C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
00:35:07.0074 4232 ASUS InstantOn - ok
00:35:07.0106 4232 [ 4CA8E3A70263C3029935551204586701 ] aswFsBlk C:\windows\system32\drivers\aswFsBlk.sys
00:35:07.0107 4232 aswFsBlk - ok
00:35:07.0134 4232 [ CF6A24076F978BF9C1FE61EE8595DB66 ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
00:35:07.0136 4232 aswMonFlt - ok
00:35:07.0192 4232 [ 24EB5B96B8D215BAC4FC280D39B73049 ] aswRdr C:\windows\System32\Drivers\aswrdr2.sys
00:35:07.0194 4232 aswRdr - ok
00:35:07.0219 4232 [ 76A2BD420185B468B6DE89AED1EEAE40 ] aswRvrt C:\windows\system32\drivers\aswRvrt.sys
00:35:07.0221 4232 aswRvrt - ok
00:35:07.0262 4232 [ 5EB2FC36BD4639097A2F9BB68C825604 ] aswSnx C:\windows\system32\drivers\aswSnx.sys
00:35:07.0285 4232 aswSnx - ok
00:35:07.0342 4232 [ AB1403AF5CC781D5148096216DA3A2A3 ] aswSP C:\windows\system32\drivers\aswSP.sys
00:35:07.0347 4232 aswSP - ok
00:35:07.0381 4232 [ 6A2D4BB9DDAA7D74839936403BB31F06 ] aswTdi C:\windows\system32\drivers\aswTdi.sys
00:35:07.0383 4232 aswTdi - ok
00:35:07.0414 4232 [ 0A83FFF1AEF6113EF8DCBB32D5014AB1 ] aswVmm C:\windows\system32\drivers\aswVmm.sys
00:35:07.0417 4232 aswVmm - ok
00:35:07.0428 4232 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
00:35:07.0430 4232 AsyncMac - ok
00:35:07.0475 4232 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
00:35:07.0494 4232 atapi - ok
00:35:07.0523 4232 [ 185F180536188C1A4ED605234721A5B9 ] AthBTPort C:\windows\system32\DRIVERS\btath_flt.sys
00:35:07.0525 4232 AthBTPort - ok
00:35:07.0569 4232 [ 27DF1F85E69FE3CD3AEEB4022BF404AB ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
00:35:07.0571 4232 AtherosSvc - ok
00:35:07.0638 4232 [ B4174564AD5834A1680610572477878C ] athr C:\windows\system32\DRIVERS\athrx.sys
00:35:07.0696 4232 athr - ok
00:35:07.0715 4232 [ DBC598E47E7A382E60E2A4745D41FEF9 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
00:35:07.0716 4232 ATKGFNEXSrv - ok
00:35:07.0755 4232 [ 41CEAFFCF3550785E59E3EC9BEE8D97A ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
00:35:07.0756 4232 ATKWMIACPIIO - ok
00:35:07.0790 4232 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
00:35:07.0813 4232 AudioEndpointBuilder - ok
00:35:07.0834 4232 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
00:35:07.0840 4232 AudioSrv - ok
00:35:07.0944 4232 [ AEF6E1DE647339C4990586D1DE427BBB ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
00:35:07.0945 4232 avast! Antivirus - ok
00:35:07.0990 4232 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
00:35:07.0993 4232 AxInstSV - ok
00:35:08.0028 4232 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
00:35:08.0034 4232 b06bdrv - ok
00:35:08.0061 4232 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
00:35:08.0065 4232 b57nd60a - ok
00:35:08.0201 4232 [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
00:35:08.0203 4232 BBSvc - ok
00:35:08.0240 4232 [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
00:35:08.0243 4232 BBUpdate - ok
00:35:08.0288 4232 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
00:35:08.0290 4232 BDESVC - ok
00:35:08.0319 4232 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
00:35:08.0320 4232 Beep - ok
00:35:08.0362 4232 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
00:35:08.0385 4232 BFE - ok
00:35:08.0427 4232 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
00:35:08.0484 4232 BITS - ok
00:35:08.0513 4232 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
00:35:08.0515 4232 blbdrive - ok
00:35:08.0551 4232 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
00:35:08.0553 4232 bowser - ok
00:35:08.0572 4232 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
00:35:08.0573 4232 BrFiltLo - ok
00:35:08.0577 4232 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
00:35:08.0579 4232 BrFiltUp - ok
00:35:08.0612 4232 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
00:35:08.0615 4232 Browser - ok
00:35:08.0629 4232 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
00:35:08.0634 4232 Brserid - ok
00:35:08.0638 4232 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
00:35:08.0640 4232 BrSerWdm - ok
00:35:08.0645 4232 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
00:35:08.0647 4232 BrUsbMdm - ok
00:35:08.0652 4232 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
00:35:08.0653 4232 BrUsbSer - ok
00:35:08.0700 4232 [ 3681750501F4C4975E103C9B97BC1E11 ] BTATH_A2DP C:\windows\system32\drivers\btath_a2dp.sys
00:35:08.0705 4232 BTATH_A2DP - ok
00:35:08.0731 4232 [ 257695FE964A0E0085C6E89F7F99A7C2 ] btath_avdt C:\windows\system32\drivers\btath_avdt.sys
00:35:08.0734 4232 btath_avdt - ok
00:35:08.0781 4232 [ E6B734A37ADE36FE1A77035F4E484C8C ] BTATH_BUS C:\windows\system32\DRIVERS\btath_bus.sys
00:35:08.0783 4232 BTATH_BUS - ok
00:35:08.0811 4232 [ FB3833E63FF602B69C2FF085846DCF43 ] BTATH_HCRP C:\windows\system32\DRIVERS\btath_hcrp.sys
00:35:08.0814 4232 BTATH_HCRP - ok
00:35:08.0834 4232 [ 371A11C1333BA526263A987A93ACDE3D ] BTATH_LWFLT C:\windows\system32\DRIVERS\btath_lwflt.sys
00:35:08.0835 4232 BTATH_LWFLT - ok
00:35:08.0870 4232 [ ABCD3C16CA850A7594CEB9AD5D966810 ] BTATH_RCP C:\windows\system32\DRIVERS\btath_rcp.sys
00:35:08.0874 4232 BTATH_RCP - ok
00:35:08.0926 4232 [ AA918AD9226F07577FF4C40E48524A5D ] BtFilter C:\windows\system32\DRIVERS\btfilter.sys
00:35:08.0937 4232 BtFilter - ok
00:35:08.0987 4232 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
00:35:08.0989 4232 BthEnum - ok
00:35:09.0026 4232 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
00:35:09.0028 4232 BTHMODEM - ok
00:35:09.0041 4232 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
00:35:09.0044 4232 BthPan - ok
00:35:09.0084 4232 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
00:35:09.0096 4232 BTHPORT - ok
00:35:09.0126 4232 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
00:35:09.0129 4232 bthserv - ok
00:35:09.0149 4232 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
00:35:09.0151 4232 BTHUSB - ok
00:35:09.0174 4232 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
00:35:09.0176 4232 cdfs - ok
00:35:09.0220 4232 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
00:35:09.0223 4232 cdrom - ok
00:35:09.0259 4232 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
00:35:09.0261 4232 CertPropSvc - ok
00:35:09.0287 4232 [ 274CE03459896006F7A5069266E0469E ] cfwids C:\windows\system32\drivers\cfwids.sys
00:35:09.0289 4232 cfwids - ok
00:35:09.0319 4232 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
00:35:09.0321 4232 circlass - ok
00:35:09.0357 4232 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
00:35:09.0362 4232 CLFS - ok
00:35:09.0413 4232 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:35:09.0414 4232 clr_optimization_v2.0.50727_32 - ok
00:35:09.0444 4232 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:35:09.0446 4232 clr_optimization_v2.0.50727_64 - ok
00:35:09.0529 4232 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:35:09.0531 4232 clr_optimization_v4.0.30319_32 - ok
00:35:09.0552 4232 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:35:09.0569 4232 clr_optimization_v4.0.30319_64 - ok
00:35:09.0603 4232 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
00:35:09.0604 4232 CmBatt - ok
00:35:09.0622 4232 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
00:35:09.0623 4232 cmdide - ok
00:35:09.0674 4232 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
00:35:09.0680 4232 CNG - ok
00:35:09.0729 4232 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
00:35:09.0731 4232 Compbatt - ok
00:35:09.0757 4232 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
00:35:09.0758 4232 CompositeBus - ok
00:35:09.0774 4232 COMSysApp - ok
00:35:09.0794 4232 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
00:35:09.0796 4232 crcdisk - ok
00:35:09.0831 4232 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
00:35:09.0834 4232 CryptSvc - ok
00:35:09.0880 4232 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
00:35:09.0890 4232 DcomLaunch - ok
00:35:09.0940 4232 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
00:35:09.0946 4232 defragsvc - ok
00:35:09.0979 4232 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
00:35:09.0982 4232 DfsC - ok
00:35:10.0027 4232 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
00:35:10.0032 4232 Dhcp - ok
00:35:10.0061 4232 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
00:35:10.0063 4232 discache - ok
00:35:10.0103 4232 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
00:35:10.0105 4232 Disk - ok
00:35:10.0140 4232 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
00:35:10.0143 4232 Dnscache - ok
00:35:10.0174 4232 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
00:35:10.0179 4232 dot3svc - ok
00:35:10.0216 4232 [ B42ED0320C6E41102FDE0005154849BB ] dot4 C:\windows\system32\DRIVERS\Dot4.sys
00:35:10.0219 4232 dot4 - ok
00:35:10.0239 4232 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\windows\system32\DRIVERS\dot4usb.sys
00:35:10.0241 4232 dot4usb - ok
00:35:10.0267 4232 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
00:35:10.0270 4232 DPS - ok
00:35:10.0298 4232 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
00:35:10.0299 4232 drmkaud - ok
00:35:10.0339 4232 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
00:35:10.0362 4232 DXGKrnl - ok
00:35:10.0388 4232 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
00:35:10.0391 4232 EapHost - ok
00:35:10.0464 4232 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
00:35:10.0522 4232 ebdrv - ok
00:35:10.0544 4232 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
00:35:10.0547 4232 EFS - ok
00:35:10.0623 4232 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
00:35:10.0629 4232 ehRecvr - ok
00:35:10.0645 4232 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
00:35:10.0647 4232 ehSched - ok
00:35:10.0694 4232 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
00:35:10.0706 4232 elxstor - ok
00:35:10.0716 4232 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
00:35:10.0718 4232 ErrDev - ok
00:35:10.0766 4232 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
00:35:10.0772 4232 EventSystem - ok
00:35:10.0807 4232 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
00:35:10.0810 4232 exfat - ok
00:35:10.0825 4232 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
00:35:10.0828 4232 fastfat - ok
00:35:10.0875 4232 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
00:35:10.0898 4232 Fax - ok
00:35:10.0915 4232 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
00:35:10.0917 4232 fdc - ok
00:35:10.0927 4232 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
00:35:10.0929 4232 fdPHost - ok
00:35:10.0944 4232 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
00:35:10.0947 4232 FDResPub - ok
00:35:10.0974 4232 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
00:35:10.0977 4232 FileInfo - ok
00:35:10.0997 4232 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
00:35:10.0999 4232 Filetrace - ok
00:35:11.0017 4232 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
00:35:11.0018 4232 flpydisk - ok
00:35:11.0042 4232 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
00:35:11.0047 4232 FltMgr - ok
00:35:11.0092 4232 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
00:35:11.0115 4232 FontCache - ok
00:35:11.0161 4232 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:35:11.0162 4232 FontCache3.0.0.0 - ok
00:35:11.0175 4232 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
00:35:11.0177 4232 FsDepends - ok
00:35:11.0217 4232 [ DC0DCE4EC2C5D2CF6472F9FD6AA9A7DC ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys
00:35:11.0219 4232 fssfltr - ok
00:35:11.0278 4232 [ 40CDFAD174B3D5E80F95DDA003C0B97F ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
00:35:11.0290 4232 fsssvc - ok
00:35:11.0329 4232 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
00:35:11.0330 4232 Fs_Rec - ok
00:35:11.0355 4232 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
00:35:11.0359 4232 fvevol - ok
00:35:11.0394 4232 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
00:35:11.0396 4232 gagp30kx - ok
00:35:11.0436 4232 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
00:35:11.0458 4232 gpsvc - ok
00:35:11.0498 4232 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:35:11.0499 4232 gupdate - ok
00:35:11.0504 4232 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:35:11.0506 4232 gupdatem - ok
00:35:11.0532 4232 [ F8F0851D336C3B88DBD7232B6348E09A ] hamachi C:\windows\system32\DRIVERS\hamachi.sys
00:35:11.0534 4232 hamachi - ok
00:35:11.0556 4232 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
00:35:11.0558 4232 hcw85cir - ok
00:35:11.0599 4232 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
00:35:11.0604 4232 HdAudAddService - ok
00:35:11.0635 4232 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
00:35:11.0638 4232 HDAudBus - ok
00:35:11.0643 4232 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
00:35:11.0644 4232 HidBatt - ok
00:35:11.0657 4232 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
00:35:11.0659 4232 HidBth - ok
00:35:11.0668 4232 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
00:35:11.0670 4232 HidIr - ok
00:35:11.0687 4232 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
00:35:11.0690 4232 hidserv - ok
00:35:11.0727 4232 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
00:35:11.0729 4232 HidUsb - ok
00:35:11.0757 4232 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
00:35:11.0761 4232 hkmsvc - ok
00:35:11.0780 4232 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
00:35:11.0785 4232 HomeGroupListener - ok
00:35:11.0821 4232 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
00:35:11.0827 4232 HomeGroupProvider - ok
00:35:11.0872 4232 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
00:35:11.0874 4232 HpSAMD - ok
00:35:11.0905 4232 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
00:35:11.0929 4232 HTTP - ok
00:35:11.0940 4232 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
00:35:11.0942 4232 hwpolicy - ok
00:35:11.0961 4232 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
00:35:11.0964 4232 i8042prt - ok
00:35:12.0016 4232 [ 26CF4275034214ECEDD8EC17B0A18A99 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
00:35:12.0021 4232 iaStor - ok
00:35:12.0064 4232 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
00:35:12.0069 4232 iaStorV - ok
00:35:12.0149 4232 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
00:35:12.0151 4232 IDriverT - ok
00:35:12.0185 4232 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:35:12.0192 4232 idsvc - ok
00:35:12.0442 4232 [ 0089B53F1BEFD34B7D8CA4AB021335FA ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
00:35:12.0668 4232 igfx - ok
00:35:12.0696 4232 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
00:35:12.0698 4232 iirsp - ok
00:35:12.0742 4232 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
00:35:12.0765 4232 IKEEXT - ok
00:35:12.0854 4232 [ 651972B4061F940DC154C6F7B948B76A ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
00:35:12.0912 4232 IntcAzAudAddService - ok
00:35:12.0968 4232 [ AE594CC17C33AC146739494615E14851 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
00:35:12.0972 4232 IntcDAud - ok
00:35:12.0985 4232 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
00:35:12.0987 4232 intelide - ok
00:35:13.0014 4232 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
00:35:13.0015 4232 intelppm - ok
00:35:13.0039 4232 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
00:35:13.0043 4232 IPBusEnum - ok
00:35:13.0062 4232 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
00:35:13.0065 4232 IpFilterDriver - ok
00:35:13.0120 4232 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
00:35:13.0138 4232 iphlpsvc - ok
00:35:13.0144 4232 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
00:35:13.0146 4232 IPMIDRV - ok
00:35:13.0175 4232 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
00:35:13.0232 4232 IPNAT - ok
00:35:13.0297 4232 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
00:35:13.0299 4232 IRENUM - ok
00:35:13.0307 4232 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
00:35:13.0309 4232 isapnp - ok
00:35:13.0323 4232 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
00:35:13.0328 4232 iScsiPrt - ok
00:35:13.0356 4232 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
00:35:13.0358 4232 kbdclass - ok
00:35:13.0379 4232 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
00:35:13.0381 4232 kbdhid - ok
00:35:13.0414 4232 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\windows\system32\DRIVERS\kbfiltr.sys
00:35:13.0416 4232 kbfiltr - ok
00:35:13.0444 4232 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
00:35:13.0447 4232 KeyIso - ok
00:35:13.0483 4232 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
00:35:13.0485 4232 KSecDD - ok
00:35:13.0519 4232 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
00:35:13.0522 4232 KSecPkg - ok
00:35:13.0545 4232 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
00:35:13.0547 4232 ksthunk - ok
00:35:13.0580 4232 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
00:35:13.0587 4232 KtmRm - ok
00:35:13.0662 4232 [ A4A9CA24E54E81C6C3E469EAEB4B3F42 ] L1C C:\windows\system32\DRIVERS\L1C62x64.sys
00:35:13.0664 4232 L1C - ok
00:35:13.0700 4232 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
00:35:13.0707 4232 LanmanServer - ok
00:35:13.0754 4232 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
00:35:13.0760 4232 LanmanWorkstation - ok
00:35:13.0814 4232 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
00:35:13.0816 4232 lltdio - ok
00:35:13.0863 4232 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
00:35:13.0869 4232 lltdsvc - ok
00:35:13.0895 4232 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
00:35:13.0906 4232 lmhosts - ok
00:35:13.0969 4232 [ 7F32D4C47A50E7223491E8FB9359907D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
00:35:13.0972 4232 LMS - ok
00:35:14.0025 4232 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
00:35:14.0028 4232 LSI_FC - ok
00:35:14.0033 4232 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
00:35:14.0036 4232 LSI_SAS - ok
00:35:14.0051 4232 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
00:35:14.0053 4232 LSI_SAS2 - ok
00:35:14.0066 4232 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
00:35:14.0069 4232 LSI_SCSI - ok
00:35:14.0086 4232 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
00:35:14.0089 4232 luafv - ok
00:35:14.0131 4232 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\windows\system32\drivers\mbam.sys
00:35:14.0132 4232 MBAMProtector - ok
00:35:14.0189 4232 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
00:35:14.0193 4232 MBAMScheduler - ok
00:35:14.0231 4232 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
00:35:14.0237 4232 MBAMService - ok
00:35:14.0355 4232 [ 597C77235621E7DDD32A68574FDE6464 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
00:35:14.0357 4232 McShield - ok
00:35:14.0385 4232 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
00:35:14.0389 4232 Mcx2Svc - ok
00:35:14.0397 4232 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
00:35:14.0399 4232 megasas - ok
00:35:14.0430 4232 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
00:35:14.0434 4232 MegaSR - ok
00:35:14.0486 4232 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
00:35:14.0488 4232 MEIx64 - ok
00:35:14.0523 4232 [ 01884CB7655C8908B43FF5E364FE6FD2 ] mfeapfk C:\windows\system32\drivers\mfeapfk.sys
00:35:14.0526 4232 mfeapfk - ok
00:35:14.0562 4232 [ DAB9A9CDFB04E4D68924492AA043019D ] mfeavfk C:\windows\system32\drivers\mfeavfk.sys
00:35:14.0566 4232 mfeavfk - ok
00:35:14.0580 4232 [ 134BB16F93A07C2C89B0B9C399382BDB ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
00:35:14.0583 4232 mfefire - ok
00:35:14.0607 4232 [ CE9A3680675C0907ADE16404CA967B49 ] mfefirek C:\windows\system32\drivers\mfefirek.sys
00:35:14.0613 4232 mfefirek - ok
00:35:14.0702 4232 [ 60CF67458DD29CD17E77F2327B1A9A54 ] mfehidk C:\windows\system32\drivers\mfehidk.sys
00:35:14.0724 4232 mfehidk - ok
00:35:14.0749 4232 [ A8129CFB919347F8533C934B365E9202 ] mfenlfk C:\windows\system32\DRIVERS\mfenlfk.sys
00:35:14.0751 4232 mfenlfk - ok
00:35:14.0777 4232 [ 5041FA2BD2B3A2693B015771BFBF6DCA ] mferkdet C:\windows\system32\drivers\mferkdet.sys
00:35:14.0780 4232 mferkdet - ok
00:35:14.0816 4232 [ 4D0ECD05ABB518EA323F651F4AB8458F ] mfevtp C:\Windows\system32\mfevtps.exe
00:35:14.0820 4232 mfevtp - ok
00:35:14.0834 4232 [ 919C56DB14A0E1E2AB6DA5D2821DC26E ] mfewfpk C:\windows\system32\drivers\mfewfpk.sys
00:35:14.0838 4232 mfewfpk - ok
00:35:14.0870 4232 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
00:35:14.0874 4232 MMCSS - ok
00:35:14.0881 4232 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
00:35:14.0883 4232 Modem - ok
00:35:14.0910 4232 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
00:35:14.0911 4232 monitor - ok
00:35:14.0962 4232 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
00:35:14.0964 4232 mouclass - ok
00:35:14.0981 4232 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
00:35:14.0992 4232 mouhid - ok
00:35:15.0029 4232 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
00:35:15.0032 4232 mountmgr - ok
00:35:15.0088 4232 [ 5C5E45DDABEFBC9F564F1D5C83258B8F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
00:35:15.0089 4232 MozillaMaintenance - ok
00:35:15.0105 4232 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
00:35:15.0108 4232 mpio - ok
00:35:15.0124 4232 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
00:35:15.0126 4232 mpsdrv - ok
00:35:15.0167 4232 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
00:35:15.0190 4232 MpsSvc - ok
00:35:15.0202 4232 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
00:35:15.0205 4232 MRxDAV - ok
00:35:15.0220 4232 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
00:35:15.0223 4232 mrxsmb - ok
00:35:15.0242 4232 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
00:35:15.0246 4232 mrxsmb10 - ok
00:35:15.0257 4232 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
00:35:15.0260 4232 mrxsmb20 - ok
00:35:15.0268 4232 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
00:35:15.0270 4232 msahci - ok
00:35:15.0284 4232 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
00:35:15.0287 4232 msdsm - ok
00:35:15.0314 4232 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
00:35:15.0318 4232 MSDTC - ok
00:35:15.0351 4232 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
00:35:15.0353 4232 Msfs - ok
00:35:15.0369 4232 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
00:35:15.0370 4232 mshidkmdf - ok
00:35:15.0384 4232 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
00:35:15.0385 4232 msisadrv - ok
00:35:15.0436 4232 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
00:35:15.0440 4232 MSiSCSI - ok

[makuko271]

00:35:15.0445 4232 msiserver - ok
00:35:15.0483 4232 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
00:35:15.0485 4232 MSKSSRV - ok
00:35:15.0494 4232 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
00:35:15.0495 4232 MSPCLOCK - ok
00:35:15.0501 4232 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
00:35:15.0503 4232 MSPQM - ok
00:35:15.0522 4232 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
00:35:15.0527 4232 MsRPC - ok
00:35:15.0543 4232 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
00:35:15.0545 4232 mssmbios - ok
00:35:15.0550 4232 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
00:35:15.0552 4232 MSTEE - ok
00:35:15.0566 4232 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
00:35:15.0568 4232 MTConfig - ok
00:35:15.0581 4232 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
00:35:15.0583 4232 Mup - ok
00:35:15.0611 4232 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
00:35:15.0620 4232 napagent - ok
00:35:15.0656 4232 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
00:35:15.0660 4232 NativeWifiP - ok
00:35:15.0714 4232 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
00:35:15.0737 4232 NDIS - ok
00:35:15.0803 4232 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
00:35:15.0805 4232 NdisCap - ok
00:35:15.0837 4232 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
00:35:15.0860 4232 NdisTapi - ok
00:35:15.0886 4232 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
00:35:15.0888 4232 Ndisuio - ok
00:35:15.0904 4232 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
00:35:15.0907 4232 NdisWan - ok
00:35:15.0916 4232 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
00:35:15.0918 4232 NDProxy - ok
00:35:15.0942 4232 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
00:35:15.0944 4232 NetBIOS - ok
00:35:15.0963 4232 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
00:35:15.0967 4232 NetBT - ok
00:35:15.0999 4232 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
00:35:16.0002 4232 Netlogon - ok
00:35:16.0043 4232 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
00:35:16.0050 4232 Netman - ok
00:35:16.0090 4232 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:35:16.0101 4232 NetMsmqActivator - ok
00:35:16.0106 4232 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:35:16.0109 4232 NetPipeActivator - ok
00:35:16.0153 4232 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
00:35:16.0161 4232 netprofm - ok
00:35:16.0201 4232 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:35:16.0203 4232 NetTcpActivator - ok
00:35:16.0208 4232 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:35:16.0210 4232 NetTcpPortSharing - ok
00:35:16.0254 4232 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
00:35:16.0256 4232 nfrd960 - ok
00:35:16.0300 4232 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll
00:35:16.0307 4232 NlaSvc - ok
00:35:16.0355 4232 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
00:35:16.0357 4232 Npfs - ok
00:35:16.0379 4232 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
00:35:16.0383 4232 nsi - ok
00:35:16.0391 4232 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
00:35:16.0392 4232 nsiproxy - ok
00:35:16.0447 4232 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
00:35:16.0482 4232 Ntfs - ok
00:35:16.0491 4232 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
00:35:16.0492 4232 Null - ok
00:35:16.0533 4232 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
00:35:16.0537 4232 nvraid - ok
00:35:16.0553 4232 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
00:35:16.0556 4232 nvstor - ok
00:35:16.0577 4232 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
00:35:16.0579 4232 nv_agp - ok
00:35:16.0663 4232 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:35:16.0667 4232 odserv - ok
00:35:16.0679 4232 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
00:35:16.0682 4232 ohci1394 - ok
00:35:16.0725 4232 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:35:16.0727 4232 ose - ok
00:35:16.0767 4232 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
00:35:16.0774 4232 p2pimsvc - ok
00:35:16.0819 4232 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
00:35:16.0831 4232 p2psvc - ok
00:35:16.0852 4232 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
00:35:16.0855 4232 Parport - ok
00:35:16.0892 4232 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
00:35:16.0894 4232 partmgr - ok
00:35:16.0928 4232 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
00:35:16.0934 4232 PcaSvc - ok
00:35:16.0951 4232 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
00:35:16.0954 4232 pci - ok
00:35:16.0967 4232 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
00:35:16.0969 4232 pciide - ok
00:35:16.0987 4232 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
00:35:16.0990 4232 pcmcia - ok
00:35:17.0005 4232 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
00:35:17.0006 4232 pcw - ok
00:35:17.0032 4232 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
00:35:17.0055 4232 PEAUTH - ok
00:35:17.0115 4232 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
00:35:17.0118 4232 PerfHost - ok
00:35:17.0165 4232 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
00:35:17.0200 4232 pla - ok
00:35:17.0248 4232 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
00:35:17.0256 4232 PlugPlay - ok
00:35:17.0273 4232 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
00:35:17.0278 4232 PNRPAutoReg - ok
00:35:17.0300 4232 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
00:35:17.0306 4232 PNRPsvc - ok
00:35:17.0341 4232 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
00:35:17.0348 4232 PolicyAgent - ok
00:35:17.0382 4232 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
00:35:17.0388 4232 Power - ok
00:35:17.0427 4232 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
00:35:17.0430 4232 PptpMiniport - ok
00:35:17.0448 4232 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
00:35:17.0450 4232 Processor - ok
00:35:17.0477 4232 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
00:35:17.0482 4232 ProfSvc - ok
00:35:17.0499 4232 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
00:35:17.0502 4232 ProtectedStorage - ok
00:35:17.0536 4232 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
00:35:17.0539 4232 Psched - ok
00:35:17.0578 4232 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
00:35:17.0613 4232 ql2300 - ok
00:35:17.0633 4232 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
00:35:17.0637 4232 ql40xx - ok
00:35:17.0662 4232 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
00:35:17.0668 4232 QWAVE - ok
00:35:17.0683 4232 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
00:35:17.0685 4232 QWAVEdrv - ok
00:35:17.0690 4232 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
00:35:17.0692 4232 RasAcd - ok
00:35:17.0716 4232 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
00:35:17.0717 4232 RasAgileVpn - ok
00:35:17.0734 4232 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
00:35:17.0740 4232 RasAuto - ok
00:35:17.0803 4232 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
00:35:17.0806 4232 Rasl2tp - ok
00:35:17.0834 4232 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
00:35:17.0842 4232 RasMan - ok
00:35:17.0879 4232 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
00:35:17.0882 4232 RasPppoe - ok
00:35:17.0894 4232 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
00:35:17.0896 4232 RasSstp - ok
00:35:17.0918 4232 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
00:35:17.0922 4232 rdbss - ok
00:35:17.0961 4232 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
00:35:17.0962 4232 rdpbus - ok
00:35:17.0990 4232 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
00:35:17.0991 4232 RDPCDD - ok
00:35:18.0001 4232 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
00:35:18.0002 4232 RDPENCDD - ok
00:35:18.0012 4232 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
00:35:18.0014 4232 RDPREFMP - ok
00:35:18.0047 4232 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
00:35:18.0050 4232 RDPWD - ok
00:35:18.0095 4232 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
00:35:18.0099 4232 rdyboost - ok
00:35:18.0130 4232 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
00:35:18.0134 4232 RemoteAccess - ok
00:35:18.0163 4232 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
00:35:18.0168 4232 RemoteRegistry - ok
00:35:18.0195 4232 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
00:35:18.0198 4232 RFCOMM - ok
00:35:18.0217 4232 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
00:35:18.0222 4232 RpcEptMapper - ok
00:35:18.0238 4232 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
00:35:18.0241 4232 RpcLocator - ok
00:35:18.0258 4232 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
00:35:18.0266 4232 RpcSs - ok
00:35:18.0299 4232 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
00:35:18.0301 4232 rspndr - ok
00:35:18.0321 4232 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
00:35:18.0324 4232 SamSs - ok
00:35:18.0343 4232 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
00:35:18.0346 4232 sbp2port - ok
00:35:18.0373 4232 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
00:35:18.0379 4232 SCardSvr - ok
00:35:18.0398 4232 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
00:35:18.0400 4232 scfilter - ok
00:35:18.0435 4232 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
00:35:18.0459 4232 Schedule - ok
00:35:18.0481 4232 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
00:35:18.0482 4232 SCPolicySvc - ok
00:35:18.0505 4232 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
00:35:18.0511 4232 SDRSVC - ok
00:35:18.0545 4232 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
00:35:18.0547 4232 secdrv - ok
00:35:18.0566 4232 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
00:35:18.0570 4232 seclogon - ok
00:35:18.0585 4232 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
00:35:18.0590 4232 SENS - ok
00:35:18.0611 4232 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
00:35:18.0616 4232 SensrSvc - ok
00:35:18.0632 4232 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
00:35:18.0634 4232 Serenum - ok
00:35:18.0660 4232 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
00:35:18.0662 4232 Serial - ok
00:35:18.0667 4232 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
00:35:18.0669 4232 sermouse - ok
00:35:18.0708 4232 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
00:35:18.0714 4232 SessionEnv - ok
00:35:18.0718 4232 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
00:35:18.0720 4232 sffdisk - ok
00:35:18.0725 4232 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
00:35:18.0727 4232 sffp_mmc - ok
00:35:18.0732 4232 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
00:35:18.0734 4232 sffp_sd - ok
00:35:18.0740 4232 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
00:35:18.0742 4232 sfloppy - ok
00:35:18.0786 4232 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
00:35:18.0792 4232 SharedAccess - ok
00:35:18.0815 4232 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
00:35:18.0823 4232 ShellHWDetection - ok
00:35:18.0864 4232 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\windows\system32\DRIVERS\SiSG664.sys
00:35:18.0866 4232 SiSGbeLH - ok
00:35:18.0896 4232 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
00:35:18.0898 4232 SiSRaid2 - ok
00:35:18.0903 4232 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
00:35:18.0906 4232 SiSRaid4 - ok
00:35:18.0973 4232 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
00:35:18.0975 4232 SkypeUpdate - ok
00:35:19.0000 4232 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
00:35:19.0003 4232 Smb - ok
00:35:19.0052 4232 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
00:35:19.0057 4232 SNMPTRAP - ok
00:35:19.0070 4232 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
00:35:19.0072 4232 spldr - ok
00:35:19.0112 4232 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
00:35:19.0129 4232 Spooler - ok
00:35:19.0201 4232 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
00:35:19.0270 4232 sppsvc - ok
00:35:19.0292 4232 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
00:35:19.0297 4232 sppuinotify - ok
00:35:19.0327 4232 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
00:35:19.0333 4232 srv - ok
00:35:19.0348 4232 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
00:35:19.0353 4232 srv2 - ok
00:35:19.0364 4232 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
00:35:19.0367 4232 srvnet - ok
00:35:19.0406 4232 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
00:35:19.0412 4232 SSDPSRV - ok
00:35:19.0430 4232 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
00:35:19.0435 4232 SstpSvc - ok
00:35:19.0483 4232 Steam Client Service - ok
00:35:19.0499 4232 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
00:35:19.0501 4232 stexstor - ok
00:35:19.0552 4232 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
00:35:19.0569 4232 stisvc - ok
00:35:19.0580 4232 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
00:35:19.0582 4232 swenum - ok
00:35:19.0625 4232 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
00:35:19.0648 4232 swprv - ok
00:35:19.0700 4232 [ 7E8902F9929A5D9FFD0F545332CE0F10 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
00:35:19.0734 4232 SynTP - ok
00:35:19.0801 4232 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
00:35:19.0858 4232 SysMain - ok
00:35:19.0897 4232 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
00:35:19.0903 4232 TabletInputService - ok
00:35:19.0957 4232 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
00:35:19.0964 4232 TapiSrv - ok
00:35:19.0975 4232 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
00:35:19.0980 4232 TBS - ok
00:35:20.0055 4232 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\windows\system32\drivers\tcpip.sys
00:35:20.0101 4232 Tcpip - ok
00:35:20.0154 4232 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
00:35:20.0170 4232 TCPIP6 - ok
00:35:20.0212 4232 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
00:35:20.0214 4232 tcpipreg - ok
00:35:20.0256 4232 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
00:35:20.0259 4232 TDPIPE - ok
00:35:20.0284 4232 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
00:35:20.0286 4232 TDTCP - ok
00:35:20.0302 4232 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
00:35:20.0305 4232 tdx - ok
00:35:20.0339 4232 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
00:35:20.0341 4232 TermDD - ok
00:35:20.0375 4232 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
00:35:20.0398 4232 TermService - ok
00:35:20.0414 4232 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
00:35:20.0419 4232 Themes - ok
00:35:20.0436 4232 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
00:35:20.0440 4232 THREADORDER - ok
00:35:20.0472 4232 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\windows\system32\drivers\tpm.sys
00:35:20.0474 4232 TPM - ok
00:35:20.0503 4232 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
00:35:20.0509 4232 TrkWks - ok
00:35:20.0564 4232 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
00:35:20.0566 4232 TrustedInstaller - ok
00:35:20.0581 4232 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
00:35:20.0583 4232 tssecsrv - ok
00:35:20.0617 4232 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
00:35:20.0619 4232 TsUsbFlt - ok
00:35:20.0637 4232 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
00:35:20.0639 4232 TsUsbGD - ok
00:35:20.0662 4232 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
00:35:20.0664 4232 tunnel - ok
00:35:20.0669 4232 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
00:35:20.0672 4232 uagp35 - ok
00:35:20.0690 4232 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
00:35:20.0695 4232 udfs - ok
00:35:20.0716 4232 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
00:35:20.0721 4232 UI0Detect - ok
00:35:20.0746 4232 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
00:35:20.0748 4232 uliagpkx - ok
00:35:20.0794 4232 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
00:35:20.0796 4232 umbus - ok
00:35:20.0801 4232 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
00:35:20.0803 4232 UmPass - ok
00:35:20.0903 4232 [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
00:35:20.0923 4232 UNS - ok
00:35:20.0963 4232 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
00:35:20.0970 4232 upnphost - ok
00:35:20.0991 4232 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
00:35:20.0994 4232 usbccgp - ok
00:35:21.0022 4232 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
00:35:21.0025 4232 usbcir - ok
00:35:21.0037 4232 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
00:35:21.0039 4232 usbehci - ok
00:35:21.0065 4232 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
00:35:21.0069 4232 usbhub - ok
00:35:21.0075 4232 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
00:35:21.0077 4232 usbohci - ok
00:35:21.0100 4232 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\drivers\usbprint.sys
00:35:21.0103 4232 usbprint - ok
00:35:21.0116 4232 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
00:35:21.0119 4232 USBSTOR - ok
00:35:21.0131 4232 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
00:35:21.0133 4232 usbuhci - ok
00:35:21.0170 4232 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
00:35:21.0173 4232 usbvideo - ok
00:35:21.0198 4232 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
00:35:21.0203 4232 UxSms - ok
00:35:21.0221 4232 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
00:35:21.0224 4232 VaultSvc - ok
00:35:21.0260 4232 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
00:35:21.0262 4232 vdrvroot - ok
00:35:21.0301 4232 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
00:35:21.0321 4232 vds - ok
00:35:21.0345 4232 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
00:35:21.0347 4232 vga - ok
00:35:21.0358 4232 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
00:35:21.0359 4232 VgaSave - ok
00:35:21.0379 4232 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
00:35:21.0383 4232 vhdmp - ok
00:35:21.0387 4232 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
00:35:21.0390 4232 viaide - ok
00:35:21.0406 4232 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
00:35:21.0408 4232 volmgr - ok
00:35:21.0424 4232 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
00:35:21.0429 4232 volmgrx - ok
00:35:21.0442 4232 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\windows\system32\drivers\volsnap.sys
00:35:21.0447 4232 volsnap - ok
00:35:21.0479 4232 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
00:35:21.0483 4232 vsmraid - ok
00:35:21.0540 4232 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
00:35:21.0575 4232 VSS - ok
00:35:21.0589 4232 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
00:35:21.0591 4232 vwifibus - ok
00:35:21.0609 4232 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
00:35:21.0611 4232 vwififlt - ok
00:35:21.0642 4232 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
00:35:21.0644 4232 vwifimp - ok
00:35:21.0672 4232 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
00:35:21.0680 4232 W32Time - ok
00:35:21.0695 4232 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
00:35:21.0697 4232 WacomPen - ok
00:35:21.0742 4232 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
00:35:21.0773 4232 WANARP - ok
00:35:21.0813 4232 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
00:35:21.0815 4232 Wanarpv6 - ok
00:35:21.0894 4232 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
00:35:21.0929 4232 WatAdminSvc - ok
00:35:21.0990 4232 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
00:35:22.0046 4232 wbengine - ok
00:35:22.0063 4232 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
00:35:22.0069 4232 WbioSrvc - ok
00:35:22.0084 4232 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
00:35:22.0092 4232 wcncsvc - ok
00:35:22.0114 4232 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
00:35:22.0119 4232 WcsPlugInService - ok
00:35:22.0152 4232 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
00:35:22.0154 4232 Wd - ok
00:35:22.0199 4232 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
00:35:22.0222 4232 Wdf01000 - ok
00:35:22.0236 4232 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
00:35:22.0241 4232 WdiServiceHost - ok
00:35:22.0246 4232 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
00:35:22.0252 4232 WdiSystemHost - ok
00:35:22.0283 4232 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
00:35:22.0290 4232 WebClient - ok
00:35:22.0310 4232 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
00:35:22.0318 4232 Wecsvc - ok
00:35:22.0332 4232 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
00:35:22.0338 4232 wercplsupport - ok
00:35:22.0357 4232 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
00:35:22.0363 4232 WerSvc - ok
00:35:22.0390 4232 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
00:35:22.0392 4232 WfpLwf - ok
00:35:22.0433 4232 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\windows\system32\DRIVERS\wimfltr.sys
00:35:22.0437 4232 WimFltr - ok
00:35:22.0456 4232 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
00:35:22.0458 4232 WIMMount - ok
00:35:22.0485 4232 WinDefend - ok
00:35:22.0495 4232 WinHttpAutoProxySvc - ok
00:35:22.0535 4232 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
00:35:22.0538 4232 Winmgmt - ok
00:35:22.0600 4232 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
00:35:22.0646 4232 WinRM - ok
00:35:22.0694 4232 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUSB.sys
00:35:22.0696 4232 WinUsb - ok
00:35:22.0735 4232 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
00:35:22.0758 4232 Wlansvc - ok
00:35:22.0833 4232 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
00:35:22.0834 4232 wlcrasvc - ok
00:35:22.0947 4232 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:35:22.0964 4232 wlidsvc - ok
00:35:22.0999 4232 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
00:35:23.0001 4232 WmiAcpi - ok
00:35:23.0028 4232 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
00:35:23.0031 4232 wmiApSrv - ok
00:35:23.0050 4232 WMPNetworkSvc - ok
00:35:23.0081 4232 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
00:35:23.0087 4232 WPCSvc - ok
00:35:23.0108 4232 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
00:35:23.0115 4232 WPDBusEnum - ok
00:35:23.0136 4232 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
00:35:23.0137 4232 ws2ifsl - ok
00:35:23.0159 4232 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll
00:35:23.0165 4232 wscsvc - ok
00:35:23.0171 4232 WSearch - ok
00:35:23.0243 4232 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
00:35:23.0289 4232 wuauserv - ok
00:35:23.0323 4232 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
00:35:23.0325 4232 WudfPf - ok
00:35:23.0349 4232 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
00:35:23.0352 4232 WUDFRd - ok
00:35:23.0373 4232 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
00:35:23.0379 4232 wudfsvc - ok
00:35:23.0407 4232 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
00:35:23.0449 4232 WwanSvc - ok
00:35:23.0506 4232 [ D83C2FF7EA53E66B8EA7901D710494EA ] ZAtheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
00:35:23.0508 4232 ZAtheros Bt&Wlan Coex Agent - ok
00:35:23.0551 4232 ================ Scan global ===============================
00:35:23.0575 4232 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
00:35:23.0598 4232 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll
00:35:23.0609 4232 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll
00:35:23.0638 4232 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
00:35:23.0666 4232 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
00:35:23.0673 4232 [Global] - ok
00:35:23.0673 4232 ================ Scan MBR ==================================
00:35:23.0686 4232 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
00:35:23.0865 4232 \Device\Harddisk0\DR0 - ok
00:35:23.0865 4232 ================ Scan VBR ==================================
00:35:23.0879 4232 [ 5E2ACFC3485301820C8FD3B23C302A21 ] \Device\Harddisk0\DR0\Partition1
00:35:23.0881 4232 \Device\Harddisk0\DR0\Partition1 - ok
00:35:23.0881 4232 ============================================================
00:35:23.0881 4232 Scan finished
00:35:23.0881 4232 ============================================================
00:35:23.0892 1160 Detected object count: 0
00:35:23.0892 1160 Actual detected object count: 0
00:35:40.0947 4988 Deinitialize success

[makuko271]

Scanning for infected files . . .
This typically doesn't take more than 10 minutes
However, scan times for badly infected machines m

Completed Stage_1
Completed Stage_2
Completed Stage_3
Completed Stage_4
Completed Stage_5
Completed Stage_6
Completed Stage_6A
Completed Stage_7
Completed Stage_8
Completed Stage_9
Completed Stage_10
Completed Stage_11
Completed Stage_12
Completed Stage_13
Completed Stage_14
Completed Stage_15
Completed Stage_16
Completed Stage_17
Completed Stage_18
Completed Stage_19
Completed Stage_19B
Completed Stage_20
Completed Stage_21
Completed Stage_22
Completed Stage_23
Completed Stage_24
Completed Stage_25
Completed Stage_26
Completed Stage_27
Completed Stage_28
Completed Stage_29
Completed Stage_30
Completed Stage_31
Completed Stage_32
Completed Stage_32A
Completed Stage_33
Completed Stage_34
Completed Stage_35
Completed Stage_36
Completed Stage_37
Completed Stage_38
Completed Stage_39
Completed Stage_40
Completed Stage_41
Completed Stage_42
Completed Stage_43
Completed Stage_44
Completed Stage_45
Completed Stage_46
Completed Stage_47
Completed Stage_48
Completed Stage_49
Completed Stage_50

System file is infected !! Attempting to restore
"C:\windows\SysWow64\Drivers\atapi.sys"

[memphisto]

To není log z Combofixu. To je jen výpis z příkazového řádku při vykonávání Combofixu. Log z CF vyskočí po restartu PC.

[makuko271]

ComboFix 13-03-07.03 - michal . 03. 2013 17:59:04.3.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.4000.2153 [GMT 1:00]
Running from: c:\users\michal\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\programdata\FullRemove.exe
c:\windows\iun6002.exe
c:\windows\msvcr71.dll
.
.
((((((((((((((((((((((((( Files Created from 2013-02-08 to 2013-03-08 )))))))))))))))))))))))))))))))
.
.
2013-03-08 17:07 . 2013-03-08 17:07 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-06 22:21 . 2013-03-06 22:21 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2013-03-06 22:01 . 2013-03-06 22:01 -------- d-----w- c:\users\michal\AppData\Roaming\Malwarebytes
2013-03-06 22:01 . 2013-03-06 22:01 -------- d-----w- c:\programdata\Malwarebytes
2013-03-06 22:01 . 2013-03-06 22:01 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-03-06 22:01 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-06 22:00 . 2013-03-06 22:00 -------- d-----w- c:\users\michal\AppData\Local\Programs
2013-03-06 05:04 . 2013-03-06 05:04 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-06 05:04 . 2013-03-06 05:04 -------- d-----w- c:\program files (x86)\Java
2013-03-05 18:38 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\SysWow64\D3DX9_42.dll
2013-03-05 18:37 . 2008-07-31 09:41 238088 ----a-w- c:\windows\SysWow64\xactengine3_2.dll
2013-03-05 18:36 . 2008-05-30 13:11 1941528 ----a-w- c:\windows\system32\D3DCompiler_38.dll
2013-03-05 18:35 . 2005-02-05 18:45 3544272 ----a-w- c:\windows\system32\d3dx9_24.dll
2013-03-05 13:23 . 2013-02-19 02:57 9162192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D890F3F1-78F3-4E32-AF9D-3C70B3186CCE}\mpengine.dll
2013-03-04 18:50 . 2013-02-28 08:36 377992 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-03-04 18:50 . 2013-02-28 08:36 33472 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-03-04 18:50 . 2013-02-28 08:36 68992 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-03-04 18:50 . 2013-02-28 08:36 71064 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-03-04 18:50 . 2013-02-28 08:36 177672 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-04 18:50 . 2013-02-28 08:36 65408 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-04 18:50 . 2013-02-28 08:36 1025880 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-04 18:50 . 2013-02-28 08:36 80888 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-04 18:50 . 2013-02-28 08:35 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-03-04 18:50 . 2013-02-28 08:36 41664 ----a-w- c:\windows\avastSS.scr
2013-03-04 18:50 . 2013-03-04 18:50 -------- d-----w- c:\program files\AVAST Software
2013-03-04 18:49 . 2013-03-04 18:50 -------- d-----w- c:\programdata\AVAST Software
2013-03-04 18:43 . 2013-01-17 00:28 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-03-04 15:17 . 2013-03-04 18:17 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2013-03-04 15:17 . 2013-03-04 18:17 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2013-02-28 10:04 . 2007-03-12 15:42 4494184 ----a-w- c:\windows\system32\d3dx9_33.dll
2013-02-24 13:42 . 2013-02-24 13:42 -------- d-----w- c:\users\michal\AppData\Local\Macromedia
2013-02-24 13:41 . 2013-02-27 11:06 71024 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-24 13:41 . 2013-02-27 11:06 691568 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-24 13:41 . 2013-02-24 13:41 -------- d-----w- c:\windows\system32\Macromed
2013-02-23 19:51 . 2013-02-23 19:51 -------- d-----w- c:\users\michal\AppData\Local\Mozilla
2013-02-23 19:51 . 2013-03-06 12:41 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2013-02-22 20:25 . 2013-02-22 20:25 -------- d-----w- c:\users\michal\AppData\Local\Oberon Games
2013-02-22 20:16 . 2013-03-04 18:17 -------- d-----w- c:\program files (x86)\Common Files\Steam
2013-02-22 20:16 . 2013-03-08 16:54 -------- d-----w- c:\program files (x86)\Steam
2013-02-22 20:13 . 2013-02-22 20:13 -------- d-----w- c:\program files\CCleaner
2013-02-22 20:10 . 2004-03-08 23:00 132880 ----a-w- c:\windows\SysWow64\MSINET.OCX
2013-02-18 19:40 . 2013-01-09 01:10 996352 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-18 19:40 . 2013-01-08 22:01 768000 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-18 16:53 . 2013-01-05 05:53 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-02-18 16:53 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-02-18 16:53 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-02-18 16:53 . 2013-01-04 03:26 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-02-18 16:52 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-02-18 16:52 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-02-18 16:52 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-02-18 16:52 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-02-18 16:52 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-02-18 16:52 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-02-18 16:52 . 2013-01-03 06:00 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-02-18 16:52 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-16 09:43 . 2010-05-26 10:41 1907552 ----a-w- c:\windows\system32\d3dcsx_43.dll
2013-02-15 17:45 . 2013-02-15 17:45 -------- d-----w- C:\New Folder
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-08 16:54 . 2012-11-05 08:01 380 ----a-w- c:\users\michal\AppData\Roaming\sp_data.sys
2013-03-06 05:04 . 2013-01-01 01:18 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-03-06 05:04 . 2013-01-01 01:18 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-02-18 19:44 . 2012-11-20 12:56 70004024 ----a-w- c:\windows\system32\MRT.exe
2013-01-29 12:37 . 2012-11-28 13:36 1361200 ----a-w- c:\windows\system32\dmwu.exe
2013-01-29 12:36 . 2012-11-28 13:36 35328 ----a-w- c:\windows\system32\ImHttpComm.dll
2013-01-15 06:36 . 2013-01-15 06:36 45056 ----a-w- c:\windows\SysWow64\acovcnt.exe
2013-01-04 04:43 . 2013-02-18 16:52 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-12-16 17:11 . 2012-12-21 15:09 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-21 15:09 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 15:09 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-21 15:09 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-01-08 18705664]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2013-02-25 1602984]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2012-02-24 3331312]
"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe" [2011-07-29 737104]
"SonicMasterTray"="c:\program files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe" [2010-07-10 984400]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2011-12-23 318080]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2011-10-25 174720]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2011-10-19 2319536]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-02-28 4767304]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\users\michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
hamachi.lnk - c:\users\michal\Desktop\gi\hamachi.exe [N/A]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2012-2-24 549040]
FancyStart daemon.lnk - c:\windows\Installer\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\_77B5857C27147149171BE7.exe [2012-11-5 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-11-29 36000]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-11-29 330912]
R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [2011-11-29 110752]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-11-29 167584]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-11-29 68256]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-11-29 280992]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-11-29 533152]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-02-22 65264]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-02-22 100912]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2012-11-20 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-02-22 289664]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2012-02-22 75936]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2011-03-04 379520]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [2012-02-17 277120]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-02-28 80888]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-11-29 106144]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-05-25 210616]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-05-25 162224]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-11-29 158880]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2011-11-22 130024]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2011-11-22 395752]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-11-29 30368]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-11-03 317440]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-08-24 76912]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-02-22 487296]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-05 17:22 1630672 ----a-w- c:\program files (x86)\Google\Chrome\Application\25.0.1364.152\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-03-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-24 11:06]
.
2013-03-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-24 11:40]
.
2013-03-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-24 11:40]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-02-28 08:35 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-11-03 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-11-03 392472]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-03-21 361984]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-08-16 2277480]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-11-29 983200]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-11-29 800416]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovať do programu Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\michal\AppData\Roaming\Mozilla\Firefox\Profiles\12k3mu47.default\
FF - prefs.js: browser.startup.homepage - www.google.sk
FF - ExtSQL: 2013-03-04 19:50; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SynAsusAcpi - c:\program files (x86)\Synaptics\SynTP\SynAsusAcpi.exe
AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr
AddRemove-Cool's_Codec_pack_4.12 - c:\windows\iun6002.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-6360699-2583704273-3681457248-1000\Software\SecuROM\License information*]
"datasecu"=hex:30,9e,f0,a6,02,f9,93,14,bc,d2,dd,61,6c,71,29,88,9d,46,4e,77,8c,
67,3e,95,8a,9c,bf,77,2c,0b,5d,7d,04,ac,fa,5f,24,8d,32,0a,ec,6a,3b,5c,14,03,\
"rkeysecu"=hex:e0,ca,f5,ac,12,b0,11,2d,4c,06,42,41,5b,37,d8,48
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-03-08 18:10:54
ComboFix-quarantined-files.txt 2013-03-08 17:10
.
Pre-Run: 398 296 109 056 bytes free
Post-Run: 397 675 040 768 bytes free
.
- - End Of File - - A4F891B3F62686D7895CD58794253B6B