Kontrola - padání zásuvného modulu Adobe Flash Vyřešeno

[divine]

Ahoj,
na doporučení MiliNesse házím LOG. Děkuji

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:13:54, on 28.3.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16521)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\michal\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13415
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\michal\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\michal\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hauppauge MSi2500 DVBT Service (hcwD3bda_dvbt) - Unknown owner - C:\Windows\system32\hauppauge\hcwD3dvb\DVBT\DVBService.exe (file missing)
O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - Unknown owner - C:\Windows\SysWOW64\ssins.exe
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11558 bytes

[Reklama]

[Žbeky]

Fixni:

Kód: Vybrat vše

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPDTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\michal\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\michal\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

[divine]

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.70.0.1100
www.malwarebytes.org

Verze: v2013.03.29.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16521
michal :: MICHAL-HP [administrátor]

Ochrana: Povolena

29.3.2013 8:35:05
mbam-log-2013-03-29 (08-35-05).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 230671
Uplynulý čas: 1 minut, 35 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)


_______________________________________________________________________________________________________________________

# AdwCleaner v2.115 - Log vytvooen 29/03/2013 v 08:37:40
# Aktualizováno 17/03/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : michal - MICHAL-HP
# Spuštin systém : Normální
# Spuštino z : C:\Users\michal\Downloads\adwcleaner.exe
# Volba [Prohledat]


***** [Služby] *****


***** [Soubory / Složky] *****


***** [Registry] *****

Klíe Nalezeno : HKCU\Software\Softonic
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Klíe Nalezeno : HKU\S-1-5-21-4116808529-2443133514-252800904-1000\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v10.0.9200.16521

[OK] Registry jsou eisté.

-\\ Mozilla Firefox v19.0.2 (cs)

Soubor : C:\Users\michal\AppData\Roaming\Mozilla\Firefox\Profiles\biyqoay2.default\prefs.js

[OK] Soubor je eistý.

-\\ Google Chrome v25.0.1364.172

Soubor : C:\Users\michal\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [1484 octets] - [29/03/2013 08:37:40]

########## EOF - C:\AdwCleaner[R1].txt - [1544 octets] ##########

[jaro3]

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Delete“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[divine]

# AdwCleaner v2.115 - Log vytvooen 29/03/2013 v 12:49:07
# Aktualizováno 17/03/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : michal - MICHAL-HP
# Spuštin systém : Normální
# Spuštino z : C:\Users\michal\Downloads\adwcleaner.exe
# Volba [Vymazat]


***** [Služby] *****


***** [Soubory / Složky] *****


***** [Registry] *****

Klíe Vymazáno : HKCU\Software\Softonic
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v10.0.9200.16521

[OK] Registry jsou eisté.

-\\ Mozilla Firefox v19.0.2 (cs)

Soubor : C:\Users\michal\AppData\Roaming\Mozilla\Firefox\Profiles\biyqoay2.default\prefs.js

[OK] Soubor je eistý.

-\\ Google Chrome v25.0.1364.172

Soubor : C:\Users\michal\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [1609 octets] - [29/03/2013 08:37:40]
AdwCleaner[R2].txt - [1669 octets] - [29/03/2013 08:38:00]
AdwCleaner[S1].txt - [1446 octets] - [29/03/2013 12:49:07]

########## EOF - C:\AdwCleaner[S1].txt - [1506 octets] ##########



RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : michal [Práva správce]
Mód : Kontrola -- Datum : 03/29/2013 12:54:17
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[HJPOL] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST1000DM003-9YN162 +++++
--- User ---
[MBR] 0abca2410974f07a2513428d582ee4c5
[BSP] 905c24470915bd40287f3758ceff7d88 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206911 | Size: 940741 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1926844416 | Size: 13026 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[1]_S_03292013_02d1254.txt >>
RKreport[1]_S_03292013_02d1254.txt

[jaro3]

Zavři všechny programy a prohlížeče.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.

Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Scan "
- Klikni na "Delete"
- Počkej, dokud Status box zobrazuje "Smazání- Finished "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [1]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

[divine]

RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : michal [Práva správce]
Mód : Odebrat -- Datum : 03/30/2013 08:53:39
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[HJPOL] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST1000DM003-9YN162 +++++
--- User ---
[MBR] 0abca2410974f07a2513428d582ee4c5
[BSP] 905c24470915bd40287f3758ceff7d88 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206911 | Size: 940741 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1926844416 | Size: 13026 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[2]_D_03302013_02d0853.txt >>
RKreport[1]_S_03302013_02d0853.txt ; RKreport[2]_D_03302013_02d0853.txt




08:55:10.0452 6128 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
08:55:10.0585 6128 ============================================================
08:55:10.0585 6128 Current date / time: 2013/03/30 08:55:10.0585
08:55:10.0585 6128 SystemInfo:
08:55:10.0585 6128
08:55:10.0585 6128 OS Version: 6.1.7601 ServicePack: 1.0
08:55:10.0585 6128 Product type: Workstation
08:55:10.0585 6128 ComputerName: MICHAL-HP
08:55:10.0585 6128 UserName: michal
08:55:10.0585 6128 Windows directory: C:\Windows
08:55:10.0585 6128 System windows directory: C:\Windows
08:55:10.0585 6128 Running under WOW64
08:55:10.0585 6128 Processor architecture: Intel x64
08:55:10.0585 6128 Number of processors: 8
08:55:10.0585 6128 Page size: 0x1000
08:55:10.0585 6128 Boot type: Normal boot
08:55:10.0585 6128 ============================================================
08:55:10.0877 6128 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:55:10.0903 6128 ============================================================
08:55:10.0903 6128 \Device\Harddisk0\DR0:
08:55:10.0903 6128 MBR partitions:
08:55:10.0903 6128 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
08:55:10.0903 6128 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3283F, BlocksNum 0x72D627C1
08:55:10.0903 6128 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x72D95000, BlocksNum 0x1971000
08:55:10.0903 6128 ============================================================
08:55:10.0932 6128 C: <-> \Device\Harddisk0\DR0\Partition2
08:55:10.0963 6128 D: <-> \Device\Harddisk0\DR0\Partition3
08:55:10.0963 6128 ============================================================
08:55:10.0963 6128 Initialize success
08:55:10.0963 6128 ============================================================
08:55:14.0356 2508 ============================================================
08:55:14.0356 2508 Scan started
08:55:14.0356 2508 Mode: Manual;
08:55:14.0356 2508 ============================================================
08:55:14.0467 2508 ================ Scan system memory ========================
08:55:14.0467 2508 System memory - ok
08:55:14.0467 2508 ================ Scan services =============================
08:55:15.0562 2508 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
08:55:15.0563 2508 1394ohci - ok
08:55:15.0576 2508 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
08:55:15.0578 2508 ACPI - ok
08:55:15.0591 2508 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
08:55:15.0591 2508 AcpiPmi - ok
08:55:15.0611 2508 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
08:55:15.0613 2508 adp94xx - ok
08:55:15.0617 2508 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
08:55:15.0619 2508 adpahci - ok
08:55:15.0623 2508 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
08:55:15.0624 2508 adpu320 - ok
08:55:15.0643 2508 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
08:55:15.0651 2508 AeLookupSvc - ok
08:55:15.0706 2508 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
08:55:15.0706 2508 AESTFilters - ok
08:55:15.0760 2508 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
08:55:15.0762 2508 AFD - ok
08:55:15.0764 2508 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
08:55:15.0765 2508 agp440 - ok
08:55:15.0793 2508 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
08:55:15.0801 2508 ALG - ok
08:55:15.0814 2508 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
08:55:15.0814 2508 aliide - ok
08:55:15.0823 2508 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
08:55:15.0824 2508 amdide - ok
08:55:15.0826 2508 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
08:55:15.0827 2508 AmdK8 - ok
08:55:15.0835 2508 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
08:55:15.0836 2508 AmdPPM - ok
08:55:15.0859 2508 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
08:55:15.0860 2508 amdsata - ok
08:55:15.0863 2508 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
08:55:15.0864 2508 amdsbs - ok
08:55:15.0874 2508 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
08:55:15.0874 2508 amdxata - ok
08:55:15.0886 2508 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
08:55:15.0886 2508 AppID - ok
08:55:15.0912 2508 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
08:55:15.0913 2508 AppIDSvc - ok
08:55:15.0934 2508 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
08:55:15.0943 2508 Appinfo - ok
08:55:15.0946 2508 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
08:55:15.0946 2508 arc - ok
08:55:15.0948 2508 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
08:55:15.0949 2508 arcsas - ok
08:55:15.0991 2508 [ B217378ED9A964E15346A67FEF609A17 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
08:55:15.0992 2508 aswFsBlk - ok
08:55:16.0050 2508 [ E92635BB235B03ED03B17CBB59F77FA4 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
08:55:16.0050 2508 aswMonFlt - ok
08:55:16.0067 2508 [ 8F90459AFB7FD4557D935CE639EF6110 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
08:55:16.0067 2508 aswRdr - ok
08:55:16.0161 2508 [ DE6759B8D8E62BF0FFF2B05F05AFCEE6 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
08:55:16.0162 2508 aswRvrt - ok
08:55:16.0207 2508 [ AB8B4D3136D18A20777036E0F0CFC5E1 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
08:55:16.0211 2508 aswSnx - ok
08:55:16.0228 2508 [ 97D4D725BD32C965119E6C8E252F8C64 ] aswSP C:\Windows\system32\drivers\aswSP.sys
08:55:16.0230 2508 aswSP - ok
08:55:16.0245 2508 [ D62C10D1829C65115111C160EA956260 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
08:55:16.0246 2508 aswTdi - ok
08:55:16.0294 2508 [ 7E44C2684A6CA779B9D07CB4BD3F649D ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
08:55:16.0294 2508 aswVmm - ok
08:55:16.0315 2508 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
08:55:16.0316 2508 AsyncMac - ok
08:55:16.0324 2508 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
08:55:16.0325 2508 atapi - ok
08:55:16.0351 2508 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:55:16.0355 2508 AudioEndpointBuilder - ok
08:55:16.0360 2508 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
08:55:16.0363 2508 AudioSrv - ok
08:55:16.0407 2508 [ 41735B82DB57E4EBE9504EC400FD120E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
08:55:16.0407 2508 avast! Antivirus - ok
08:55:16.0452 2508 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
08:55:16.0460 2508 AxInstSV - ok
08:55:16.0481 2508 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
08:55:16.0483 2508 b06bdrv - ok
08:55:16.0502 2508 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
08:55:16.0503 2508 b57nd60a - ok
08:55:16.0531 2508 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
08:55:16.0533 2508 BDESVC - ok
08:55:16.0562 2508 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
08:55:16.0562 2508 Beep - ok
08:55:16.0615 2508 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
08:55:16.0619 2508 BFE - ok
08:55:16.0639 2508 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
08:55:16.0645 2508 BITS - ok
08:55:16.0655 2508 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
08:55:16.0655 2508 blbdrive - ok
08:55:16.0690 2508 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
08:55:16.0690 2508 bowser - ok
08:55:16.0705 2508 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
08:55:16.0705 2508 BrFiltLo - ok
08:55:16.0716 2508 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
08:55:16.0717 2508 BrFiltUp - ok
08:55:16.0773 2508 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
08:55:16.0775 2508 Browser - ok
08:55:16.0791 2508 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
08:55:16.0793 2508 Brserid - ok
08:55:16.0795 2508 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
08:55:16.0796 2508 BrSerWdm - ok
08:55:16.0805 2508 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
08:55:16.0805 2508 BrUsbMdm - ok
08:55:16.0813 2508 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
08:55:16.0813 2508 BrUsbSer - ok
08:55:16.0815 2508 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
08:55:16.0815 2508 BTHMODEM - ok
08:55:16.0832 2508 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
08:55:16.0841 2508 bthserv - ok
08:55:16.0853 2508 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
08:55:16.0854 2508 cdfs - ok
08:55:16.0868 2508 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
08:55:16.0869 2508 cdrom - ok
08:55:16.0920 2508 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
08:55:16.0921 2508 CertPropSvc - ok
08:55:16.0939 2508 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
08:55:16.0939 2508 circlass - ok
08:55:16.0976 2508 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
08:55:16.0977 2508 CLFS - ok
08:55:17.0037 2508 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:55:17.0038 2508 clr_optimization_v2.0.50727_32 - ok
08:55:17.0091 2508 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:55:17.0091 2508 clr_optimization_v2.0.50727_64 - ok
08:55:17.0137 2508 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:55:17.0200 2508 clr_optimization_v4.0.30319_32 - ok
08:55:17.0220 2508 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:55:17.0228 2508 clr_optimization_v4.0.30319_64 - ok
08:55:17.0241 2508 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
08:55:17.0241 2508 CmBatt - ok
08:55:17.0253 2508 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
08:55:17.0253 2508 cmdide - ok
08:55:17.0333 2508 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
08:55:17.0334 2508 CNG - ok
08:55:17.0342 2508 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
08:55:17.0342 2508 Compbatt - ok
08:55:17.0366 2508 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
08:55:17.0366 2508 CompositeBus - ok
08:55:17.0375 2508 COMSysApp - ok
08:55:17.0378 2508 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
08:55:17.0378 2508 crcdisk - ok
08:55:17.0416 2508 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
08:55:17.0418 2508 CryptSvc - ok
08:55:17.0447 2508 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
08:55:17.0451 2508 DcomLaunch - ok
08:55:17.0471 2508 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
08:55:17.0473 2508 defragsvc - ok
08:55:17.0486 2508 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
08:55:17.0486 2508 DfsC - ok
08:55:17.0517 2508 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
08:55:17.0520 2508 Dhcp - ok
08:55:17.0530 2508 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
08:55:17.0530 2508 discache - ok
08:55:17.0550 2508 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
08:55:17.0551 2508 Disk - ok
08:55:17.0571 2508 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
08:55:17.0573 2508 Dnscache - ok
08:55:17.0582 2508 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
08:55:17.0584 2508 dot3svc - ok
08:55:17.0596 2508 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
08:55:17.0598 2508 DPS - ok
08:55:17.0612 2508 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
08:55:17.0613 2508 drmkaud - ok
08:55:17.0632 2508 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
08:55:17.0633 2508 dtsoftbus01 - ok
08:55:17.0656 2508 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
08:55:17.0660 2508 DXGKrnl - ok
08:55:17.0669 2508 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
08:55:17.0671 2508 EapHost - ok
08:55:17.0713 2508 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
08:55:17.0725 2508 ebdrv - ok
08:55:17.0743 2508 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
08:55:17.0745 2508 EFS - ok
08:55:17.0786 2508 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
08:55:17.0789 2508 ehRecvr - ok
08:55:17.0801 2508 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
08:55:17.0802 2508 ehSched - ok
08:55:17.0815 2508 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
08:55:17.0817 2508 elxstor - ok
08:55:17.0832 2508 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
08:55:17.0833 2508 ErrDev - ok
08:55:17.0852 2508 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
08:55:17.0854 2508 EventSystem - ok
08:55:17.0869 2508 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
08:55:17.0870 2508 exfat - ok
08:55:17.0878 2508 ezSharedSvc - ok
08:55:17.0896 2508 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
08:55:17.0897 2508 fastfat - ok
08:55:17.0913 2508 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
08:55:17.0916 2508 Fax - ok
08:55:17.0918 2508 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
08:55:17.0918 2508 fdc - ok
08:55:17.0927 2508 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
08:55:17.0935 2508 fdPHost - ok
08:55:17.0964 2508 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
08:55:17.0973 2508 FDResPub - ok
08:55:17.0984 2508 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
08:55:17.0984 2508 FileInfo - ok
08:55:17.0989 2508 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
08:55:17.0990 2508 Filetrace - ok
08:55:17.0992 2508 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
08:55:17.0992 2508 flpydisk - ok
08:55:17.0996 2508 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
08:55:17.0997 2508 FltMgr - ok
08:55:18.0043 2508 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
08:55:18.0060 2508 FontCache - ok
08:55:18.0086 2508 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:55:18.0086 2508 FontCache3.0.0.0 - ok
08:55:18.0095 2508 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
08:55:18.0095 2508 FsDepends - ok
08:55:18.0130 2508 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
08:55:18.0131 2508 Fs_Rec - ok
08:55:18.0134 2508 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
08:55:18.0135 2508 fvevol - ok
08:55:18.0137 2508 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
08:55:18.0138 2508 gagp30kx - ok
08:55:18.0154 2508 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
08:55:18.0159 2508 gpsvc - ok
08:55:18.0240 2508 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:55:18.0241 2508 gupdate - ok
08:55:18.0243 2508 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:55:18.0244 2508 gupdatem - ok
08:55:18.0259 2508 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
08:55:18.0260 2508 hcw85cir - ok
08:55:18.0291 2508 [ 36460952D903E9159660B3E7945FC274 ] hcwD3bda C:\Windows\system32\DRIVERS\hcwD3bda64.sys
08:55:18.0292 2508 hcwD3bda - ok
08:55:18.0342 2508 [ 1A6DE1F4E48A80C281DDCCAA56339AE1 ] hcwD3bda_dvbt C:\Windows\system32\hauppauge\hcwD3dvb\DVBT\DVBService.exe
08:55:18.0353 2508 hcwD3bda_dvbt - ok
08:55:18.0368 2508 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:55:18.0369 2508 HdAudAddService - ok
08:55:18.0390 2508 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
08:55:18.0391 2508 HDAudBus - ok
08:55:18.0393 2508 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
08:55:18.0394 2508 HidBatt - ok
08:55:18.0406 2508 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
08:55:18.0406 2508 HidBth - ok
08:55:18.0422 2508 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
08:55:18.0422 2508 HidIr - ok
08:55:18.0433 2508 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
08:55:18.0441 2508 hidserv - ok
08:55:18.0458 2508 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
08:55:18.0459 2508 HidUsb - ok
08:55:18.0484 2508 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
08:55:18.0486 2508 hkmsvc - ok
08:55:18.0496 2508 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:55:18.0499 2508 HomeGroupListener - ok
08:55:18.0516 2508 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:55:18.0518 2508 HomeGroupProvider - ok
08:55:18.0552 2508 [ 45A12CACB97B4F15858FCFD59355A1E9 ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
08:55:18.0553 2508 HP Health Check Service - ok
08:55:18.0591 2508 [ 6A181452D4E240B8ECC7614B9A19BDE9 ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
08:55:18.0592 2508 HPClientSvc - ok
08:55:18.0615 2508 [ F55442690A70A0278A7EED4FAAEBF576 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
08:55:18.0616 2508 HPDrvMntSvc.exe - ok
08:55:18.0638 2508 [ 640E51DB253265C3EAC075866B3D2B33 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
08:55:18.0641 2508 hpqwmiex - ok
08:55:18.0650 2508 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
08:55:18.0650 2508 HpSAMD - ok
08:55:18.0670 2508 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
08:55:18.0673 2508 HTTP - ok
08:55:18.0683 2508 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
08:55:18.0683 2508 hwpolicy - ok
08:55:18.0692 2508 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
08:55:18.0693 2508 i8042prt - ok
08:55:18.0706 2508 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\Windows\system32\drivers\iaStor.sys
08:55:18.0708 2508 iaStor - ok
08:55:18.0721 2508 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
08:55:18.0723 2508 iaStorV - ok
08:55:18.0756 2508 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:55:18.0761 2508 idsvc - ok
08:55:18.0834 2508 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
08:55:18.0856 2508 igfx - ok
08:55:18.0881 2508 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
08:55:18.0882 2508 iirsp - ok
08:55:18.0901 2508 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
08:55:18.0907 2508 IKEEXT - ok
08:55:18.0923 2508 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
08:55:18.0924 2508 intelide - ok
08:55:18.0936 2508 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
08:55:18.0936 2508 intelppm - ok
08:55:18.0950 2508 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
08:55:18.0959 2508 IPBusEnum - ok
08:55:18.0961 2508 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:55:18.0962 2508 IpFilterDriver - ok
08:55:19.0027 2508 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
08:55:19.0031 2508 iphlpsvc - ok
08:55:19.0034 2508 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
08:55:19.0035 2508 IPMIDRV - ok
08:55:19.0037 2508 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
08:55:19.0038 2508 IPNAT - ok
08:55:19.0054 2508 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
08:55:19.0055 2508 IRENUM - ok
08:55:19.0057 2508 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
08:55:19.0057 2508 isapnp - ok
08:55:19.0074 2508 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
08:55:19.0075 2508 iScsiPrt - ok
08:55:19.0088 2508 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
08:55:19.0088 2508 kbdclass - ok
08:55:19.0100 2508 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
08:55:19.0101 2508 kbdhid - ok
08:55:19.0127 2508 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
08:55:19.0128 2508 KeyIso - ok
08:55:19.0148 2508 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
08:55:19.0149 2508 KSecDD - ok
08:55:19.0173 2508 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
08:55:19.0174 2508 KSecPkg - ok
08:55:19.0179 2508 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
08:55:19.0179 2508 ksthunk - ok
08:55:19.0192 2508 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
08:55:19.0196 2508 KtmRm - ok
08:55:19.0211 2508 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
08:55:19.0214 2508 LanmanServer - ok
08:55:19.0241 2508 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:55:19.0244 2508 LanmanWorkstation - ok
08:55:19.0271 2508 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
08:55:19.0272 2508 lltdio - ok
08:55:19.0285 2508 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
08:55:19.0288 2508 lltdsvc - ok
08:55:19.0290 2508 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
08:55:19.0291 2508 lmhosts - ok
08:55:19.0336 2508 [ D75C4B4A8FE6D7FD74A7EECDBAEC729F ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
08:55:19.0338 2508 LMS - ok
08:55:19.0341 2508 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
08:55:19.0342 2508 LSI_FC - ok
08:55:19.0344 2508 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
08:55:19.0345 2508 LSI_SAS - ok
08:55:19.0347 2508 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
08:55:19.0347 2508 LSI_SAS2 - ok
08:55:19.0350 2508 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
08:55:19.0350 2508 LSI_SCSI - ok
08:55:19.0355 2508 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
08:55:19.0356 2508 luafv - ok
08:55:19.0423 2508 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
08:55:19.0423 2508 MBAMProtector - ok
08:55:19.0488 2508 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
08:55:19.0490 2508 MBAMScheduler - ok
08:55:19.0545 2508 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
08:55:19.0547 2508 MBAMService - ok
08:55:19.0558 2508 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
08:55:19.0567 2508 Mcx2Svc - ok
08:55:19.0576 2508 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
08:55:19.0576 2508 megasas - ok
08:55:19.0580 2508 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
08:55:19.0581 2508 MegaSR - ok
08:55:19.0607 2508 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys
08:55:19.0607 2508 MEIx64 - ok
08:55:19.0655 2508 Microsoft SharePoint Workspace Audit Service - ok
08:55:19.0660 2508 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
08:55:19.0662 2508 MMCSS - ok

[divine]

TDSSKiller - pokračování

08:55:19.0671 2508 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
08:55:19.0671 2508 Modem - ok
08:55:19.0694 2508 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
08:55:19.0694 2508 monitor - ok
08:55:19.0710 2508 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
08:55:19.0710 2508 mouclass - ok
08:55:19.0723 2508 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
08:55:19.0724 2508 mouhid - ok
08:55:19.0757 2508 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
08:55:19.0757 2508 mountmgr - ok
08:55:19.0804 2508 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
08:55:19.0805 2508 MozillaMaintenance - ok
08:55:19.0816 2508 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
08:55:19.0817 2508 mpio - ok
08:55:19.0826 2508 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
08:55:19.0827 2508 mpsdrv - ok
08:55:19.0843 2508 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
08:55:19.0849 2508 MpsSvc - ok
08:55:19.0852 2508 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
08:55:19.0853 2508 MRxDAV - ok
08:55:19.0880 2508 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
08:55:19.0881 2508 mrxsmb - ok
08:55:19.0903 2508 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:55:19.0904 2508 mrxsmb10 - ok
08:55:19.0907 2508 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:55:19.0908 2508 mrxsmb20 - ok
08:55:19.0910 2508 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
08:55:19.0910 2508 msahci - ok
08:55:19.0921 2508 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
08:55:19.0922 2508 msdsm - ok
08:55:19.0932 2508 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
08:55:19.0934 2508 MSDTC - ok
08:55:19.0941 2508 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
08:55:19.0941 2508 Msfs - ok
08:55:19.0953 2508 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
08:55:19.0953 2508 mshidkmdf - ok
08:55:19.0958 2508 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
08:55:19.0958 2508 msisadrv - ok
08:55:19.0977 2508 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
08:55:19.0980 2508 MSiSCSI - ok
08:55:19.0981 2508 msiserver - ok
08:55:20.0005 2508 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
08:55:20.0005 2508 MSKSSRV - ok
08:55:20.0022 2508 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
08:55:20.0022 2508 MSPCLOCK - ok
08:55:20.0029 2508 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
08:55:20.0029 2508 MSPQM - ok
08:55:20.0039 2508 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
08:55:20.0040 2508 MsRPC - ok
08:55:20.0043 2508 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
08:55:20.0043 2508 mssmbios - ok
08:55:20.0054 2508 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
08:55:20.0054 2508 MSTEE - ok
08:55:20.0062 2508 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
08:55:20.0062 2508 MTConfig - ok
08:55:20.0074 2508 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
08:55:20.0075 2508 Mup - ok
08:55:20.0102 2508 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
08:55:20.0106 2508 napagent - ok
08:55:20.0119 2508 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
08:55:20.0120 2508 NativeWifiP - ok
08:55:20.0163 2508 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
08:55:20.0167 2508 NDIS - ok
08:55:20.0189 2508 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
08:55:20.0190 2508 NdisCap - ok
08:55:20.0205 2508 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
08:55:20.0205 2508 NdisTapi - ok
08:55:20.0215 2508 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
08:55:20.0216 2508 Ndisuio - ok
08:55:20.0224 2508 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
08:55:20.0224 2508 NdisWan - ok
08:55:20.0229 2508 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
08:55:20.0229 2508 NDProxy - ok
08:55:20.0241 2508 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
08:55:20.0242 2508 NetBIOS - ok
08:55:20.0248 2508 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
08:55:20.0249 2508 NetBT - ok
08:55:20.0269 2508 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
08:55:20.0271 2508 Netlogon - ok
08:55:20.0297 2508 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
08:55:20.0300 2508 Netman - ok
08:55:20.0317 2508 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:55:20.0335 2508 NetMsmqActivator - ok
08:55:20.0338 2508 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:55:20.0338 2508 NetPipeActivator - ok
08:55:20.0354 2508 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
08:55:20.0357 2508 netprofm - ok
08:55:20.0359 2508 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:55:20.0360 2508 NetTcpActivator - ok
08:55:20.0362 2508 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:55:20.0363 2508 NetTcpPortSharing - ok
08:55:20.0377 2508 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
08:55:20.0378 2508 nfrd960 - ok
08:55:20.0397 2508 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
08:55:20.0400 2508 NlaSvc - ok
08:55:20.0409 2508 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
08:55:20.0409 2508 Npfs - ok
08:55:20.0412 2508 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
08:55:20.0414 2508 nsi - ok
08:55:20.0421 2508 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
08:55:20.0421 2508 nsiproxy - ok
08:55:20.0454 2508 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
08:55:20.0460 2508 Ntfs - ok
08:55:20.0465 2508 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
08:55:20.0466 2508 Null - ok
08:55:20.0502 2508 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
08:55:20.0503 2508 NVHDA - ok
08:55:20.0645 2508 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
08:55:20.0692 2508 nvlddmkm - ok
08:55:20.0902 2508 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
08:55:20.0903 2508 nvraid - ok
08:55:20.0912 2508 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
08:55:20.0912 2508 nvstor - ok
08:55:20.0959 2508 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] NVSvc C:\Windows\system32\nvvsvc.exe
08:55:20.0964 2508 NVSvc - ok
08:55:21.0029 2508 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
08:55:21.0033 2508 nvUpdatusService - ok
08:55:21.0050 2508 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
08:55:21.0051 2508 nv_agp - ok
08:55:21.0053 2508 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
08:55:21.0054 2508 ohci1394 - ok
08:55:21.0095 2508 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:55:21.0096 2508 ose - ok
08:55:21.0155 2508 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
08:55:21.0172 2508 osppsvc - ok
08:55:21.0185 2508 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
08:55:21.0189 2508 p2pimsvc - ok
08:55:21.0204 2508 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
08:55:21.0208 2508 p2psvc - ok
08:55:21.0215 2508 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
08:55:21.0216 2508 Parport - ok
08:55:21.0238 2508 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
08:55:21.0238 2508 partmgr - ok
08:55:21.0244 2508 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
08:55:21.0246 2508 PcaSvc - ok
08:55:21.0253 2508 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
08:55:21.0254 2508 pci - ok
08:55:21.0256 2508 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
08:55:21.0256 2508 pciide - ok
08:55:21.0269 2508 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
08:55:21.0270 2508 pcmcia - ok
08:55:21.0282 2508 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
08:55:21.0283 2508 pcw - ok
08:55:21.0301 2508 pdfcDispatcher - ok
08:55:21.0315 2508 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
08:55:21.0318 2508 PEAUTH - ok
08:55:21.0364 2508 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
08:55:21.0366 2508 PerfHost - ok
08:55:21.0391 2508 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
08:55:21.0408 2508 pla - ok
08:55:21.0434 2508 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
08:55:21.0438 2508 PlugPlay - ok
08:55:21.0489 2508 PnkBstrA - ok
08:55:21.0497 2508 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
08:55:21.0499 2508 PNRPAutoReg - ok
08:55:21.0503 2508 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
08:55:21.0506 2508 PNRPsvc - ok
08:55:21.0528 2508 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
08:55:21.0532 2508 PolicyAgent - ok
08:55:21.0541 2508 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
08:55:21.0544 2508 Power - ok
08:55:21.0550 2508 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
08:55:21.0550 2508 PptpMiniport - ok
08:55:21.0559 2508 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
08:55:21.0559 2508 Processor - ok
08:55:21.0572 2508 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
08:55:21.0575 2508 ProfSvc - ok
08:55:21.0586 2508 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
08:55:21.0587 2508 ProtectedStorage - ok
08:55:21.0604 2508 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
08:55:21.0605 2508 Psched - ok
08:55:21.0629 2508 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
08:55:21.0634 2508 ql2300 - ok
08:55:21.0637 2508 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
08:55:21.0638 2508 ql40xx - ok
08:55:21.0647 2508 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
08:55:21.0650 2508 QWAVE - ok
08:55:21.0656 2508 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
08:55:21.0656 2508 QWAVEdrv - ok
08:55:21.0658 2508 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
08:55:21.0659 2508 RasAcd - ok
08:55:21.0688 2508 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
08:55:21.0689 2508 RasAgileVpn - ok
08:55:21.0701 2508 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
08:55:21.0709 2508 RasAuto - ok
08:55:21.0725 2508 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
08:55:21.0726 2508 Rasl2tp - ok
08:55:21.0741 2508 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
08:55:21.0745 2508 RasMan - ok
08:55:21.0764 2508 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
08:55:21.0764 2508 RasPppoe - ok
08:55:21.0778 2508 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
08:55:21.0779 2508 RasSstp - ok
08:55:21.0791 2508 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
08:55:21.0792 2508 rdbss - ok
08:55:21.0800 2508 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
08:55:21.0800 2508 rdpbus - ok
08:55:21.0818 2508 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
08:55:21.0818 2508 RDPCDD - ok
08:55:21.0823 2508 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
08:55:21.0824 2508 RDPENCDD - ok
08:55:21.0844 2508 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
08:55:21.0845 2508 RDPREFMP - ok
08:55:21.0891 2508 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
08:55:21.0891 2508 RdpVideoMiniport - ok
08:55:21.0900 2508 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
08:55:21.0901 2508 RDPWD - ok
08:55:21.0930 2508 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
08:55:21.0932 2508 rdyboost - ok
08:55:21.0948 2508 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
08:55:21.0956 2508 RemoteAccess - ok
08:55:21.0962 2508 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
08:55:21.0964 2508 RemoteRegistry - ok
08:55:21.0970 2508 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
08:55:21.0979 2508 RpcEptMapper - ok
08:55:21.0989 2508 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
08:55:21.0991 2508 RpcLocator - ok
08:55:22.0005 2508 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
08:55:22.0009 2508 RpcSs - ok
08:55:22.0018 2508 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
08:55:22.0019 2508 rspndr - ok
08:55:22.0053 2508 [ E50CFB92986DCAB49DE93788FD695813 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
08:55:22.0055 2508 RTL8167 - ok
08:55:22.0057 2508 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
08:55:22.0059 2508 SamSs - ok
08:55:22.0072 2508 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
08:55:22.0072 2508 sbp2port - ok
08:55:22.0083 2508 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
08:55:22.0086 2508 SCardSvr - ok
08:55:22.0090 2508 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
08:55:22.0090 2508 scfilter - ok
08:55:22.0104 2508 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
08:55:22.0121 2508 Schedule - ok
08:55:22.0137 2508 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
08:55:22.0138 2508 SCPolicySvc - ok
08:55:22.0146 2508 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
08:55:22.0149 2508 SDRSVC - ok
08:55:22.0159 2508 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
08:55:22.0159 2508 secdrv - ok
08:55:22.0166 2508 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
08:55:22.0174 2508 seclogon - ok
08:55:22.0194 2508 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
08:55:22.0197 2508 SENS - ok
08:55:22.0213 2508 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
08:55:22.0216 2508 SensrSvc - ok
08:55:22.0234 2508 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
08:55:22.0234 2508 Serenum - ok
08:55:22.0236 2508 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
08:55:22.0237 2508 Serial - ok
08:55:22.0240 2508 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
08:55:22.0240 2508 sermouse - ok
08:55:22.0250 2508 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
08:55:22.0259 2508 SessionEnv - ok
08:55:22.0261 2508 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
08:55:22.0261 2508 sffdisk - ok
08:55:22.0263 2508 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
08:55:22.0263 2508 sffp_mmc - ok
08:55:22.0265 2508 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
08:55:22.0265 2508 sffp_sd - ok
08:55:22.0270 2508 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
08:55:22.0270 2508 sfloppy - ok
08:55:22.0288 2508 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
08:55:22.0291 2508 SharedAccess - ok
08:55:22.0301 2508 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:55:22.0305 2508 ShellHWDetection - ok
08:55:22.0311 2508 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
08:55:22.0311 2508 SiSRaid2 - ok
08:55:22.0319 2508 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
08:55:22.0320 2508 SiSRaid4 - ok
08:55:22.0386 2508 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
08:55:22.0387 2508 SkypeUpdate - ok
08:55:22.0394 2508 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
08:55:22.0395 2508 Smb - ok
08:55:22.0399 2508 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
08:55:22.0400 2508 SNMPTRAP - ok
08:55:22.0415 2508 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
08:55:22.0416 2508 spldr - ok
08:55:22.0441 2508 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
08:55:22.0446 2508 Spooler - ok
08:55:22.0488 2508 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
08:55:22.0530 2508 sppsvc - ok
08:55:22.0539 2508 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
08:55:22.0547 2508 sppuinotify - ok
08:55:22.0572 2508 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
08:55:22.0575 2508 srv - ok
08:55:22.0585 2508 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
08:55:22.0587 2508 srv2 - ok
08:55:22.0598 2508 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
08:55:22.0600 2508 srvnet - ok
08:55:22.0630 2508 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
08:55:22.0633 2508 SSDPSRV - ok
08:55:22.0702 2508 [ 20CCA549FBDCFF64C46179D82847B88E ] ssinstall C:\Windows\SysWOW64\ssins.exe
08:55:22.0711 2508 ssinstall - ok
08:55:22.0718 2508 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
08:55:22.0726 2508 SstpSvc - ok
08:55:22.0772 2508 [ 605ECCCE95ACF7AF12CBCCDAB55B8DD0 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
08:55:22.0773 2508 STacSV - ok
08:55:22.0800 2508 Steam Client Service - ok
08:55:22.0836 2508 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
08:55:22.0838 2508 Stereo Service - ok
08:55:22.0847 2508 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
08:55:22.0847 2508 stexstor - ok
08:55:22.0876 2508 [ 5709F6AEECC9C43AD9D550FB1D882209 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
08:55:22.0879 2508 STHDA - ok
08:55:22.0899 2508 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
08:55:22.0904 2508 stisvc - ok
08:55:22.0913 2508 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
08:55:22.0914 2508 swenum - ok
08:55:22.0943 2508 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
08:55:22.0948 2508 swprv - ok
08:55:22.0969 2508 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
08:55:22.0994 2508 SysMain - ok
08:55:23.0005 2508 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:55:23.0013 2508 TabletInputService - ok
08:55:23.0023 2508 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
08:55:23.0027 2508 TapiSrv - ok
08:55:23.0039 2508 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
08:55:23.0047 2508 TBS - ok
08:55:23.0086 2508 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
08:55:23.0093 2508 Tcpip - ok
08:55:23.0128 2508 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
08:55:23.0134 2508 TCPIP6 - ok
08:55:23.0159 2508 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
08:55:23.0160 2508 tcpipreg - ok
08:55:23.0172 2508 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
08:55:23.0173 2508 TDPIPE - ok
08:55:23.0186 2508 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
08:55:23.0186 2508 TDTCP - ok
08:55:23.0189 2508 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
08:55:23.0190 2508 tdx - ok
08:55:23.0214 2508 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
08:55:23.0214 2508 TermDD - ok
08:55:23.0222 2508 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
08:55:23.0228 2508 TermService - ok
08:55:23.0232 2508 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
08:55:23.0240 2508 Themes - ok
08:55:23.0243 2508 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
08:55:23.0245 2508 THREADORDER - ok
08:55:23.0268 2508 [ 72A25CAE92F5A57D1F3D278A94DC3CEB ] tihub3 C:\Windows\system32\DRIVERS\tihub3.sys
08:55:23.0269 2508 tihub3 - ok
08:55:23.0300 2508 [ E0F9E190B41F190BCF2E2B865D061FD6 ] tixhci C:\Windows\system32\drivers\tixhci.sys
08:55:23.0302 2508 tixhci - ok
08:55:23.0306 2508 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
08:55:23.0310 2508 TrkWks - ok
08:55:23.0346 2508 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:55:23.0346 2508 TrustedInstaller - ok
08:55:23.0363 2508 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
08:55:23.0364 2508 tssecsrv - ok
08:55:23.0411 2508 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
08:55:23.0411 2508 TsUsbFlt - ok
08:55:23.0419 2508 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
08:55:23.0420 2508 TsUsbGD - ok
08:55:23.0450 2508 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
08:55:23.0450 2508 tunnel - ok
08:55:23.0469 2508 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
08:55:23.0470 2508 uagp35 - ok
08:55:23.0479 2508 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
08:55:23.0481 2508 udfs - ok
08:55:23.0495 2508 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
08:55:23.0497 2508 UI0Detect - ok
08:55:23.0500 2508 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
08:55:23.0500 2508 uliagpkx - ok
08:55:23.0517 2508 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
08:55:23.0518 2508 umbus - ok
08:55:23.0524 2508 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
08:55:23.0524 2508 UmPass - ok
08:55:23.0582 2508 [ 758C2CE427C343F780A205E28555C98D ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
08:55:23.0591 2508 UNS - ok
08:55:23.0606 2508 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
08:55:23.0610 2508 upnphost - ok
08:55:23.0635 2508 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
08:55:23.0636 2508 usbccgp - ok
08:55:23.0638 2508 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
08:55:23.0639 2508 usbcir - ok
08:55:23.0644 2508 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
08:55:23.0644 2508 usbehci - ok
08:55:23.0658 2508 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
08:55:23.0659 2508 usbhub - ok
08:55:23.0668 2508 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
08:55:23.0669 2508 usbohci - ok
08:55:23.0693 2508 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
08:55:23.0693 2508 usbprint - ok
08:55:23.0707 2508 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:55:23.0708 2508 USBSTOR - ok
08:55:23.0716 2508 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
08:55:23.0716 2508 usbuhci - ok
08:55:23.0719 2508 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
08:55:23.0721 2508 UxSms - ok
08:55:23.0735 2508 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
08:55:23.0737 2508 VaultSvc - ok
08:55:23.0752 2508 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
08:55:23.0753 2508 vdrvroot - ok
08:55:23.0765 2508 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
08:55:23.0769 2508 vds - ok
08:55:23.0782 2508 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
08:55:23.0782 2508 vga - ok
08:55:23.0794 2508 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
08:55:23.0795 2508 VgaSave - ok
08:55:23.0798 2508 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
08:55:23.0799 2508 vhdmp - ok
08:55:23.0801 2508 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
08:55:23.0801 2508 viaide - ok
08:55:23.0806 2508 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
08:55:23.0807 2508 volmgr - ok
08:55:23.0817 2508 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
08:55:23.0818 2508 volmgrx - ok
08:55:23.0822 2508 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
08:55:23.0823 2508 volsnap - ok
08:55:23.0847 2508 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
08:55:23.0847 2508 vsmraid - ok
08:55:23.0871 2508 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
08:55:23.0878 2508 VSS - ok
08:55:23.0882 2508 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
08:55:23.0883 2508 vwifibus - ok
08:55:23.0906 2508 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
08:55:23.0911 2508 W32Time - ok
08:55:23.0914 2508 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
08:55:23.0914 2508 WacomPen - ok
08:55:23.0930 2508 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
08:55:23.0930 2508 WANARP - ok
08:55:23.0940 2508 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
08:55:23.0941 2508 Wanarpv6 - ok
08:55:23.0984 2508 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
08:55:23.0988 2508 WatAdminSvc - ok
08:55:24.0010 2508 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
08:55:24.0017 2508 wbengine - ok
08:55:24.0029 2508 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
08:55:24.0033 2508 WbioSrvc - ok
08:55:24.0041 2508 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
08:55:24.0045 2508 wcncsvc - ok
08:55:24.0054 2508 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:55:24.0057 2508 WcsPlugInService - ok
08:55:24.0059 2508 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
08:55:24.0059 2508 Wd - ok
08:55:24.0092 2508 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
08:55:24.0095 2508 Wdf01000 - ok
08:55:24.0106 2508 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
08:55:24.0110 2508 WdiServiceHost - ok
08:55:24.0112 2508 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
08:55:24.0114 2508 WdiSystemHost - ok
08:55:24.0126 2508 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
08:55:24.0130 2508 WebClient - ok
08:55:24.0145 2508 [ D5BA7D43FA2EF656BF7E98A188391E40 ] Wecsvc C:\Windows\system32\wecsvc.dll
08:55:24.0148 2508 Wecsvc - ok
08:55:24.0155 2508 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
08:55:24.0157 2508 wercplsupport - ok
08:55:24.0165 2508 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
08:55:24.0174 2508 WerSvc - ok
08:55:24.0196 2508 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
08:55:24.0197 2508 WfpLwf - ok
08:55:24.0202 2508 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
08:55:24.0203 2508 WIMMount - ok
08:55:24.0218 2508 WinDefend - ok
08:55:24.0225 2508 WinHttpAutoProxySvc - ok
08:55:24.0250 2508 [ 136760C1E9697BAF4ECDEAE5590A0806 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
08:55:24.0251 2508 Winmgmt - ok
08:55:24.0291 2508 [ 3BB6B401A780BF434C8F58137DE10BF7 ] WinRM C:\Windows\system32\WsmSvc.dll
08:55:24.0325 2508 WinRM - ok
08:55:24.0358 2508 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
08:55:24.0359 2508 WinUsb - ok
08:55:24.0385 2508 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
08:55:24.0392 2508 Wlansvc - ok
08:55:24.0422 2508 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
08:55:24.0422 2508 wlcrasvc - ok
08:55:24.0469 2508 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:55:24.0477 2508 wlidsvc - ok
08:55:24.0482 2508 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
08:55:24.0483 2508 WmiAcpi - ok
08:55:24.0494 2508 [ 4DF841632B62A7CF19A79A05046A8AB1 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
08:55:24.0495 2508 wmiApSrv - ok
08:55:24.0516 2508 WMPNetworkSvc - ok
08:55:24.0538 2508 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
08:55:24.0540 2508 WPCSvc - ok
08:55:24.0554 2508 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
08:55:24.0562 2508 WPDBusEnum - ok
08:55:24.0571 2508 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
08:55:24.0572 2508 ws2ifsl - ok
08:55:24.0585 2508 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
08:55:24.0594 2508 wscsvc - ok
08:55:24.0596 2508 WSearch - ok
08:55:24.0633 2508 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
08:55:24.0658 2508 wuauserv - ok
08:55:24.0675 2508 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
08:55:24.0676 2508 WudfPf - ok
08:55:24.0706 2508 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
08:55:24.0707 2508 WUDFRd - ok
08:55:24.0722 2508 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
08:55:24.0731 2508 wudfsvc - ok
08:55:24.0745 2508 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
08:55:24.0748 2508 WwanSvc - ok
08:55:24.0750 2508 ================ Scan global ===============================
08:55:24.0769 2508 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
08:55:24.0799 2508 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
08:55:24.0804 2508 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
08:55:24.0820 2508 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
08:55:24.0841 2508 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
08:55:24.0844 2508 [Global] - ok
08:55:24.0844 2508 ================ Scan MBR ==================================
08:55:24.0852 2508 [ 2B7DEFB76CAB72C48E6325FD2685DF16 ] \Device\Harddisk0\DR0
08:55:24.0967 2508 \Device\Harddisk0\DR0 - ok
08:55:24.0968 2508 ================ Scan VBR ==================================
08:55:24.0969 2508 [ 8997F78D6C6D5327F0EEF45C38FF3599 ] \Device\Harddisk0\DR0\Partition1
08:55:24.0970 2508 \Device\Harddisk0\DR0\Partition1 - ok
08:55:24.0971 2508 [ 08F7A67D47871FF22DEA37E3675107A5 ] \Device\Harddisk0\DR0\Partition2
08:55:24.0972 2508 \Device\Harddisk0\DR0\Partition2 - ok
08:55:24.0994 2508 [ 1C55CBC3012D42E93B4F981FFBA4A911 ] \Device\Harddisk0\DR0\Partition3
08:55:24.0996 2508 \Device\Harddisk0\DR0\Partition3 - ok
08:55:24.0996 2508 ============================================================
08:55:24.0996 2508 Scan finished
08:55:24.0996 2508 ============================================================
08:55:25.0001 5900 Detected object count: 0
08:55:25.0001 5900 Actual detected object count: 0
08:55:34.0465 4580 Deinitialize success

[Žbeky]

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.

[divine]

ComboFix 13-03-30.01 - michal 30.03.2013 18:52:17.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8172.6096 [GMT 1:00]
Spuštěný z: c:\users\michal\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\URTTemp
c:\windows\SysWow64\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-02-28 do 2013-03-30 )))))))))))))))))))))))))))))))
.
.
2013-03-30 17:57 . 2013-03-30 17:57 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-03-30 17:57 . 2013-03-30 17:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-30 17:56 . 2013-03-30 17:56 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2F0EF777-00AC-4081-B486-6B5357FCCD12}\offreg.dll
2013-03-29 08:08 . 2013-03-15 06:28 9311288 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2F0EF777-00AC-4081-B486-6B5357FCCD12}\mpengine.dll
2013-03-29 07:34 . 2013-03-29 07:34 -------- d-----w- c:\users\michal\AppData\Roaming\Malwarebytes
2013-03-29 07:34 . 2013-03-29 07:34 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-03-29 07:34 . 2013-03-29 07:34 -------- d-----w- c:\programdata\Malwarebytes
2013-03-29 07:34 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-28 17:11 . 2013-03-28 17:11 388096 ----a-r- c:\users\michal\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-03-28 17:11 . 2013-03-28 17:11 -------- d-----w- c:\program files (x86)\Trend Micro
2013-03-28 13:15 . 2013-03-28 13:15 405360 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-28 13:03 . 2013-03-28 13:03 -------- d-----w- c:\program files (x86)\GTA2
2013-03-28 13:03 . 1998-10-29 15:45 306688 ----a-w- c:\windows\IsUninst.exe
2013-03-14 16:56 . 2013-03-14 16:56 79 ----a-w- c:\windows\SysWow64\ssinstall-uninstall.bat
2013-03-14 16:56 . 2013-03-14 16:56 2317848 ----a-w- c:\windows\SysWow64\ssins.exe
2013-03-13 16:07 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-13 13:23 . 2013-03-06 23:33 178624 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-13 13:23 . 2013-03-06 23:33 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-13 02:01 . 2013-03-13 02:01 -------- d-----w- c:\program files\Microsoft Silverlight
2013-03-13 02:01 . 2013-03-13 02:01 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2013-03-09 17:43 . 2013-03-09 17:43 -------- d-----r- c:\users\michal\Podcasts
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-30 16:55 . 2012-12-25 19:55 291088 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-03-30 16:55 . 2012-12-25 19:17 291088 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-03-30 16:55 . 2012-12-25 19:17 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-03-13 02:02 . 2012-12-10 10:09 72013344 ----a-w- c:\windows\system32\MRT.exe
2013-03-06 23:33 . 2012-12-10 12:22 377920 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-03-06 23:33 . 2012-12-10 12:22 70992 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-03-06 23:33 . 2012-12-10 12:22 68920 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-03-06 23:33 . 2012-12-10 12:22 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-06 23:33 . 2012-12-10 12:22 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-03-06 23:33 . 2012-12-10 12:22 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-06 23:32 . 2012-12-10 12:22 41664 ----a-w- c:\windows\avastSS.scr
2013-03-06 23:32 . 2012-12-10 12:22 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-02-26 13:58 . 2012-12-25 19:17 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-02-26 08:48 . 2013-01-30 16:58 669184 ----a-w- c:\windows\SysWow64\pbsvc.exe
2013-02-12 05:45 . 2013-03-13 01:24 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-13 01:24 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-13 01:24 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-13 01:24 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-13 01:24 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-13 01:24 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-01-17 00:28 . 2010-11-21 03:27 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-13 21:17 . 2013-02-27 08:21 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 21:17 . 2013-02-27 08:21 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 21:16 . 2013-02-27 08:21 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 21:12 . 2013-02-27 08:21 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:11 . 2013-02-27 08:21 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 21:11 . 2013-02-27 08:21 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:11 . 2013-02-27 08:21 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 21:11 . 2013-02-27 08:21 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 21:11 . 2013-02-27 08:21 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:35 . 2013-02-27 08:21 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 20:35 . 2013-02-27 08:21 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 20:35 . 2013-02-27 08:21 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 20:32 . 2013-02-27 08:21 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 20:31 . 2013-02-27 08:21 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 08:21 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 08:21 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 20:31 . 2013-02-27 08:21 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 08:21 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 08:21 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-01-13 20:22 . 2013-02-27 08:21 1988096 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2013-01-13 20:20 . 2013-02-27 08:21 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2013-01-13 20:09 . 2013-02-27 08:21 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2013-01-13 20:08 . 2013-02-27 08:21 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2013-01-13 20:08 . 2013-02-27 08:21 1504768 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-01-13 19:59 . 2013-02-27 08:21 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-01-13 19:58 . 2013-02-27 08:21 1175552 ----a-w- c:\windows\system32\FntCache.dll
2013-01-13 19:54 . 2013-02-27 08:21 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2013-01-13 19:53 . 2013-02-27 08:21 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2013-01-13 19:53 . 2013-02-27 08:21 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2013-01-13 19:51 . 2013-02-27 08:21 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2013-01-13 19:49 . 2013-02-27 08:21 363008 ----a-w- c:\windows\system32\dxgi.dll
2013-01-13 19:48 . 2013-02-27 08:21 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2013-01-13 19:46 . 2013-02-27 08:21 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2013-01-13 19:43 . 2013-02-27 08:21 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-01-13 19:38 . 2013-02-27 08:21 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-01-13 19:38 . 2013-02-27 08:21 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-01-13 19:38 . 2013-02-27 08:21 296960 ----a-w- c:\windows\system32\d3d10core.dll
2013-01-13 19:37 . 2013-02-27 08:21 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2013-01-13 19:25 . 2013-02-27 08:21 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-01-13 19:24 . 2013-02-27 08:21 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2013-01-13 19:24 . 2013-02-27 08:21 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2013-01-13 19:20 . 2013-02-27 08:21 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2013-01-13 19:20 . 2013-02-27 08:21 1238528 ----a-w- c:\windows\system32\d3d10.dll
2013-01-13 19:15 . 2013-02-27 08:21 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-01-13 19:10 . 2013-02-27 08:21 3928064 ----a-w- c:\windows\system32\d2d1.dll
2013-01-13 19:02 . 2013-02-27 08:21 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-01-13 18:34 . 2013-02-27 08:21 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-01-13 18:32 . 2013-02-27 08:21 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-01-13 18:09 . 2013-02-27 08:21 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-01-13 17:26 . 2013-02-27 08:21 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2013-01-13 17:05 . 2013-02-27 08:21 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2013-01-05 05:53 . 2013-02-13 11:59 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-05 05:00 . 2013-02-13 11:59 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-01-05 05:00 . 2013-02-13 11:59 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-01-04 06:11 . 2013-02-27 08:21 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2013-01-04 06:11 . 2013-02-27 08:21 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-01-04 05:46 . 2013-02-13 11:59 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-01-04 04:51 . 2013-02-13 11:59 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-01-04 04:43 . 2013-02-13 11:59 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-01-04 03:26 . 2013-02-13 11:59 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-01-04 02:47 . 2013-02-13 11:59 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-01-04 02:47 . 2013-02-13 11:59 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-01-04 02:47 . 2013-02-13 11:59 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-01-04 02:47 . 2013-02-13 11:59 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-01-03 12:01 . 2013-01-03 12:01 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2013-01-03 12:01 . 2013-01-03 12:01 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2013-01-03 12:01 . 2013-01-03 12:01 121880 ----a-w- c:\windows\system32\OpenAL32.dll
2013-01-03 12:01 . 2013-01-03 12:01 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2013-01-03 06:00 . 2013-02-13 11:59 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-01-03 06:00 . 2013-02-13 11:59 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2013-03-26 1631144]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2013-03-26 3497552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2011-02-10 61112]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2011-02-01 656920]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2012-09-13 1009288]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
R3 aswVmm;aswVmm; [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-12-10 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 aswRvrt;aswRvrt; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-10 283200]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-02 89600]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-03-06 80816]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe [x]
S2 hcwD3bda_dvbt;Hauppauge MSi2500 DVBT Service;c:\windows\system32\hauppauge\hcwD3dvb\DVBT\DVBService.exe [2010-12-16 2641920]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-01-26 92216]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2011-02-01 1127448]
S2 ssinstall;SInstalátor;c:\windows\SysWOW64\ssins.exe [2013-03-14 2317848]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S3 hcwD3bda;Driver for WinTV DVB-T (Model 133xxx);c:\windows\system32\DRIVERS\hcwD3bda64.sys [2010-06-29 116352]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-05-16 533096]
S3 tihub3;TI USB3 Hub Service;c:\windows\system32\DRIVERS\tihub3.sys [2011-01-18 125552]
S3 tixhci;TI XHCI Service;c:\windows\system32\drivers\tixhci.sys [2011-02-22 382024]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-13 18:38 1629648 ----a-w- c:\program files (x86)\Google\Chrome\Application\25.0.1364.172\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-03-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-10 12:22]
.
2013-03-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-10 12:22]
.
2013-03-28 c:\windows\Tasks\HPCeeScheduleFormichal.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"="c:\program files\IDT\WDM\beats64.exe" [2010-10-21 37888]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-04-24 1425408]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/?clid=13415
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\michal\AppData\Roaming\Mozilla\Firefox\Profiles\biyqoay2.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - ExtSQL: 2013-03-13 14:23; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-ssinstall - c:\windows\system32\ssinstall-uninstall.bat
AddRemove-{E92D47A1-D27D-430A-8368-0BAFD956507D} - c:\program files (x86)\InstallShield Installation Information\{E92D47A1-D27D-430A-8368-0BAFD956507D}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-03-30 18:58:48
ComboFix-quarantined-files.txt 2013-03-30 17:58
.
Před spuštěním: Volných bajtů: 835 227 201 536
Po spuštění: Volných bajtů: 835 121 811 456
.
- - End Of File - - 46E3BA1E379B7BD60C0504FA5941AF61

[Žbeky]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::

Folder::
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Google\Update

File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Driver::
SkypeUpdate

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.


- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

[divine]

ComboFix 13-03-30.01 - michal 31.03.2013 12:56:10.2.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8172.6150 [GMT 2:00]
Spuštěný z: c:\users\michal\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\michal\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Update
c:\program files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
c:\program files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
c:\program files (x86)\Google\Update\1.3.21.135\GoogleUpdate.exe
c:\program files (x86)\Google\Update\1.3.21.135\GoogleUpdateBroker.exe
c:\program files (x86)\Google\Update\1.3.21.135\GoogleUpdateHelper.msi
c:\program files (x86)\Google\Update\1.3.21.135\GoogleUpdateOnDemand.exe
c:\program files (x86)\Google\Update\1.3.21.135\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\1.3.21.135\goopdate.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_am.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_ar.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_bg.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_bn.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_ca.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_cs.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_da.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_de.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_el.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_en-GB.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_en.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_es-419.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_es.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_et.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_fa.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_fi.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_fil.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_fr.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_gu.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_hi.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_hr.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_hu.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_id.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_is.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_it.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_iw.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_ja.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_kn.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_ko.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_lt.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_lv.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_ml.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_mr.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_ms.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_nl.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_no.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_pl.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_pt-BR.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_pt-PT.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_ro.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_ru.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_sk.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_sl.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_sr.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_sv.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_sw.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_ta.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_te.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_th.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_tr.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_uk.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_ur.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_vi.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_zh-CN.dll
c:\program files (x86)\Google\Update\1.3.21.135\goopdateres_zh-TW.dll
c:\program files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
c:\program files (x86)\Google\Update\1.3.21.135\psmachine.dll
c:\program files (x86)\Google\Update\1.3.21.135\psuser.dll
c:\program files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.135\GoogleUpdateSetup.exe
c:\program files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\26.0.1410.43\26.0.1410.43_25.0.1364.172_chrome_updater.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Google\Update\Install\{0F44905C-1FBA-4228-A778-11C45E60DB3D}\26.0.1410.43_25.0.1364.172_chrome_updater.exe
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-02-28 do 2013-03-31 )))))))))))))))))))))))))))))))
.
.
2013-03-31 11:01 . 2013-03-31 11:01 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-03-29 08:08 . 2013-03-15 06:28 9311288 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2F0EF777-00AC-4081-B486-6B5357FCCD12}\mpengine.dll
2013-03-29 07:34 . 2013-03-29 07:34 -------- d-----w- c:\users\michal\AppData\Roaming\Malwarebytes
2013-03-29 07:34 . 2013-03-29 07:34 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-03-29 07:34 . 2013-03-29 07:34 -------- d-----w- c:\programdata\Malwarebytes
2013-03-29 07:34 . 2012-12-14 15:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-28 17:11 . 2013-03-28 17:11 388096 ----a-r- c:\users\michal\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-03-28 17:11 . 2013-03-28 17:11 -------- d-----w- c:\program files (x86)\Trend Micro
2013-03-28 13:15 . 2013-03-28 13:15 405360 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-28 13:03 . 2013-03-28 13:03 -------- d-----w- c:\program files (x86)\GTA2
2013-03-28 13:03 . 1998-10-29 15:45 306688 ----a-w- c:\windows\IsUninst.exe
2013-03-14 16:56 . 2013-03-14 16:56 79 ----a-w- c:\windows\SysWow64\ssinstall-uninstall.bat
2013-03-14 16:56 . 2013-03-14 16:56 2317848 ----a-w- c:\windows\SysWow64\ssins.exe
2013-03-13 16:07 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-13 13:23 . 2013-03-06 23:33 178624 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-03-13 13:23 . 2013-03-06 23:33 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-03-13 02:01 . 2013-03-13 02:01 -------- d-----w- c:\program files\Microsoft Silverlight
2013-03-13 02:01 . 2013-03-13 02:01 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2013-03-09 17:43 . 2013-03-09 17:43 -------- d-----r- c:\users\michal\Podcasts
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-31 08:09 . 2012-12-25 19:55 291088 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-03-31 08:09 . 2012-12-25 19:17 291088 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-03-31 08:09 . 2012-12-25 19:17 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-03-13 02:02 . 2012-12-10 10:09 72013344 ----a-w- c:\windows\system32\MRT.exe
2013-03-06 23:33 . 2012-12-10 12:22 377920 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-03-06 23:33 . 2012-12-10 12:22 70992 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-03-06 23:33 . 2012-12-10 12:22 68920 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-03-06 23:33 . 2012-12-10 12:22 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-03-06 23:33 . 2012-12-10 12:22 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-03-06 23:33 . 2012-12-10 12:22 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-03-06 23:32 . 2012-12-10 12:22 41664 ----a-w- c:\windows\avastSS.scr
2013-03-06 23:32 . 2012-12-10 12:22 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-02-26 13:58 . 2012-12-25 19:17 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-02-26 08:48 . 2013-01-30 16:58 669184 ----a-w- c:\windows\SysWow64\pbsvc.exe
2013-02-12 05:45 . 2013-03-13 01:24 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-13 01:24 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-13 01:24 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-13 01:24 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-13 01:24 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-13 01:24 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-01-17 00:28 . 2010-11-21 03:27 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-13 21:17 . 2013-02-27 08:21 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 21:17 . 2013-02-27 08:21 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 21:16 . 2013-02-27 08:21 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 21:12 . 2013-02-27 08:21 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:11 . 2013-02-27 08:21 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 21:11 . 2013-02-27 08:21 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:11 . 2013-02-27 08:21 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 21:11 . 2013-02-27 08:21 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 21:11 . 2013-02-27 08:21 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:35 . 2013-02-27 08:21 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 20:35 . 2013-02-27 08:21 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 20:35 . 2013-02-27 08:21 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 20:32 . 2013-02-27 08:21 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 20:31 . 2013-02-27 08:21 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 08:21 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 08:21 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 20:31 . 2013-02-27 08:21 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 08:21 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 08:21 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-01-13 20:22 . 2013-02-27 08:21 1988096 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2013-01-13 20:20 . 2013-02-27 08:21 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2013-01-13 20:09 . 2013-02-27 08:21 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2013-01-13 20:08 . 2013-02-27 08:21 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2013-01-13 20:08 . 2013-02-27 08:21 1504768 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-01-13 19:59 . 2013-02-27 08:21 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-01-13 19:58 . 2013-02-27 08:21 1175552 ----a-w- c:\windows\system32\FntCache.dll
2013-01-13 19:54 . 2013-02-27 08:21 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2013-01-13 19:53 . 2013-02-27 08:21 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2013-01-13 19:53 . 2013-02-27 08:21 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2013-01-13 19:51 . 2013-02-27 08:21 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2013-01-13 19:49 . 2013-02-27 08:21 363008 ----a-w- c:\windows\system32\dxgi.dll
2013-01-13 19:48 . 2013-02-27 08:21 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2013-01-13 19:46 . 2013-02-27 08:21 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2013-01-13 19:43 . 2013-02-27 08:21 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-01-13 19:38 . 2013-02-27 08:21 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-01-13 19:38 . 2013-02-27 08:21 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-01-13 19:38 . 2013-02-27 08:21 296960 ----a-w- c:\windows\system32\d3d10core.dll
2013-01-13 19:37 . 2013-02-27 08:21 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2013-01-13 19:25 . 2013-02-27 08:21 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-01-13 19:24 . 2013-02-27 08:21 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2013-01-13 19:24 . 2013-02-27 08:21 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2013-01-13 19:20 . 2013-02-27 08:21 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2013-01-13 19:20 . 2013-02-27 08:21 1238528 ----a-w- c:\windows\system32\d3d10.dll
2013-01-13 19:15 . 2013-02-27 08:21 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-01-13 19:10 . 2013-02-27 08:21 3928064 ----a-w- c:\windows\system32\d2d1.dll
2013-01-13 19:02 . 2013-02-27 08:21 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-01-13 18:34 . 2013-02-27 08:21 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-01-13 18:32 . 2013-02-27 08:21 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-01-13 18:09 . 2013-02-27 08:21 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-01-13 17:26 . 2013-02-27 08:21 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2013-01-13 17:05 . 2013-02-27 08:21 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
2013-01-05 05:53 . 2013-02-13 11:59 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-05 05:00 . 2013-02-13 11:59 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-01-05 05:00 . 2013-02-13 11:59 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-01-04 06:11 . 2013-02-27 08:21 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2013-01-04 06:11 . 2013-02-27 08:21 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2013-01-04 05:46 . 2013-02-13 11:59 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-01-04 04:51 . 2013-02-13 11:59 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-01-04 04:43 . 2013-02-13 11:59 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-01-04 03:26 . 2013-02-13 11:59 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-01-04 02:47 . 2013-02-13 11:59 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-01-04 02:47 . 2013-02-13 11:59 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-01-04 02:47 . 2013-02-13 11:59 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-01-04 02:47 . 2013-02-13 11:59 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-01-03 12:01 . 2013-01-03 12:01 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2013-01-03 12:01 . 2013-01-03 12:01 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2013-01-03 12:01 . 2013-01-03 12:01 121880 ----a-w- c:\windows\system32\OpenAL32.dll
2013-01-03 12:01 . 2013-01-03 12:01 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2013-01-03 06:00 . 2013-02-13 11:59 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-01-03 06:00 . 2013-02-13 11:59 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2013-03-26 1631144]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2013-03-26 3497552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2011-02-10 61112]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2011-02-01 656920]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-03-06 4767304]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"seznam-listicka-distribuce"="c:\program files (x86)\Seznam.cz\distribution\szninstall.exe" [2012-09-13 1009288]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 aswVmm;aswVmm; [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-12-10 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 aswRvrt;aswRvrt; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-10 283200]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-02 89600]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-03-06 80816]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe [x]
S2 hcwD3bda_dvbt;Hauppauge MSi2500 DVBT Service;c:\windows\system32\hauppauge\hcwD3dvb\DVBT\DVBService.exe [2010-12-16 2641920]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-01-26 92216]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2011-02-01 1127448]
S2 ssinstall;SInstalátor;c:\windows\SysWOW64\ssins.exe [2013-03-14 2317848]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S3 hcwD3bda;Driver for WinTV DVB-T (Model 133xxx);c:\windows\system32\DRIVERS\hcwD3bda64.sys [2010-06-29 116352]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-05-16 533096]
S3 tihub3;TI USB3 Hub Service;c:\windows\system32\DRIVERS\tihub3.sys [2011-01-18 125552]
S3 tixhci;TI XHCI Service;c:\windows\system32\drivers\tixhci.sys [2011-02-22 382024]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-31 08:40 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.43\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-03-28 c:\windows\Tasks\HPCeeScheduleFormichal.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-03-06 23:32 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"="c:\program files\IDT\WDM\beats64.exe" [2010-10-21 37888]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-04-24 1425408]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/?clid=13415
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\michal\AppData\Roaming\Mozilla\Firefox\Profiles\biyqoay2.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - ExtSQL: 2013-03-13 14:23; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-ssinstall - c:\windows\system32\ssinstall-uninstall.bat
AddRemove-{E92D47A1-D27D-430A-8368-0BAFD956507D} - c:\program files (x86)\InstallShield Installation Information\{E92D47A1-D27D-430A-8368-0BAFD956507D}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\SysWOW64\ezSharedSvcHost.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2013-03-31 13:07:19 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-03-31 11:07
ComboFix2.txt 2013-03-30 17:58
.
Před spuštěním: Volných bajtů: 834 735 869 952
Po spuštění: Volných bajtů: 834 253 942 784
.
- - End Of File - - 779B5945332B12B5FBF36D8392875BB5