.exe přestal pracovat

[Geek3]

Zdravím, chci se zeptat jestli nevíte co zajišťuje proces xudumxnshby.exe
Vždy, když mám dlouho neaktivní myš, nebo klávesnici, tak mi vyskočí mi tabulka xudumxnshby.exe přestal pracovat. nebo nějaký podobně šílený název procesu. Nevíte někdo k čemu slouží, a jak se zbavit těchto vyskakovacích oken?
Tady je uložený log z HiJackThis: http://www.sendspace.com/file/miajj6

[Reklama]

[Žbeky]

Log dej SEM, ne na sendspace

[Geek3]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:21:36, on 11.6.2013
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\SRWare Iron\iron.exe
C:\Program Files (x86)\SRWare Iron\iron.exe
C:\Program Files (x86)\SRWare Iron\iron.exe
C:\Program Files (x86)\SRWare Iron\iron.exe
C:\Program Files (x86)\SRWare Iron\iron.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Users\Janek\AppData\Roaming\OpenOffice.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Janek\AppData\Roaming\WebCake\WebCakeDesktop.exe
C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
C:\Program Files (x86)\ Pro Gaming Keyboard\traicon.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\Steganos Safe 12\fredirstarter.exe
C:\Program Files (x86)\Steganos Safe 12\SteganosHotKeyService.exe
C:\Program Files (x86)\SRWare Iron\iron.exe
C:\Program Files (x86)\SRWare Iron\iron.exe
C:\Program Files (x86)\DisplayFusion\DisplayFusionAppHook.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Program Files (x86)\Origin\OriginClientService.exe
C:\Program Files (x86)\SRWare Iron\iron.exe
C:\Program Files (x86)\SRWare Iron\iron.exe
C:\Program Files (x86)\SRWare Iron\iron.exe
C:\Program Files (x86)\SRWare Iron\iron.exe
C:\Program Files (x86)\SRWare Iron\iron.exe
C:\Users\Janek\Downloads\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com/?f=1&a=co ... 557705&ir=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com/?f=1&a=co ... 557705&ir=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: WebCake Layers - {2A5A2A90-3B30-4E6E-A955-2F232C6EF517} - C:\Program Files (x86)\WebCake\WebCakeIEClient.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: mysearchdial Helper Object - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - C:\PROGRA~2\MYSEAR~1\bh\mysearchdial.dll
O3 - Toolbar: mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\PROGRA~2\MYSEAR~1\mysearchdialTlbr.dll
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SAFE12 File Redirection Starter] "C:\Program Files (x86)\Steganos Safe 12\fredirstarter.exe"
O4 - HKLM\..\Run: [SAFE12 HotKeys] "C:\Program Files (x86)\Steganos Safe 12\SteganosHotKeyService.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [DisplayFusion] "C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe"
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKCU\..\Run: [OpenOffice] C:\Users\Janek\AppData\Roaming\OpenOffice.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [WebCake Desktop] "C:\Users\Janek\AppData\Roaming\WebCake\WebCakeDesktop.exe"
O4 - HKCU\..\Run: [Keyboard Inf.] C:\Users\Janek\AppData\Roaming\Adobe\msdn.exe
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
O4 - Startup: Logitech . Registrace produktu.lnk = C:\Program Files\Logitech Gaming Software\EReg\eReg.exe
O4 - Global Startup: Pro Gaming Keyboard.lnk = C:\Program Files (x86)\ Pro Gaming Keyboard\traicon.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Spustit klienta k monitoru &1 - C:\WINDOWS\web\AOpenClient.htm
O8 - Extra context menu item: Spustit klienta k monitoru &2 - C:\WINDOWS\web\AOpenClient.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: BitRaider Mini-Support Service (BRSptSvc) - BitRaider, LLC - C:\programdata\bitraider\BRSptSvc.exe
O23 - Service: Desura Install Service - Desura Pty Ltd - C:\Program Files (x86)\Common Files\Desura\desura_service.exe
O23 - Service: DisplayFusionService - Binary Fortress Software - C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: WebCake Desktop Updater - WebCake LLC - C:\Program Files (x86)\WebCake\WebCakeDesktop.Updater.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11091 bytes

[memphisto]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

[Geek3]

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
http://www.malwarebytes.org

Verze: v2013.06.11.07

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16580
Janek :: ****** [administrátor]

Ochrana: Povolena

11.6.2013 20:47:41
MBAM-log-2013-06-11 (20-53-24).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 250859
Uplynulý čas: 5 minut, 14 sekund

Nalezené procesy v paměti: 2
C:\Users\Janek\AppData\Roaming\OpenOffice.exe (Trojan.BitcoinMiner) -> 8200 -> Nebyla provedena žádná instrukce.
C:\Users\Janek\AppData\Roaming\Adobe\msdn.exe (Trojan.Agent) -> 8420 -> Nebyla provedena žádná instrukce.

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|OpenOffice (Trojan.BitcoinMiner) -> Data: C:\Users\Janek\AppData\Roaming\OpenOffice.exe -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Keyboard Inf. (Trojan.Agent) -> Data: C:\Users\Janek\AppData\Roaming\Adobe\msdn.exe -> Nebyla provedena žádná instrukce.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 5
C:\Users\Janek\AppData\Roaming\OpenOffice.exe (Trojan.BitcoinMiner) -> Nebyla provedena žádná instrukce.
C:\Users\Janek\AppData\Roaming\Adobe\msdn.exe (Trojan.Agent) -> Nebyla provedena žádná instrukce.
C:\Users\Janek\AppData\Roaming\Miner\c.exe (Trojan.BitcoinMiner) -> Nebyla provedena žádná instrukce.
C:\Users\Janek\AppData\Roaming\Miner\gc.exe (Trojan.BitcoinMiner) -> Nebyla provedena žádná instrukce.
C:\Users\Janek\AppData\Roaming\Miner\o.exe (Trojan.BitcoinMiner) -> Nebyla provedena žádná instrukce.

(konec)

[Geek3]

# AdwCleaner v2.303 - Log vytvooen 11/06/2013 v 20:55:31
# Aktualizováno 08/06/2013 Xplode
# Operaení systém : Windows 8 Pro (64 bits)
# Uživatel : Janek - *******
# Spuštin systém : Normální
# Spuštino z : C:\Users\Janek\Downloads\adwcleaner.exe
# Volba [Prohledat]


***** [Služby] *****

Nalezeno : WebCake Desktop Updater

***** [Soubory / Složky] *****

Složka Nalezeno : C:\Program Files (x86)\Mysearchdial
Složka Nalezeno : C:\Program Files (x86)\WebCake
Složka Nalezeno : C:\ProgramData\Ask
Složka Nalezeno : C:\ProgramData\Tarma Installer
Složka Nalezeno : C:\Users\Janek\AppData\Local\PackageAware
Složka Nalezeno : C:\Users\Janek\AppData\Local\PutLockerDownloader
Složka Nalezeno : C:\Users\Janek\AppData\Roaming\WebCake
Soubor Nalezeno : C:\Users\Janek\AppData\Local\mysearchdial.crx

***** [Registry] *****

Hodnota Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [WebCake Desktop]
Hodnota Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{3004627E-F8E9-4E8B-909D-316753CBA923}]
Klíe Nalezeno : HKCU\Software\1ClickDownload
Klíe Nalezeno : HKCU\Software\APN PIP
Klíe Nalezeno : HKCU\Software\InstallCore
Klíe Nalezeno : HKCU\Software\mysearchdial
Klíe Nalezeno : HKCU\Software\PIP
Klíe Nalezeno : HKCU\Software\Softonic
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\WebCakeIEClient.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\escort.escortIEPane
Klíe Nalezeno : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc
Klíe Nalezeno : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore
Klíe Nalezeno : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd
Klíe Nalezeno : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr
Klíe Nalezeno : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api
Klíe Nalezeno : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers
Klíe Nalezeno : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers.1
Klíe Nalezeno : HKLM\Software\InstallCore
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Klíe Nalezeno : HKLM\Software\PIP
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82E74373-58AB-47EB-B0F0-A1D82BB8EB5C}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Klíe Nalezeno : HKLM\SOFTWARE\Tarma Installer

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v10.0.9200.16537

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.mysearchdial.com/?f=1&a=co ... 557705&ir=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://start.mysearchdial.com/?f=2&a=co ... 557705&ir=
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.mysearchdial.com/?f=1&a=co ... 557705&ir=
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.mysearchdial.com/?f=1&a=co ... 557705&ir=

-\\ Google Chrome v24.0.1312.57

Soubor : C:\Users\Janek\AppData\Local\Google\Chrome\User Data\Default\Preferences

Nalezeno [l.18] : urls_to_restore_on_startup = [ "hxxp://iron-start.com/", "hxxp://search.babylon.com/?affID=112555&tt=220512_53all&babsrc=HP_ss&mntrId=4697f30b0000000000002225d36a6722", "hxxp://www.google.com" ]
Nalezeno [l.55] : search_url = "hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=coolmsd&cd=2XzuyEtN2Y1L1Qzu0CzztA0AtAyD0CtA0C0F0DyC0CtD0BtCtN0D0Tzu0CyDtCtBtN1L2XzutBtFtBtFtCtFyDyByEtN1L1Czu1R1F1F1I1H1B1Q&cr=1170557705&ir=",
Nalezeno [l.1883] : homepage = "hxxp://start.mysearchdial.com/?f=1&a=coolmsd&cd=2XzuyEtN2Y1L1Qzu0CzztA0AtAyD0CtA0C0F0DyC0CtD0BtCtN0D0Tzu0CyDtCtBtN1L2XzutBtFtBtFtCtFyDyByEtN1L1Czu1R1F1F1I1H1B1Q&cr=1170557705&ir=",
Nalezeno [l.2337] : urls_to_restore_on_startup = [ "hxxp://start.mysearchdial.com/?f=1&a=coolmsd&cd=2XzuyEtN2Y1L1Qzu0CzztA0AtAyD0CtA0C0F0DyC0CtD0BtCtN0D0Tzu0CyDtCtBtN1L2XzutBtFtBtFtCtFyDyByEtN1L1Czu1R1F1F1I1H1B1Q&cr=1170557705&ir=", "hxxp://iron-start.com/", "hxxp://search.babylon.com/?affID=112555&tt=220512_53all&babsrc=HP_ss&mntrId=4697f30b0000000000002225d36a6722", "hxxp://www.google.com" ]

-\\ Chromium v27.0.1500.0

Soubor : C:\Users\Janek\AppData\Local\Chromium\User Data\Default\Preferences

Nalezeno [l.3155] : urls_to_restore_on_startup = [ "hxxp://iron-start.com/", "hxxp://search.babylon.com/?affID=112555&tt=220512_53all&babsrc=HP_ss&mntrId=4697f30b0000000000002225d36a6722", "hxxp://www.google.com", "hxxp://home.torchbrowser.com/?systemid=448&appid=223&ua=Torch&clid={2096C2D2-E25C-4F23-829B-92088E278B74}", "hxxp://start.mysearchdial.com/?f=1&a=coolmsd&cd=2XzuyEtN2Y1L1Qzu0CzztA0AtAyD0CtA0C0F0DyC0CtD0BtCtN0D0Tzu0CyDtCtBtN1L2XzutBtFtBtFtCtFyDyByEtN1L1Czu1R1F1F1I1H1B1Q&cr=1170557705&ir=" ]

-\\ Opera v12.15.1748.0

Soubor : C:\Users\Janek\AppData\Roaming\Opera\Opera\operaprefs.ini

Nalezeno : Home URL=hxxp://start.mysearchdial.com/?f=1&a=coolmsd&cd=2XzuyEtN2Y1L1Qzu0CzztA0AtAyD0CtA0C0F0DyC0Ct[...]

*************************

AdwCleaner[R1].txt - [8592 octets] - [11/06/2013 20:55:31]

########## EOF - C:\AdwCleaner[R1].txt - [8652 octets] ##########

[memphisto]

V Mbam i adw nech vše smazat a dodej logy po mazání

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[Geek3]

RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.geekstogo.com/forum/files/fi ... guekiller/
Webové stránky : http://tigzy.geekstogo.com/roguekiller.php
: http://tigzyrk.blogspot.com/

Operační systém : Windows 8 (6.2.9200 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : Janek [Práva správce]
Mód : Kontrola -- Datum : 06/11/2013 21:08:03
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 3 ¤¤¤
[SUSP PATH] OpenOffice.exe -- C:\Users\Janek\AppData\Roaming\OpenOffice.exe [-] -> SMAZÁNO [TermProc]
[SUSP PATH] WebCakeDesktop.exe -- C:\Users\Janek\AppData\Roaming\WebCake\WebCakeDesktop.exe [7] -> SMAZÁNO [TermProc]
[SUSP PATH] msdn.exe -- C:\Users\Janek\AppData\Roaming\Adobe\msdn.exe [-] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 8 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : OpenOffice (C:\Users\Janek\AppData\Roaming\OpenOffice.exe) [-] -> NALEZENO
[RUN][SUSP PATH] HKCU\[...]\Run : WebCake Desktop ("C:\Users\Janek\AppData\Roaming\WebCake\WebCakeDesktop.exe") [7] -> NALEZENO
[RUN][SUSP PATH] HKCU\[...]\Run : Keyboard Inf. (C:\Users\Janek\AppData\Roaming\Adobe\msdn.exe) [-] -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-1741324202-377699157-2253236565-1000[...]\Run : OpenOffice (C:\Users\Janek\AppData\Roaming\OpenOffice.exe) [-] -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-1741324202-377699157-2253236565-1000[...]\Run : WebCake Desktop ("C:\Users\Janek\AppData\Roaming\WebCake\WebCakeDesktop.exe") [7] -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-1741324202-377699157-2253236565-1000[...]\Run : Keyboard Inf. (C:\Users\Janek\AppData\Roaming\Adobe\msdn.exe) [-] -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO] ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts



¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST3500418AS ATA Device +++++
--- User ---
[MBR] 83e555a8f5edbbbc7a506a647477dd5c
[BSP] 5a76b5e6ef0c7fbfe1f7a34e73c561d6 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: ST3250410AS ATA Device +++++
--- User ---
[MBR] ce63de115f2797b8df04ea2d68dbb8e0
[BSP] 0dec24d31bbf9f86bc4d4ba91f4cfc03 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 238464 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[1]_S_06112013_02d2108.txt >>
RKreport[1]_S_06112013_02d2108.txt

[jaro3]

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Vymazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.

[Geek3]

# AdwCleaner v2.303 - Log vytvooen 11/06/2013 v 22:56:38
# Aktualizováno 08/06/2013 Xplode
# Operaení systém : Windows 8 Pro (64 bits)
# Uživatel : Janek - TOTALHARDCOREPC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Janek\Downloads\adwcleaner.exe
# Volba [Vymazat]


***** [Služby] *****

Zastaveno & vymazáno : WebCake Desktop Updater

***** [Soubory / Složky] *****

Složka Vymazáno : C:\Program Files (x86)\Mysearchdial
Složka Vymazáno : C:\Program Files (x86)\WebCake
Složka Vymazáno : C:\ProgramData\Ask
Složka Vymazáno : C:\ProgramData\Tarma Installer
Složka Vymazáno : C:\Users\Janek\AppData\Local\PackageAware
Složka Vymazáno : C:\Users\Janek\AppData\Local\PutLockerDownloader
Složka Vymazáno : C:\Users\Janek\AppData\Roaming\WebCake
Soubor Vymazáno : C:\Users\Janek\AppData\Local\mysearchdial.crx

***** [Registry] *****

Hodnota Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [WebCake Desktop]
Hodnota Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{3004627E-F8E9-4E8B-909D-316753CBA923}]
Klíe Vymazáno : HKCU\Software\1ClickDownload
Klíe Vymazáno : HKCU\Software\APN PIP
Klíe Vymazáno : HKCU\Software\InstallCore
Klíe Vymazáno : HKCU\Software\mysearchdial
Klíe Vymazáno : HKCU\Software\PIP
Klíe Vymazáno : HKCU\Software\Softonic
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\WebCakeIEClient.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\escort.escortIEPane
Klíe Vymazáno : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc
Klíe Vymazáno : HKLM\SOFTWARE\Classes\esrv.mysearchdialESrvc.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore
Klíe Vymazáno : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd
Klíe Vymazáno : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr
Klíe Vymazáno : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api
Klíe Vymazáno : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers
Klíe Vymazáno : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers.1
Klíe Vymazáno : HKLM\Software\InstallCore
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Klíe Vymazáno : HKLM\Software\PIP
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82E74373-58AB-47EB-B0F0-A1D82BB8EB5C}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Klíe Vymazáno : HKLM\SOFTWARE\Tarma Installer

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v10.0.9200.16537

Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.mysearchdial.com/?f=1&a=co ... 557705&ir= --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://start.mysearchdial.com/?f=2&a=co ... 557705&ir= --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.mysearchdial.com/?f=1&a=co ... 557705&ir= --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://start.mysearchdial.com/?f=1&a=co ... 557705&ir= --> hxxp://www.google.com

-\\ Google Chrome v24.0.1312.57

Soubor : C:\Users\Janek\AppData\Local\Google\Chrome\User Data\Default\Preferences

Vymazáno [l.18] : urls_to_restore_on_startup = [ "hxxp://iron-start.com/", "hxxp://search.babylon.com/?affID[...]
Vymazáno [l.55] : search_url = "hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=coolmsd&cd=2Xzu[...]
Vymazáno [l.1883] : homepage = "hxxp://start.mysearchdial.com/?f=1&a=coolmsd&cd=2XzuyEtN2Y1L1Qzu0CzztA0AtAyD0CtA0C0F[...]
Vymazáno [l.2337] : urls_to_restore_on_startup = [ "hxxp://start.mysearchdial.com/?f=1&a=coolmsd&cd=2XzuyEtN2Y1L1[...]

-\\ Chromium v27.0.1500.0

Soubor : C:\Users\Janek\AppData\Local\Chromium\User Data\Default\Preferences

Vymazáno [l.3153] : urls_to_restore_on_startup = [ "hxxp://iron-start.com/", "hxxp://search.babylon.com/?affID=11[...]

-\\ Opera v12.15.1748.0

Soubor : C:\Users\Janek\AppData\Roaming\Opera\Opera\operaprefs.ini

Vymazáno : Home URL=hxxp://start.mysearchdial.com/?f=1&a=coolmsd&cd=2XzuyEtN2Y1L1Qzu0CzztA0AtAyD0CtA0C0F0DyC0Ct[...]

*************************

AdwCleaner[R1].txt - [8713 octets] - [11/06/2013 20:55:31]
AdwCleaner[S1].txt - [7832 octets] - [11/06/2013 22:56:38]

########## EOF - C:\AdwCleaner[S1].txt - [7892 octets] ##########

[Geek3]

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.06.11.07

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16580
Janek :: ***** [administrátor]

Ochrana: Zakázána

11.6.2013 23:02:44
mbam-log-2013-06-11 (23-02-44).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 250464
Uplynulý čas: 4 minut, 8 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 3
C:\Users\Janek\AppData\Roaming\Miner\c.exe (Trojan.BitcoinMiner) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Janek\AppData\Roaming\Miner\gc.exe (Trojan.BitcoinMiner) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Janek\AppData\Roaming\Miner\o.exe (Trojan.BitcoinMiner) -> Přesun do karantény a smazání se zdařilo.

(konec)

[Geek3]

23:11:38.0184 5732 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
23:11:38.0863 5732 ============================================================
23:11:38.0863 5732 Current date / time: 2013/06/11 23:11:38.0863
23:11:38.0863 5732 SystemInfo:
23:11:38.0863 5732
23:11:38.0863 5732 OS Version: 6.2.9200 ServicePack: 0.0
23:11:38.0863 5732 Product type: Workstation
23:11:38.0863 5732 ComputerName: ******
23:11:38.0864 5732 UserName: Janek
23:11:38.0864 5732 Windows directory: C:\WINDOWS
23:11:38.0864 5732 System windows directory: C:\WINDOWS
23:11:38.0864 5732 Running under WOW64
23:11:38.0864 5732 Processor architecture: Intel x64
23:11:38.0864 5732 Number of processors: 2
23:11:38.0864 5732 Page size: 0x1000
23:11:38.0864 5732 Boot type: Normal boot
23:11:38.0864 5732 ============================================================
23:11:39.0321 5732 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:11:39.0332 5732 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:11:39.0337 5732 ============================================================
23:11:39.0337 5732 \Device\Harddisk0\DR0:
23:11:39.0337 5732 MBR partitions:
23:11:39.0337 5732 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:11:39.0337 5732 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
23:11:39.0337 5732 \Device\Harddisk1\DR1:
23:11:39.0337 5732 MBR partitions:
23:11:39.0337 5732 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C0681
23:11:39.0338 5732 ============================================================
23:11:39.0347 5732 C: <-> \Device\Harddisk0\DR0\Partition2
23:11:39.0353 5732 D: <-> \Device\Harddisk1\DR1\Partition1
23:11:39.0353 5732 ============================================================
23:11:39.0353 5732 Initialize success
23:11:39.0353 5732 ============================================================
23:11:41.0948 1948 ============================================================
23:11:41.0948 1948 Scan started
23:11:41.0948 1948 Mode: Manual;
23:11:41.0948 1948 ============================================================
23:11:42.0862 1948 ================ Scan system memory ========================
23:11:42.0862 1948 System memory - ok
23:11:42.0862 1948 ================ Scan services =============================
23:11:42.0968 1948 [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
23:11:42.0971 1948 1394ohci - ok
23:11:42.0986 1948 [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
23:11:42.0997 1948 3ware - ok
23:11:43.0020 1948 [ 975AABEB243B800C23626D6B652C5A9C ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
23:11:43.0024 1948 ACPI - ok
23:11:43.0035 1948 [ DC968C37822117E576B933F34A2D130C ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
23:11:43.0037 1948 acpiex - ok
23:11:43.0053 1948 [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
23:11:43.0054 1948 acpipagr - ok
23:11:43.0059 1948 [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
23:11:43.0060 1948 AcpiPmi - ok
23:11:43.0074 1948 [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
23:11:43.0075 1948 acpitime - ok
23:11:43.0133 1948 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:11:43.0134 1948 AdobeARMservice - ok
23:11:43.0235 1948 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:11:43.0269 1948 AdobeFlashPlayerUpdateSvc - ok
23:11:43.0318 1948 [ 93C6388592B99925C1D1576E465BC80F ] adp94xx C:\WINDOWS\system32\drivers\adp94xx.sys
23:11:43.0324 1948 adp94xx - ok
23:11:43.0346 1948 [ D27763E0247292654E7F7D16444C7C72 ] adpahci C:\WINDOWS\system32\drivers\adpahci.sys
23:11:43.0349 1948 adpahci - ok
23:11:43.0365 1948 [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320 C:\WINDOWS\system32\drivers\adpu320.sys
23:11:43.0367 1948 adpu320 - ok
23:11:43.0400 1948 [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
23:11:43.0401 1948 AeLookupSvc - ok
23:11:43.0446 1948 [ 36D6A3201721558A8AFBCC09C2DA4C2C ] AFD C:\WINDOWS\system32\drivers\afd.sys
23:11:43.0452 1948 AFD - ok
23:11:43.0470 1948 [ 01590377A5AB19E792528C628A2A68F9 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
23:11:43.0472 1948 agp440 - ok
23:11:43.0503 1948 [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG C:\WINDOWS\System32\alg.exe
23:11:43.0513 1948 ALG - ok
23:11:43.0548 1948 [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\WINDOWS\system32\AUInstallAgent.dll
23:11:43.0556 1948 AllUserInstallAgent - ok
23:11:43.0579 1948 [ 310F86335B0505DDC6D2DD48E66EF06B ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
23:11:43.0582 1948 AMD External Events Utility - ok
23:11:43.0610 1948 [ 5A81054B824004B1ECC04F0034A1CDF9 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
23:11:43.0613 1948 AmdK8 - ok
23:11:43.0630 1948 [ 99DA2A5AF036F792CE0FFE3C1B2223BD ] amdkmafd C:\WINDOWS\system32\drivers\amdkmafd.sys
23:11:43.0632 1948 amdkmafd - ok
23:11:43.0999 1948 [ 79CC9BE187E3144E1B58A54B842475E7 ] amdkmdag C:\WINDOWS\system32\DRIVERS\atikmdag.sys
23:11:44.0147 1948 amdkmdag - ok
23:11:44.0208 1948 [ 07561D3B7FD99F6E186C49C2D0628E38 ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys
23:11:44.0228 1948 amdkmdap - ok
23:11:44.0251 1948 [ B849D453E644FAB9BC8EF6DC8CA9C4C6 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
23:11:44.0253 1948 AmdPPM - ok
23:11:44.0274 1948 [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
23:11:44.0276 1948 amdsata - ok
23:11:44.0304 1948 [ 00452671904F5EE94B50BF0219C97164 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
23:11:44.0318 1948 amdsbs - ok
23:11:44.0337 1948 [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
23:11:44.0338 1948 amdxata - ok
23:11:44.0377 1948 [ 823F34D1DEF120A657BB7529ABF4461F ] AppHostSvc C:\WINDOWS\system32\inetsrv\apphostsvc.dll
23:11:44.0378 1948 AppHostSvc - ok
23:11:44.0396 1948 [ 83B3682CE922FB0F415734B26D9D6233 ] AppID C:\WINDOWS\system32\drivers\appid.sys
23:11:44.0398 1948 AppID - ok
23:11:44.0423 1948 [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
23:11:44.0425 1948 AppIDSvc - ok
23:11:44.0452 1948 [ 4F750B7EFCB6520AE01E01D082D7D476 ] Appinfo C:\WINDOWS\System32\appinfo.dll
23:11:44.0453 1948 Appinfo - ok
23:11:44.0472 1948 [ 2D14788C5D0836292BEB27BBE109BE56 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
23:11:44.0474 1948 AppMgmt - ok
23:11:44.0493 1948 [ E933401B392387F4BE34DE8BAF1722A7 ] arc C:\WINDOWS\system32\drivers\arc.sys
23:11:44.0495 1948 arc - ok
23:11:44.0506 1948 [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
23:11:44.0508 1948 arcsas - ok
23:11:44.0583 1948 [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:11:44.0599 1948 aspnet_state - ok
23:11:44.0604 1948 [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
23:11:44.0606 1948 AsyncMac - ok
23:11:44.0619 1948 [ A721FF570C2387E383BDDEA9632863C9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
23:11:44.0619 1948 atapi - ok
23:11:44.0646 1948 [ 005D1AA28FFAA7FB327842B3CAFF726E ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdW86.sys
23:11:44.0648 1948 AtiHDAudioService - ok
23:11:44.0678 1948 [ BCD7A47EF587DC00DD61D12D9C2D1E44 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
23:11:44.0694 1948 AudioEndpointBuilder - ok
23:11:44.0727 1948 [ 810F30FF8490ED5ED510621DF10DE320 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
23:11:44.0735 1948 Audiosrv - ok
23:11:44.0763 1948 [ 58D7FAF5C81ECEFFD2EDEDA9C2619D82 ] Avgboota C:\WINDOWS\system32\DRIVERS\avgboota.sys
23:11:44.0764 1948 Avgboota - ok
23:11:44.0785 1948 [ 3D1FFAA3358CA0D8A298DEA8BECFC468 ] Avgfwfd C:\WINDOWS\system32\DRIVERS\avgfwd6a.sys
23:11:44.0787 1948 Avgfwfd - ok
23:11:44.0839 1948 [ D0BE22C910E46550C6308D50DDA76B94 ] avgfws C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
23:11:44.0865 1948 avgfws - ok
23:11:44.0961 1948 [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
23:11:45.0038 1948 AVGIDSAgent - ok
23:11:45.0060 1948 [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver C:\WINDOWS\system32\DRIVERS\avgidsdrivera.sys
23:11:45.0062 1948 AVGIDSDriver - ok
23:11:45.0075 1948 [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA C:\WINDOWS\system32\DRIVERS\avgidsha.sys
23:11:45.0076 1948 AVGIDSHA - ok
23:11:45.0091 1948 [ 5989592A91A17587799792A81E1541D4 ] Avgldx64 C:\WINDOWS\system32\DRIVERS\avgldx64.sys
23:11:45.0093 1948 Avgldx64 - ok
23:11:45.0101 1948 [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga C:\WINDOWS\system32\DRIVERS\avgloga.sys
23:11:45.0103 1948 Avgloga - ok
23:11:45.0119 1948 [ 841C40C193889730848849AC220D9242 ] Avgmfx64 C:\WINDOWS\system32\DRIVERS\avgmfx64.sys
23:11:45.0120 1948 Avgmfx64 - ok
23:11:45.0129 1948 [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64 C:\WINDOWS\system32\DRIVERS\avgrkx64.sys
23:11:45.0130 1948 Avgrkx64 - ok
23:11:45.0147 1948 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
23:11:45.0150 1948 avgwd - ok
23:11:45.0158 1948 [ 64A0A811F096834E8B85AB5009609D10 ] Avgwfpa C:\WINDOWS\system32\DRIVERS\avgwfpa.sys
23:11:45.0160 1948 Avgwfpa - ok
23:11:45.0180 1948 [ 89491EF71D5EA011127832C588002853 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
23:11:45.0182 1948 AxInstSV - ok
23:11:45.0210 1948 [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
23:11:45.0216 1948 b06bdrv - ok
23:11:45.0242 1948 [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
23:11:45.0244 1948 BasicDisplay - ok
23:11:45.0254 1948 [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
23:11:45.0256 1948 BasicRender - ok
23:11:45.0281 1948 [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
23:11:45.0295 1948 BDESVC - ok
23:11:45.0309 1948 [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
23:11:45.0310 1948 Beep - ok
23:11:45.0344 1948 [ 9E6A544F465C582AB42444A217CF04DC ] BFE C:\WINDOWS\System32\bfe.dll
23:11:45.0351 1948 BFE - ok
23:11:45.0382 1948 [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS C:\WINDOWS\System32\qmgr.dll
23:11:45.0566 1948 BITS - ok
23:11:45.0601 1948 [ B17AC10B47C7FCB44D22A1F06415840E ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
23:11:45.0607 1948 bowser - ok
23:11:45.0686 1948 [ 975398A3D2C1FEA73FC93931978DF354 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
23:11:45.0705 1948 BrokerInfrastructure - ok
23:11:45.0725 1948 [ 310068BDA80B1D55C36580FD8A873FAF ] Browser C:\WINDOWS\System32\browser.dll
23:11:45.0727 1948 Browser - ok
23:11:45.0781 1948 [ 867E6B589A5C4288FBBC9DF4B694D254 ] BRSptSvc C:\programdata\bitraider\BRSptSvc.exe
23:11:45.0790 1948 BRSptSvc - ok
23:11:45.0816 1948 [ F17DEEAC7D51D44CF1BFF8DD4F0A2B6D ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
23:11:45.0818 1948 BthAvrcpTg - ok
23:11:45.0847 1948 [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
23:11:45.0849 1948 BthHFEnum - ok
23:11:45.0870 1948 [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
23:11:45.0871 1948 bthhfhid - ok
23:11:45.0891 1948 [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
23:11:45.0893 1948 BTHMODEM - ok
23:11:45.0910 1948 [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv C:\WINDOWS\system32\bthserv.dll
23:11:45.0912 1948 bthserv - ok
23:11:45.0925 1948 [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
23:11:45.0927 1948 cdfs - ok
23:11:45.0947 1948 [ 339BFF85D788268752DA8C9644B188EE ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
23:11:45.0949 1948 cdrom - ok
23:11:45.0966 1948 [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
23:11:45.0969 1948 CertPropSvc - ok
23:11:45.0983 1948 [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass C:\WINDOWS\System32\drivers\circlass.sys
23:11:45.0984 1948 circlass - ok
23:11:46.0005 1948 [ 9905168708DB68849B879B5548F68AB3 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
23:11:46.0009 1948 CLFS - ok
23:11:46.0035 1948 [ 2DC8538A2260647484A6C921CA837313 ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
23:11:46.0036 1948 CmBatt - ok
23:11:46.0070 1948 [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
23:11:46.0075 1948 CNG - ok
23:11:46.0084 1948 [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
23:11:46.0085 1948 CompositeBus - ok
23:11:46.0090 1948 COMSysApp - ok
23:11:46.0097 1948 [ D9CB0782AF819548072AA45B70F8B22D ] condrv C:\WINDOWS\system32\drivers\condrv.sys
23:11:46.0098 1948 condrv - ok
23:11:46.0138 1948 [ F0E78B119D12BA81F163D48C0FF30B9A ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
23:11:46.0140 1948 CryptSvc - ok
23:11:46.0168 1948 [ F2C69C3D98249DE14D4B2832516D4FD5 ] CSC C:\WINDOWS\system32\drivers\csc.sys
23:11:46.0174 1948 CSC - ok
23:11:46.0212 1948 [ 22CCB6AFF617AAC6121DF6CDA5ABF3F4 ] CscService C:\WINDOWS\System32\cscsvc.dll
23:11:46.0220 1948 CscService - ok
23:11:46.0233 1948 [ C4D01BD86D6B207275FC143EEA951D75 ] dam C:\WINDOWS\system32\drivers\dam.sys
23:11:46.0235 1948 dam - ok
23:11:46.0266 1948 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
23:11:46.0275 1948 DcomLaunch - ok
23:11:46.0301 1948 [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
23:11:46.0305 1948 defragsvc - ok
23:11:46.0352 1948 [ 2B9A817DC1BDAD9CE5495099B6A7136A ] Desura Install Service C:\Program Files (x86)\Common Files\Desura\desura_service.exe
23:11:46.0355 1948 Desura Install Service - ok
23:11:46.0372 1948 [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
23:11:46.0376 1948 DeviceAssociationService - ok
23:11:46.0401 1948 [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
23:11:46.0415 1948 DeviceInstall - ok
23:11:46.0435 1948 [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
23:11:46.0440 1948 Dfsc - ok
23:11:46.0471 1948 [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
23:11:46.0475 1948 Dhcp - ok
23:11:46.0490 1948 [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache C:\WINDOWS\system32\drivers\discache.sys
23:11:46.0492 1948 discache - ok
23:11:46.0498 1948 [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk C:\WINDOWS\system32\drivers\disk.sys
23:11:46.0500 1948 disk - ok
23:11:46.0539 1948 [ F6738481FDF022102EAF2F80E63C4595 ] DisplayFusionService C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
23:11:46.0545 1948 DisplayFusionService - ok
23:11:46.0552 1948 [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
23:11:46.0553 1948 dmvsc - ok
23:11:46.0568 1948 [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
23:11:46.0580 1948 Dnscache - ok
23:11:46.0648 1948 [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc C:\WINDOWS\System32\dot3svc.dll
23:11:46.0652 1948 dot3svc - ok
23:11:46.0678 1948 [ 27069CFFF29B7F04F4B1BB10154BE52B ] dot4 C:\WINDOWS\system32\DRIVERS\Dot4.sys
23:11:46.0681 1948 dot4 - ok
23:11:46.0699 1948 [ 0BD906A79F9CE3013F7D9D0AC45F9F9D ] Dot4Print C:\WINDOWS\System32\drivers\Dot4Prt.sys
23:11:46.0701 1948 Dot4Print - ok
23:11:46.0726 1948 [ B7D595F2F464F7B628AD53F06547792C ] dot4usb C:\WINDOWS\system32\DRIVERS\dot4usb.sys
23:11:46.0728 1948 dot4usb - ok
23:11:46.0746 1948 [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS C:\WINDOWS\system32\dps.dll
23:11:46.0749 1948 DPS - ok
23:11:46.0774 1948 [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
23:11:46.0775 1948 drmkaud - ok
23:11:46.0793 1948 [ BF48F32EE248C3D371DA5DC93BBEADA7 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
23:11:46.0796 1948 DsmSvc - ok
23:11:46.0820 1948 [ 400582B09E0BB557D0EC28A945150EEB ] dtsoftbus01 C:\WINDOWS\System32\drivers\dtsoftbus01.sys
23:11:46.0823 1948 dtsoftbus01 - ok
23:11:46.0860 1948 [ 6D1B8A9A2C0BD4851D8AF1AB43E67AD9 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
23:11:46.0885 1948 DXGKrnl - ok
23:11:46.0900 1948 [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost C:\WINDOWS\System32\eapsvc.dll
23:11:46.0903 1948 Eaphost - ok
23:11:46.0965 1948 [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
23:11:47.0024 1948 ebdrv - ok
23:11:47.0054 1948 [ F702AB6181513303AB0FC8D59E52708B ] EFS C:\WINDOWS\System32\lsass.exe
23:11:47.0055 1948 EFS - ok
23:11:47.0079 1948 [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
23:11:47.0080 1948 EhStorClass - ok
23:11:47.0097 1948 [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
23:11:47.0100 1948 EhStorTcgDrv - ok
23:11:47.0113 1948 [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
23:11:47.0114 1948 ErrDev - ok
23:11:47.0159 1948 [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem C:\WINDOWS\system32\es.dll
23:11:47.0164 1948 EventSystem - ok
23:11:47.0183 1948 [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
23:11:47.0186 1948 exfat - ok
23:11:47.0219 1948 [ 60996602A7111FD2D086E803F33E4282 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
23:11:47.0221 1948 fastfat - ok
23:11:47.0248 1948 [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax C:\WINDOWS\system32\fxssvc.exe
23:11:47.0255 1948 Fax - ok
23:11:47.0275 1948 [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
23:11:47.0277 1948 fdc - ok
23:11:47.0294 1948 [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost C:\WINDOWS\system32\fdPHost.dll
23:11:47.0296 1948 fdPHost - ok
23:11:47.0308 1948 [ 872506AAB591E8908DF4461475AF92DF ] FDResPub C:\WINDOWS\system32\fdrespub.dll
23:11:47.0311 1948 FDResPub - ok
23:11:47.0328 1948 [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
23:11:47.0340 1948 fhsvc - ok
23:11:47.0354 1948 [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
23:11:47.0355 1948 FileInfo - ok
23:11:47.0371 1948 [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
23:11:47.0373 1948 Filetrace - ok
23:11:47.0388 1948 [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
23:11:47.0390 1948 flpydisk - ok
23:11:47.0413 1948 [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
23:11:47.0417 1948 FltMgr - ok
23:11:47.0458 1948 [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache C:\WINDOWS\system32\FntCache.dll
23:11:47.0483 1948 FontCache - ok
23:11:47.0531 1948 [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:11:47.0534 1948 FontCache3.0.0.0 - ok
23:11:47.0539 1948 [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
23:11:47.0541 1948 FsDepends - ok
23:11:47.0571 1948 [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:11:47.0571 1948 Fs_Rec - ok
23:11:47.0598 1948 [ FA228F4BB10DC7ED7E7D131C034E2331 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
23:11:47.0603 1948 fvevol - ok
23:11:47.0616 1948 [ A969D92973DFA895E7776B4BFE36DBB2 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
23:11:47.0617 1948 FxPPM - ok
23:11:47.0636 1948 [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
23:11:47.0638 1948 gagp30kx - ok
23:11:47.0659 1948 [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
23:11:47.0661 1948 gencounter - ok
23:11:47.0675 1948 [ CA18ECFCFFDD638ECE80799A9056B238 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
23:11:47.0678 1948 GPIOClx0101 - ok
23:11:47.0718 1948 [ 5358678C6370F2ADC5291849F6503262 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
23:11:47.0744 1948 gpsvc - ok
23:11:47.0765 1948 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\WINDOWS\system32\DRIVERS\hamachi.sys
23:11:47.0767 1948 hamachi - ok
23:11:47.0785 1948 [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
23:11:47.0787 1948 HDAudBus - ok
23:11:47.0815 1948 [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
23:11:47.0817 1948 HidBatt - ok
23:11:47.0842 1948 [ 085F150D002B7F0153D3C06DDF33A143 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
23:11:47.0844 1948 HidBth - ok
23:11:47.0863 1948 [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
23:11:47.0864 1948 hidi2c - ok
23:11:47.0881 1948 [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
23:11:47.0883 1948 HidIr - ok
23:11:47.0903 1948 [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv C:\WINDOWS\system32\hidserv.dll
23:11:47.0905 1948 hidserv - ok
23:11:47.0914 1948 [ 9E11EE0F2E117B2D5A835B2B91752827 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
23:11:47.0915 1948 HidUsb - ok
23:11:47.0931 1948 [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
23:11:47.0934 1948 hkmsvc - ok
23:11:47.0963 1948 [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
23:11:47.0976 1948 HomeGroupListener - ok
23:11:48.0001 1948 [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
23:11:48.0006 1948 HomeGroupProvider - ok
23:11:48.0018 1948 [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
23:11:48.0020 1948 HpSAMD - ok
23:11:48.0052 1948 [ F4A91D985EB9D1D2717D538F3424603C ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
23:11:48.0060 1948 HTTP - ok
23:11:48.0071 1948 [ 2A98301068801700906C06649860FE94 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
23:11:48.0072 1948 hwpolicy - ok
23:11:48.0092 1948 [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
23:11:48.0093 1948 hyperkbd - ok
23:11:48.0112 1948 [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
23:11:48.0114 1948 HyperVideo - ok
23:11:48.0128 1948 [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
23:11:48.0130 1948 i8042prt - ok
23:11:48.0148 1948 [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
23:11:48.0153 1948 iaStorV - ok
23:11:48.0191 1948 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
23:11:48.0194 1948 IDriverT - ok
23:11:48.0217 1948 [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp C:\WINDOWS\system32\drivers\iirsp.sys
23:11:48.0218 1948 iirsp - ok
23:11:48.0253 1948 [ 531B5A98145DA689741A0AC18F14EA94 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
23:11:48.0271 1948 IKEEXT - ok
23:11:48.0328 1948 [ E8017F1662D9142F45CEAB694D013C00 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
23:11:48.0358 1948 IntcAzAudAddService - ok
23:11:48.0369 1948 [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
23:11:48.0370 1948 intelide - ok
23:11:48.0400 1948 [ E15CDF68DD73423F15D4AC404793AF0D ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
23:11:48.0402 1948 intelppm - ok
23:11:48.0422 1948 [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:11:48.0424 1948 IpFilterDriver - ok
23:11:48.0464 1948 [ C217B8D2E58C57A319B16125C3D4B69C ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
23:11:48.0472 1948 iphlpsvc - ok
23:11:48.0489 1948 [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
23:11:48.0491 1948 IPMIDRV - ok
23:11:48.0513 1948 [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
23:11:48.0516 1948 IPNAT - ok
23:11:48.0529 1948 [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
23:11:48.0531 1948 IRENUM - ok
23:11:48.0544 1948 [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
23:11:48.0546 1948 isapnp - ok
23:11:48.0603 1948 [ 69C8BF0BC2B0EA10F130F4D3104DC2EF ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
23:11:48.0611 1948 iScsiPrt - ok
23:11:48.0628 1948 [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
23:11:48.0630 1948 kbdclass - ok
23:11:48.0640 1948 [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
23:11:48.0641 1948 kbdhid - ok
23:11:48.0654 1948 [ FB6C185092E18011EF49989425C2AA87 ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
23:11:48.0655 1948 kdnic - ok
23:11:48.0668 1948 [ F702AB6181513303AB0FC8D59E52708B ] KeyIso C:\WINDOWS\system32\lsass.exe
23:11:48.0670 1948 KeyIso - ok
23:11:48.0693 1948 [ DFA480F6DED551464F3A5B959F437800 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
23:11:48.0695 1948 KSecDD - ok
23:11:48.0719 1948 [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
23:11:48.0722 1948 KSecPkg - ok
23:11:48.0734 1948 [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
23:11:48.0735 1948 ksthunk - ok
23:11:48.0759 1948 [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
23:11:48.0765 1948 KtmRm - ok
23:11:48.0788 1948 [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
23:11:48.0793 1948 LanmanServer - ok
23:11:48.0815 1948 [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
23:11:48.0818 1948 LanmanWorkstation - ok
23:11:48.0843 1948 [ F7205E939F50B1C8D16F895916BE6756 ] LGSHidFilt C:\WINDOWS\System32\drivers\LGSHidFilt.Sys
23:11:48.0845 1948 LGSHidFilt - ok
23:11:48.0863 1948 [ CEEFD29FC551F289810B0B9381B321DC ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
23:11:48.0864 1948 lltdio - ok
23:11:48.0885 1948 [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
23:11:48.0888 1948 lltdsvc - ok
23:11:48.0907 1948 [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
23:11:48.0909 1948 lmhosts - ok
23:11:48.0932 1948 [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
23:11:48.0935 1948 LSI_SAS - ok
23:11:48.0949 1948 [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
23:11:48.0951 1948 LSI_SAS2 - ok
23:11:48.0970 1948 [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI C:\WINDOWS\system32\drivers\lsi_scsi.sys
23:11:48.0973 1948 LSI_SCSI - ok
23:11:48.0986 1948 [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
23:11:48.0987 1948 LSI_SSS - ok
23:11:49.0018 1948 [ A57BA284F5996FFD32DCDBC41A4657DB ] LSM C:\WINDOWS\System32\lsm.dll
23:11:49.0023 1948 LSM - ok
23:11:49.0030 1948 [ 2BDC5D711FA61307CE6190D47C956368 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
23:11:49.0032 1948 luafv - ok
23:11:49.0052 1948 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
23:11:49.0054 1948 MBAMProtector - ok
23:11:49.0089 1948 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
23:11:49.0093 1948 MBAMScheduler - ok
23:11:49.0116 1948 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
23:11:49.0123 1948 MBAMService - ok
23:11:49.0138 1948 [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas C:\WINDOWS\system32\drivers\megasas.sys
23:11:49.0140 1948 megasas - ok
23:11:49.0157 1948 [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR C:\WINDOWS\system32\drivers\MegaSR.sys
23:11:49.0160 1948 MegaSR - ok
23:11:49.0201 1948 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
23:11:49.0203 1948 Microsoft Office Groove Audit Service - ok
23:11:49.0227 1948 [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS C:\WINDOWS\system32\mmcss.dll
23:11:49.0230 1948 MMCSS - ok
23:11:49.0246 1948 [ 780098AD5DA8A4822E2563984C85EF7B ] Modem C:\WINDOWS\system32\drivers\modem.sys
23:11:49.0248 1948 Modem - ok
23:11:49.0277 1948 [ EA8EAD3F5B762F889CC7F3966625B48B ] monitor C:\WINDOWS\System32\drivers\monitor.sys
23:11:49.0279 1948 monitor - ok
23:11:49.0287 1948 [ 618446B98C79776654340CE27C73485E ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
23:11:49.0289 1948 mouclass - ok
23:11:49.0301 1948 [ C0ADEBED913295803B579ED288936CBB ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
23:11:49.0303 1948 mouhid - ok
23:11:49.0309 1948 [ 89D263DBF08119CE16273991C120D6DD ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
23:11:49.0310 1948 mountmgr - ok
23:11:49.0334 1948 [ 0D1609DD82C7440F5D5BF21A9D4D5C0C ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
23:11:49.0336 1948 mpsdrv - ok
23:11:49.0370 1948 [ 3031573A739DBEE8923851929D0AF423 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
23:11:49.0388 1948 MpsSvc - ok
23:11:49.0412 1948 [ 866AF645A3B1F4358C4201CE089839EA ] MQAC C:\WINDOWS\system32\drivers\mqac.sys
23:11:49.0414 1948 MQAC - ok
23:11:49.0429 1948 [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
23:11:49.0430 1948 MRxDAV - ok
23:11:49.0468 1948 [ 93179D48066918323628CB016D8C94DC ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:11:49.0471 1948 mrxsmb - ok
23:11:49.0494 1948 [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
23:11:49.0498 1948 mrxsmb10 - ok
23:11:49.0521 1948 [ 5C7DD2E5759FFCCD2C7341C1B90F2B26 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
23:11:49.0524 1948 mrxsmb20 - ok
23:11:49.0550 1948 [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
23:11:49.0552 1948 MsBridge - ok
23:11:49.0581 1948 [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
23:11:49.0585 1948 MSDTC - ok
23:11:49.0606 1948 [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
23:11:49.0608 1948 Msfs - ok
23:11:49.0630 1948 [ C32A7A39B960A42BA9D4FBE47213CA03 ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
23:11:49.0632 1948 msgpiowin32 - ok
23:11:49.0644 1948 [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
23:11:49.0645 1948 mshidkmdf - ok
23:11:49.0652 1948 [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
23:11:49.0653 1948 mshidumdf - ok
23:11:49.0669 1948 [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
23:11:49.0670 1948 msisadrv - ok
23:11:49.0685 1948 [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
23:11:49.0689 1948 MSiSCSI - ok
23:11:49.0694 1948 msiserver - ok
23:11:49.0707 1948 [ 509809566E49F4411055864EA8D437CD ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:11:49.0708 1948 MSKSSRV - ok
23:11:49.0716 1948 [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
23:11:49.0717 1948 MsLldp - ok
23:11:49.0737 1948 [ 80FF037D6184FFACB2740A50C7949D20 ] MSMQ C:\WINDOWS\system32\mqsvc.exe
23:11:49.0739 1948 MSMQ - ok
23:11:49.0754 1948 [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:11:49.0755 1948 MSPCLOCK - ok
23:11:49.0767 1948 [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
23:11:49.0769 1948 MSPQM - ok
23:11:49.0786 1948 [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
23:11:49.0790 1948 MsRPC - ok
23:11:49.0806 1948 [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
23:11:49.0808 1948 mssmbios - ok
23:11:49.0819 1948 [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
23:11:49.0821 1948 MSTEE - ok
23:11:49.0831 1948 [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
23:11:49.0833 1948 MTConfig - ok
23:11:49.0853 1948 [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup C:\WINDOWS\system32\Drivers\mup.sys
23:11:49.0854 1948 Mup - ok
23:11:49.0875 1948 [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
23:11:49.0877 1948 mvumis - ok
23:11:49.0903 1948 [ 4B18840511D720BA118D3017E8165875 ] napagent C:\WINDOWS\system32\qagentRT.dll
23:11:49.0908 1948 napagent - ok
23:11:49.0930 1948 [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
23:11:49.0934 1948 NativeWifiP - ok
23:11:49.0959 1948 [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
23:11:49.0962 1948 NcaSvc - ok
23:11:49.0980 1948 [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
23:11:49.0982 1948 NcdAutoSetup - ok
23:11:50.0011 1948 [ 03CFE4108D1DE16D6C59455B5C73319C ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
23:11:50.0019 1948 NDIS - ok
23:11:50.0036 1948 [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
23:11:50.0038 1948 NdisCap - ok
23:11:50.0045 1948 [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
23:11:50.0047 1948 NdisImPlatform - ok
23:11:50.0085 1948 [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:11:50.0087 1948 NdisTapi - ok
23:11:50.0104 1948 [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:11:50.0106 1948 Ndisuio - ok
23:11:50.0116 1948 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:11:50.0119 1948 NdisWan - ok
23:11:50.0124 1948 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:11:50.0126 1948 NDISWANLEGACY - ok
23:11:50.0149 1948 [ 3730942D7DB2F8BB5F84542B7FF6F650 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
23:11:50.0151 1948 NDProxy - ok
23:11:50.0164 1948 [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
23:11:50.0166 1948 Ndu - ok
23:11:50.0172 1948 [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
23:11:50.0173 1948 NetBIOS - ok
23:11:50.0182 1948 [ 7CEC25C682D319D484630B3952C31A11 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
23:11:50.0186 1948 NetBT - ok
23:11:50.0209 1948 [ F702AB6181513303AB0FC8D59E52708B ] Netlogon C:\WINDOWS\system32\lsass.exe
23:11:50.0211 1948 Netlogon - ok
23:11:50.0228 1948 [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman C:\WINDOWS\System32\netman.dll
23:11:50.0232 1948 Netman - ok
23:11:50.0266 1948 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:11:50.0278 1948 NetMsmqActivator - ok
23:11:50.0283 1948 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:11:50.0284 1948 NetPipeActivator - ok
23:11:50.0308 1948 [ 5FF52E13C72838D87DAF228EC9E92C89 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
23:11:50.0314 1948 netprofm - ok
23:11:50.0356 1948 [ 9F929E74A8FB21B2B44B41C115F10B39 ] netr28ux C:\WINDOWS\system32\DRIVERS\netr28ux.sys
23:11:50.0382 1948 netr28ux - ok
23:11:50.0424 1948 [ 019B594CC5D5A3FB5EA788F972F56FFF ] netr28x C:\WINDOWS\system32\DRIVERS\netr28x.sys
23:11:50.0450 1948 netr28x - ok
23:11:50.0457 1948 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:11:50.0458 1948 NetTcpActivator - ok
23:11:50.0463 1948 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:11:50.0465 1948 NetTcpPortSharing - ok
23:11:50.0509 1948 [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960 C:\WINDOWS\system32\drivers\nfrd960.sys
23:11:50.0511 1948 nfrd960 - ok
23:11:50.0546 1948 [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
23:11:50.0551 1948 NlaSvc - ok
23:11:50.0563 1948 [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
23:11:50.0564 1948 Npfs - ok
23:11:50.0575 1948 [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
23:11:50.0577 1948 npsvctrig - ok
23:11:50.0597 1948 [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi C:\WINDOWS\system32\nsisvc.dll
23:11:50.0599 1948 nsi - ok
23:11:50.0615 1948 [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
23:11:50.0616 1948 nsiproxy - ok
23:11:50.0654 1948 [ 76929F4A69E425911A63B407E26C2589 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
23:11:50.0680 1948 Ntfs - ok
23:11:50.0702 1948 [ 4163ADE07DB51843AE31F65B94F5398D ] Null C:\WINDOWS\system32\drivers\Null.sys
23:11:50.0703 1948 Null - ok
23:11:50.0719 1948 [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
23:11:50.0721 1948 nvraid - ok
23:11:50.0739 1948 [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
23:11:50.0742 1948 nvstor - ok
23:11:50.0756 1948 [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
23:11:50.0759 1948 nv_agp - ok
23:11:50.0815 1948 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:11:50.0820 1948 odserv - ok
23:11:50.0850 1948 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:11:50.0854 1948 ose - ok
23:11:50.0882 1948 [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
23:11:50.0886 1948 p2pimsvc - ok
23:11:50.0909 1948 [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
23:11:50.0915 1948 p2psvc - ok