Ahoj, prosím o kontrolu logu. V PC mám keylogger ke kterému jsem samozřejmě zapomněl vyvolávací heslo - All in one keylogger - takže ho nemůžu odinstalovat. Je tu i možnost, že jsem dal aby se sám po nějaké době odinstalovat, ovšem tím si nejsem až tak jistý.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:49:46, on 20.6.2013
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v10.0 (10.00.9200.16611)
Boot mode: Normal
Running processes:
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\BitTorrent\BitTorrent.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-search.com/?affID=4444 ... 728950D2C9
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Microsoft Web Test Recorder 10.0 Helper - {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\PROGRA~2\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKCU\..\Run: [Google Update] "C:\Users\MarthyX\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Fences.lnk = C:\Program Files (x86)\Stardock\Fences\Fences.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O16 - DPF: {2AB1C516-6654-4D3A-B3D6-2185BBCEB409} (Cisco SSL VPN Relay Loader) - https://vpngw1.allianz.cz/+CSCOL+/csvrloader32.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\windows\syswow64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - The Firebird Project - C:\Program Files (x86)\Firebird\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - The Firebird Project - C:\Program Files (x86)\Firebird\bin\fbserver.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Splashtop Meta Data Export Service (Splashtop MDES) - Splashtop Inc. - C:\ASUS.SYS\SIONExportService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: utslzlbfrhqoie - Unknown owner - c:\windows\SysWOW64\PBZAJC~1.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
--
End of file - 14146 bytes
Díky, Teedok
Kontrola - keylogger
-
Teedok
- Level 3
- Příspěvky: 554
- Registrován: prosinec 08
- Bydliště: Jablonec nad nisou
- Pohlaví:
- Stav:
Offline
- Kontakt:
Kontrola - keylogger
Freerapid 4ever
-
Žbeky
- Moderátor
-
Guru Level 13
- Příspěvky: 22288
- Registrován: květen 08
- Bydliště: Vsetín - Pardubice
- Pohlaví:
- Stav:
Offline
Re: Kontrola - keylogger
Fixni:
Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.
Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
Kód: Vybrat vše
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-search.com/?affID=4444 ... 728950D2C9
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {b6ac5e3c-5ceb-4e72-b451-f0e1ba983c14} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\MarthyX\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O13 - Gopher Prefix:
O16 - DPF: {2AB1C516-6654-4D3A-B3D6-2185BBCEB409} (Cisco SSL VPN Relay Loader) - https://vpngw1.allianz.cz/+CSCOL+/csvrloader32.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cabStáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.
Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.
Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
-
Teedok
- Level 3
- Příspěvky: 554
- Registrován: prosinec 08
- Bydliště: Jablonec nad nisou
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Kontrola - keylogger
MBAM:
Malwarebytes' Anti-Malware 1.40
Verze databáze: 2551
Windows 6.1.7601 Service Pack 1
20.6.2013 21:49:15
mbam-log-2013-06-20 (21-49-09).txt
Typ skenu: Rychlý sken
Objektu skenováno: 89230
Uplynulý cas: 6 minute(s), 10 second(s)
Infikované procesy pameti: 0
Infikované pametové moduly: 0
Infikované klíce registru: 1
Infikované hodnoty registru: 0
Infikované položky dat registru: 1
Infikované složky: 1
Infikované soubory: 3
Infikované procesy pameti:
(Žádné zákerné položky nebyly zjišteny)
Infikované pametové moduly:
(Žádné zákerné položky nebyly zjišteny)
Infikované klíce registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{d08d9f98-1c78-4704-87e6-368b0023d831} (Adware.RelevantKnowledge) -> No action taken.
Infikované hodnoty registru:
(Žádné zákerné položky nebyly zjišteny)
Infikované položky dat registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken.
Infikované složky:
C:\Program Files (x86)\RelevantKnowledge (Spyware.Marketscore) -> No action taken.
Infikované soubory:
C:\Program Files (x86)\RelevantKnowledge\ncncf.dat (Spyware.Marketscore) -> No action taken.
C:\Program Files (x86)\RelevantKnowledge\nscf.dat (Spyware.Marketscore) -> No action taken.
C:\Program Files (x86)\RelevantKnowledge\rloci.bin (Spyware.Marketscore) -> No action taken.
///////////////////////////////////////////////////////////////////////////////////////
ADW:
# AdwCleaner v2.303 - Log vytvooen 20/06/2013 v 22:07:24
# Aktualizováno 08/06/2013 Xplode
# Operaení systém : Windows 7 Professional Service Pack 1 (64 bits)
# Uživatel : MarthyX - MARTHYX-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\MarthyX\Desktop\adwcleaner.exe
# Volba [Prohledat]
***** [Služby] *****
***** [Soubory / Složky] *****
Složka Nalezeno : C:\Program Files (x86)\Conduit
Složka Nalezeno : C:\Program Files (x86)\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
Složka Nalezeno : C:\Program Files (x86)\RelevantKnowledge
Složka Nalezeno : C:\Program Files (x86)\SweetIM
Složka Nalezeno : C:\ProgramData\Ask
Složka Nalezeno : C:\ProgramData\Babylon
Složka Nalezeno : C:\ProgramData\IBUpdaterService
Složka Nalezeno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
Složka Nalezeno : C:\ProgramData\SweetIM
Složka Nalezeno : C:\Users\MarthyX\AppData\Local\APN
Složka Nalezeno : C:\Users\MarthyX\AppData\Local\Conduit
Složka Nalezeno : C:\Users\MarthyX\AppData\LocalLow\Conduit
Složka Nalezeno : C:\Users\MarthyX\AppData\Roaming\Babylon
Složka Nalezeno : C:\Users\MarthyX\AppData\Roaming\PerformerSoft
Složka Nalezeno : C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
Soubor Nalezeno : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
Soubor Nalezeno : C:\Users\MarthyX\AppData\Roaming\Mozilla\Firefox\Profiles\m78xhm8d.default\searchplugins\Babylon.xml
Soubor Nalezeno : C:\Users\MarthyX\AppData\Roaming\Mozilla\Firefox\Profiles\m78xhm8d.default\searchplugins\delta.xml
***** [Registry] *****
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Hodnota Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Klíe Nalezeno : HKCU\Software\1ClickDownload
Klíe Nalezeno : HKCU\Software\APN PIP
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\SmartBar
Klíe Nalezeno : HKCU\Software\BabSolution
Klíe Nalezeno : HKCU\Software\BI
Klíe Nalezeno : HKCU\Software\Conduit
Klíe Nalezeno : HKCU\Software\DataMngr
Klíe Nalezeno : HKCU\Software\DataMngr_Toolbar
Klíe Nalezeno : HKCU\Software\IGearSettings
Klíe Nalezeno : HKCU\Software\ilivid
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKCU\Software\PIP
Klíe Nalezeno : HKCU\Software\Softonic
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\Software\Babylon
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Klíe Nalezeno : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Klíe Nalezeno : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Klíe Nalezeno : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
Klíe Nalezeno : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Nalezeno : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Klíe Nalezeno : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Klíe Nalezeno : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\Software\Conduit
Klíe Nalezeno : HKLM\Software\DataMngr
Klíe Nalezeno : HKLM\Software\Iminent
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASMANCS
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Klíe Nalezeno : HKLM\Software\PIP
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\a6d88ab73aea45
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D08D9F98-1C78-4704-87E6-368B0023D831}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IM
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
Klíe Nalezeno : HKU\S-1-5-21-1481928539-701506488-1058861579-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Nalezeno : HKU\S-1-5-21-1481928539-701506488-1058861579-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Nalezeno : HKU\S-1-5-21-1481928539-701506488-1058861579-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Klíe Nalezeno : HKU\S-1-5-21-1481928539-701506488-1058861579-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16611
[OK] Registry jsou eisté.
-\\ Mozilla Firefox v20.0.1 (cs)
Soubor : C:\Users\MarthyX\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js
[OK] Soubor je eistý.
Soubor : C:\Users\MarthyX\AppData\Roaming\Mozilla\Firefox\Profiles\m78xhm8d.default\prefs.js
[OK] Soubor je eistý.
-\\ Google Chrome v27.0.1453.116
Soubor : C:\Users\MarthyX\AppData\Local\Google\Chrome\User Data\Default\Preferences
Nalezeno [l.2399] : homepage = "hxxp://www.delta-search.com/?affID=44444&babsrc=HP_ss&mntrId=A06CAC728950D2C9",
Nalezeno [l.2930] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT3225826&SearchSource=48", "hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={E43F7F55-234E-11E2-AB36-AC728950D2CC}" ]
*************************
AdwCleaner[R1].txt - [12543 octets] - [20/06/2013 22:07:25]
########## EOF - C:\AdwCleaner[R1].txt - [12604 octets] ##########
Malwarebytes' Anti-Malware 1.40
Verze databáze: 2551
Windows 6.1.7601 Service Pack 1
20.6.2013 21:49:15
mbam-log-2013-06-20 (21-49-09).txt
Typ skenu: Rychlý sken
Objektu skenováno: 89230
Uplynulý cas: 6 minute(s), 10 second(s)
Infikované procesy pameti: 0
Infikované pametové moduly: 0
Infikované klíce registru: 1
Infikované hodnoty registru: 0
Infikované položky dat registru: 1
Infikované složky: 1
Infikované soubory: 3
Infikované procesy pameti:
(Žádné zákerné položky nebyly zjišteny)
Infikované pametové moduly:
(Žádné zákerné položky nebyly zjišteny)
Infikované klíce registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{d08d9f98-1c78-4704-87e6-368b0023d831} (Adware.RelevantKnowledge) -> No action taken.
Infikované hodnoty registru:
(Žádné zákerné položky nebyly zjišteny)
Infikované položky dat registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken.
Infikované složky:
C:\Program Files (x86)\RelevantKnowledge (Spyware.Marketscore) -> No action taken.
Infikované soubory:
C:\Program Files (x86)\RelevantKnowledge\ncncf.dat (Spyware.Marketscore) -> No action taken.
C:\Program Files (x86)\RelevantKnowledge\nscf.dat (Spyware.Marketscore) -> No action taken.
C:\Program Files (x86)\RelevantKnowledge\rloci.bin (Spyware.Marketscore) -> No action taken.
///////////////////////////////////////////////////////////////////////////////////////
ADW:
# AdwCleaner v2.303 - Log vytvooen 20/06/2013 v 22:07:24
# Aktualizováno 08/06/2013 Xplode
# Operaení systém : Windows 7 Professional Service Pack 1 (64 bits)
# Uživatel : MarthyX - MARTHYX-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\MarthyX\Desktop\adwcleaner.exe
# Volba [Prohledat]
***** [Služby] *****
***** [Soubory / Složky] *****
Složka Nalezeno : C:\Program Files (x86)\Conduit
Složka Nalezeno : C:\Program Files (x86)\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
Složka Nalezeno : C:\Program Files (x86)\RelevantKnowledge
Složka Nalezeno : C:\Program Files (x86)\SweetIM
Složka Nalezeno : C:\ProgramData\Ask
Složka Nalezeno : C:\ProgramData\Babylon
Složka Nalezeno : C:\ProgramData\IBUpdaterService
Složka Nalezeno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
Složka Nalezeno : C:\ProgramData\SweetIM
Složka Nalezeno : C:\Users\MarthyX\AppData\Local\APN
Složka Nalezeno : C:\Users\MarthyX\AppData\Local\Conduit
Složka Nalezeno : C:\Users\MarthyX\AppData\LocalLow\Conduit
Složka Nalezeno : C:\Users\MarthyX\AppData\Roaming\Babylon
Složka Nalezeno : C:\Users\MarthyX\AppData\Roaming\PerformerSoft
Složka Nalezeno : C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
Soubor Nalezeno : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
Soubor Nalezeno : C:\Users\MarthyX\AppData\Roaming\Mozilla\Firefox\Profiles\m78xhm8d.default\searchplugins\Babylon.xml
Soubor Nalezeno : C:\Users\MarthyX\AppData\Roaming\Mozilla\Firefox\Profiles\m78xhm8d.default\searchplugins\delta.xml
***** [Registry] *****
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Hodnota Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Klíe Nalezeno : HKCU\Software\1ClickDownload
Klíe Nalezeno : HKCU\Software\APN PIP
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\SmartBar
Klíe Nalezeno : HKCU\Software\BabSolution
Klíe Nalezeno : HKCU\Software\BI
Klíe Nalezeno : HKCU\Software\Conduit
Klíe Nalezeno : HKCU\Software\DataMngr
Klíe Nalezeno : HKCU\Software\DataMngr_Toolbar
Klíe Nalezeno : HKCU\Software\IGearSettings
Klíe Nalezeno : HKCU\Software\ilivid
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKCU\Software\PIP
Klíe Nalezeno : HKCU\Software\Softonic
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\Software\Babylon
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Klíe Nalezeno : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Klíe Nalezeno : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Klíe Nalezeno : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
Klíe Nalezeno : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Nalezeno : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Klíe Nalezeno : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Klíe Nalezeno : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\Software\Conduit
Klíe Nalezeno : HKLM\Software\DataMngr
Klíe Nalezeno : HKLM\Software\Iminent
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASMANCS
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Klíe Nalezeno : HKLM\Software\PIP
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\a6d88ab73aea45
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D08D9F98-1C78-4704-87E6-368B0023D831}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IM
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
Klíe Nalezeno : HKU\S-1-5-21-1481928539-701506488-1058861579-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Nalezeno : HKU\S-1-5-21-1481928539-701506488-1058861579-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Nalezeno : HKU\S-1-5-21-1481928539-701506488-1058861579-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Klíe Nalezeno : HKU\S-1-5-21-1481928539-701506488-1058861579-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16611
[OK] Registry jsou eisté.
-\\ Mozilla Firefox v20.0.1 (cs)
Soubor : C:\Users\MarthyX\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js
[OK] Soubor je eistý.
Soubor : C:\Users\MarthyX\AppData\Roaming\Mozilla\Firefox\Profiles\m78xhm8d.default\prefs.js
[OK] Soubor je eistý.
-\\ Google Chrome v27.0.1453.116
Soubor : C:\Users\MarthyX\AppData\Local\Google\Chrome\User Data\Default\Preferences
Nalezeno [l.2399] : homepage = "hxxp://www.delta-search.com/?affID=44444&babsrc=HP_ss&mntrId=A06CAC728950D2C9",
Nalezeno [l.2930] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT3225826&SearchSource=48", "hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={E43F7F55-234E-11E2-AB36-AC728950D2CC}" ]
*************************
AdwCleaner[R1].txt - [12543 octets] - [20/06/2013 22:07:25]
########## EOF - C:\AdwCleaner[R1].txt - [12604 octets] ##########
Freerapid 4ever
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Kontrola - keylogger
. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Vymazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Co to bylo za keylogger?
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.
Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Vymazat“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.
Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
Co to bylo za keylogger?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
Teedok
- Level 3
- Příspěvky: 554
- Registrován: prosinec 08
- Bydliště: Jablonec nad nisou
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Kontrola - keylogger
MbaM log:
Malwarebytes' Anti-Malware 1.40
Verze databáze: 2551
Windows 6.1.7601 Service Pack 1
4.7.2013 15:04:53
mbam-log-2013-07-04 (15-04-53).txt
Typ skenu: Úplný sken (C:\|D:\|)
Objektu skenováno: 808183
Uplynulý cas: 2 hour(s), 57 minute(s), 59 second(s)
Infikované procesy pameti: 0
Infikované pametové moduly: 0
Infikované klíce registru: 0
Infikované hodnoty registru: 0
Infikované položky dat registru: 0
Infikované složky: 0
Infikované soubory: 0
Infikované procesy pameti:
(Žádné zákerné položky nebyly zjišteny)
Infikované pametové moduly:
(Žádné zákerné položky nebyly zjišteny)
Infikované klíce registru:
(Žádné zákerné položky nebyly zjišteny)
Infikované hodnoty registru:
(Žádné zákerné položky nebyly zjišteny)
Infikované položky dat registru:
(Žádné zákerné položky nebyly zjišteny)
Infikované složky:
(Žádné zákerné položky nebyly zjišteny)
Infikované soubory:
(Žádné zákerné položky nebyly zjišteny)
ADW cleaner:
# AdwCleaner v2.304 - Log vytvooen 04/07/2013 v 15:28:17
# Aktualizováno 03/07/2013 Xplode
# Operaení systém : Windows 7 Professional Service Pack 1 (64 bits)
# Uživatel : MarthyX - MARTHYX-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\MarthyX\Desktop\adwcleaner.exe
# Volba [Vymazat]
***** [Služby] *****
***** [Soubory / Složky] *****
Složka Vymazáno : C:\Program Files (x86)\Conduit
Složka Vymazáno : C:\Program Files (x86)\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
Složka Vymazáno : C:\Program Files (x86)\SweetIM
Složka Vymazáno : C:\ProgramData\Ask
Složka Vymazáno : C:\ProgramData\Babylon
Složka Vymazáno : C:\ProgramData\IBUpdaterService
Složka Vymazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
Složka Vymazáno : C:\ProgramData\SweetIM
Složka Vymazáno : C:\Users\MarthyX\AppData\Local\APN
Složka Vymazáno : C:\Users\MarthyX\AppData\Local\Conduit
Složka Vymazáno : C:\Users\MarthyX\AppData\LocalLow\Conduit
Složka Vymazáno : C:\Users\MarthyX\AppData\Roaming\Babylon
Složka Vymazáno : C:\Users\MarthyX\AppData\Roaming\PerformerSoft
Složka Vymazáno : C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
Soubor Vymazáno : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
Soubor Vymazáno : C:\Users\MarthyX\AppData\Roaming\Mozilla\Firefox\Profiles\m78xhm8d.default\searchplugins\Babylon.xml
Soubor Vymazáno : C:\Users\MarthyX\AppData\Roaming\Mozilla\Firefox\Profiles\m78xhm8d.default\searchplugins\delta.xml
***** [Registry] *****
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Hodnota Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Klíe Vymazáno : HKCU\Software\1ClickDownload
Klíe Vymazáno : HKCU\Software\APN PIP
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\SmartBar
Klíe Vymazáno : HKCU\Software\BabSolution
Klíe Vymazáno : HKCU\Software\BI
Klíe Vymazáno : HKCU\Software\Conduit
Klíe Vymazáno : HKCU\Software\DataMngr
Klíe Vymazáno : HKCU\Software\DataMngr_Toolbar
Klíe Vymazáno : HKCU\Software\IGearSettings
Klíe Vymazáno : HKCU\Software\ilivid
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKCU\Software\PIP
Klíe Vymazáno : HKCU\Software\Softonic
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\Software\Babylon
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Klíe Vymazáno : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Klíe Vymazáno : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Klíe Vymazáno : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
Klíe Vymazáno : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Vymazáno : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Klíe Vymazáno : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Klíe Vymazáno : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\Software\Conduit
Klíe Vymazáno : HKLM\Software\DataMngr
Klíe Vymazáno : HKLM\Software\Iminent
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASAPI32
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASMANCS
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Klíe Vymazáno : HKLM\Software\PIP
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\a6d88ab73aea45
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IM
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16611
[OK] Registry jsou eisté.
-\\ Mozilla Firefox v20.0.1 (cs)
Soubor : C:\Users\MarthyX\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js
[OK] Soubor je eistý.
Soubor : C:\Users\MarthyX\AppData\Roaming\Mozilla\Firefox\Profiles\m78xhm8d.default\prefs.js
C:\Users\MarthyX\AppData\Roaming\Mozilla\Firefox\Profiles\m78xhm8d.default\user.js ... Vymazáno !
[OK] Soubor je eistý.
-\\ Google Chrome v27.0.1453.116
Soubor : C:\Users\MarthyX\AppData\Local\Google\Chrome\User Data\Default\Preferences
Vymazáno [l.2400] : homepage = "hxxp://www.delta-search.com/?affID=44444&babsrc=HP_ss&mntrId=A06CAC728950D2C9",
Vymazáno [l.3022] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT3225826&SearchSource=48", "[...]
*************************
AdwCleaner[R1].txt - [12616 octets] - [20/06/2013 22:07:25]
AdwCleaner[R2].txt - [12492 octets] - [04/07/2013 15:27:45]
AdwCleaner[S1].txt - [11868 octets] - [04/07/2013 15:28:17]
########## EOF - C:\AdwCleaner[S1].txt - [11929 octets] ##########
Roughekiller:
RogueKiller V8.6.2 _x64_ [Jul 2 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : hxxp://www.adlice.com/forum/
Webové stránky : hxxp://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : MarthyX [Práva správce]
Mód : Kontrola -- Datum : 07/04/2013 17:09:18
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 7 ¤¤¤
[HJ POL] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ POL] HKLM\[...]\System : EnableLUA (0) -> NALEZENO
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> NALEZENO
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
¤¤¤ naplánované úlohy : 0 ¤¤¤
¤¤¤ spuštění položky : 0 ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: ST9750423AS +++++
--- User ---
[MBR] 4e41e8a6157d5f28f40d3a0a97b8acc1
[BSP] b68f61f8a60fa206fb2655c77543333f : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 2048 | Size: 25600 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 52430848 | Size: 689801 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: ST9750423AS +++++
--- User ---
[MBR] aa1e9a8bebff3c386ac717e733428d5c
[BSP] 7c0e34a89bc4012955f88d0582a36d3c : Empty MBR Code
Partition table:
0 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 16065 | Size: 715394 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[0]_S_07042013_170918.txt >>
Keyloger je: All in one keylogger
Nevím jestli jsem to předtím psal, ale mám i problém s vyhledáváním na googlu, občas mi nedovolí vyhledávat a musím opsat captchu abych mohl pokračovat. Důvod je příliš mnoho dotazů - podezření na robota, myslím si, že je to tím keyloggerem.
Díky Teedok
Malwarebytes' Anti-Malware 1.40
Verze databáze: 2551
Windows 6.1.7601 Service Pack 1
4.7.2013 15:04:53
mbam-log-2013-07-04 (15-04-53).txt
Typ skenu: Úplný sken (C:\|D:\|)
Objektu skenováno: 808183
Uplynulý cas: 2 hour(s), 57 minute(s), 59 second(s)
Infikované procesy pameti: 0
Infikované pametové moduly: 0
Infikované klíce registru: 0
Infikované hodnoty registru: 0
Infikované položky dat registru: 0
Infikované složky: 0
Infikované soubory: 0
Infikované procesy pameti:
(Žádné zákerné položky nebyly zjišteny)
Infikované pametové moduly:
(Žádné zákerné položky nebyly zjišteny)
Infikované klíce registru:
(Žádné zákerné položky nebyly zjišteny)
Infikované hodnoty registru:
(Žádné zákerné položky nebyly zjišteny)
Infikované položky dat registru:
(Žádné zákerné položky nebyly zjišteny)
Infikované složky:
(Žádné zákerné položky nebyly zjišteny)
Infikované soubory:
(Žádné zákerné položky nebyly zjišteny)
ADW cleaner:
# AdwCleaner v2.304 - Log vytvooen 04/07/2013 v 15:28:17
# Aktualizováno 03/07/2013 Xplode
# Operaení systém : Windows 7 Professional Service Pack 1 (64 bits)
# Uživatel : MarthyX - MARTHYX-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\MarthyX\Desktop\adwcleaner.exe
# Volba [Vymazat]
***** [Služby] *****
***** [Soubory / Složky] *****
Složka Vymazáno : C:\Program Files (x86)\Conduit
Složka Vymazáno : C:\Program Files (x86)\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
Složka Vymazáno : C:\Program Files (x86)\SweetIM
Složka Vymazáno : C:\ProgramData\Ask
Složka Vymazáno : C:\ProgramData\Babylon
Složka Vymazáno : C:\ProgramData\IBUpdaterService
Složka Vymazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge
Složka Vymazáno : C:\ProgramData\SweetIM
Složka Vymazáno : C:\Users\MarthyX\AppData\Local\APN
Složka Vymazáno : C:\Users\MarthyX\AppData\Local\Conduit
Složka Vymazáno : C:\Users\MarthyX\AppData\LocalLow\Conduit
Složka Vymazáno : C:\Users\MarthyX\AppData\Roaming\Babylon
Složka Vymazáno : C:\Users\MarthyX\AppData\Roaming\PerformerSoft
Složka Vymazáno : C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
Soubor Vymazáno : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
Soubor Vymazáno : C:\Users\MarthyX\AppData\Roaming\Mozilla\Firefox\Profiles\m78xhm8d.default\searchplugins\Babylon.xml
Soubor Vymazáno : C:\Users\MarthyX\AppData\Roaming\Mozilla\Firefox\Profiles\m78xhm8d.default\searchplugins\delta.xml
***** [Registry] *****
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll]
Hodnota Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Klíe Vymazáno : HKCU\Software\1ClickDownload
Klíe Vymazáno : HKCU\Software\APN PIP
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\SmartBar
Klíe Vymazáno : HKCU\Software\BabSolution
Klíe Vymazáno : HKCU\Software\BI
Klíe Vymazáno : HKCU\Software\Conduit
Klíe Vymazáno : HKCU\Software\DataMngr
Klíe Vymazáno : HKCU\Software\DataMngr_Toolbar
Klíe Vymazáno : HKCU\Software\IGearSettings
Klíe Vymazáno : HKCU\Software\ilivid
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKCU\Software\PIP
Klíe Vymazáno : HKCU\Software\Softonic
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\Software\Babylon
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Klíe Vymazáno : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Klíe Vymazáno : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Klíe Vymazáno : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
Klíe Vymazáno : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Vymazáno : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Klíe Vymazáno : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Klíe Vymazáno : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\Software\Conduit
Klíe Vymazáno : HKLM\Software\DataMngr
Klíe Vymazáno : HKLM\Software\Iminent
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASAPI32
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASMANCS
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Klíe Vymazáno : HKLM\Software\PIP
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\a6d88ab73aea45
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IM
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
***** [Internetové prohlížeee] *****
-\\ Internet Explorer v10.0.9200.16611
[OK] Registry jsou eisté.
-\\ Mozilla Firefox v20.0.1 (cs)
Soubor : C:\Users\MarthyX\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js
[OK] Soubor je eistý.
Soubor : C:\Users\MarthyX\AppData\Roaming\Mozilla\Firefox\Profiles\m78xhm8d.default\prefs.js
C:\Users\MarthyX\AppData\Roaming\Mozilla\Firefox\Profiles\m78xhm8d.default\user.js ... Vymazáno !
[OK] Soubor je eistý.
-\\ Google Chrome v27.0.1453.116
Soubor : C:\Users\MarthyX\AppData\Local\Google\Chrome\User Data\Default\Preferences
Vymazáno [l.2400] : homepage = "hxxp://www.delta-search.com/?affID=44444&babsrc=HP_ss&mntrId=A06CAC728950D2C9",
Vymazáno [l.3022] : urls_to_restore_on_startup = [ "hxxp://search.conduit.com/?ctid=CT3225826&SearchSource=48", "[...]
*************************
AdwCleaner[R1].txt - [12616 octets] - [20/06/2013 22:07:25]
AdwCleaner[R2].txt - [12492 octets] - [04/07/2013 15:27:45]
AdwCleaner[S1].txt - [11868 octets] - [04/07/2013 15:28:17]
########## EOF - C:\AdwCleaner[S1].txt - [11929 octets] ##########
Roughekiller:
RogueKiller V8.6.2 _x64_ [Jul 2 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : hxxp://www.adlice.com/forum/
Webové stránky : hxxp://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : MarthyX [Práva správce]
Mód : Kontrola -- Datum : 07/04/2013 17:09:18
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 7 ¤¤¤
[HJ POL] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ POL] HKLM\[...]\System : EnableLUA (0) -> NALEZENO
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> NALEZENO
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
¤¤¤ naplánované úlohy : 0 ¤¤¤
¤¤¤ spuštění položky : 0 ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: ST9750423AS +++++
--- User ---
[MBR] 4e41e8a6157d5f28f40d3a0a97b8acc1
[BSP] b68f61f8a60fa206fb2655c77543333f : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 2048 | Size: 25600 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 52430848 | Size: 689801 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: ST9750423AS +++++
--- User ---
[MBR] aa1e9a8bebff3c386ac717e733428d5c
[BSP] 7c0e34a89bc4012955f88d0582a36d3c : Empty MBR Code
Partition table:
0 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 16065 | Size: 715394 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[0]_S_07042013_170918.txt >>
Keyloger je: All in one keylogger
Nevím jestli jsem to předtím psal, ale mám i problém s vyhledáváním na googlu, občas mi nedovolí vyhledávat a musím opsat captchu abych mohl pokračovat. Důvod je příliš mnoho dotazů - podezření na robota, myslím si, že je to tím keyloggerem.
Díky Teedok
Freerapid 4ever
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: Kontrola - keylogger
S tím Googlem mi to občas PC dělá taky a to jsem si 100 % jist, že bordel v něm nemám
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání- Finished "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání- Finished "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
-
Teedok
- Level 3
- Příspěvky: 554
- Registrován: prosinec 08
- Bydliště: Jablonec nad nisou
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Kontrola - keylogger
RogueKiller V8.6.2 _x64_ [Jul 2 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : hxxp://www.adlice.com/forum/
Webové stránky : hxxp://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : MarthyX [Práva správce]
Mód : Odebrat -- Datum : 07/04/2013 17:33:39
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 7 ¤¤¤
[HJ POL] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ POL] HKLM\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NAHRAZENO (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
¤¤¤ naplánované úlohy : 0 ¤¤¤
¤¤¤ spuštění položky : 0 ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: ST9750423AS +++++
--- User ---
[MBR] 4e41e8a6157d5f28f40d3a0a97b8acc1
[BSP] b68f61f8a60fa206fb2655c77543333f : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 2048 | Size: 25600 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 52430848 | Size: 689801 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: ST9750423AS +++++
--- User ---
[MBR] aa1e9a8bebff3c386ac717e733428d5c
[BSP] 7c0e34a89bc4012955f88d0582a36d3c : Empty MBR Code
Partition table:
0 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 16065 | Size: 715394 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[0]_D_07042013_173339.txt >>
RKreport[0]_S_07042013_170918.txt;RKreport[0]_S_07042013_173326.txt
mail : tigzyRK<at>gmail<dot>com
Podpora : hxxp://www.adlice.com/forum/
Webové stránky : hxxp://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/
Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : MarthyX [Práva správce]
Mód : Odebrat -- Datum : 07/04/2013 17:33:39
| ARK || FAK || MBR |
¤¤¤ Škodlivé procesy: : 0 ¤¤¤
¤¤¤ ¤¤¤ Záznamy Registrů: : 7 ¤¤¤
[HJ POL] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ POL] HKLM\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> NAHRAZENO (2)
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NAHRAZENO (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
¤¤¤ naplánované úlohy : 0 ¤¤¤
¤¤¤ spuštění položky : 0 ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Zvláštní soubory / Složky: ¤¤¤
¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤
¤¤¤ Externí včelstvo: ¤¤¤
¤¤¤ Nákaza : ¤¤¤
¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ Kontrola MBR: ¤¤¤
+++++ PhysicalDrive0: ST9750423AS +++++
--- User ---
[MBR] 4e41e8a6157d5f28f40d3a0a97b8acc1
[BSP] b68f61f8a60fa206fb2655c77543333f : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 2048 | Size: 25600 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 52430848 | Size: 689801 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: ST9750423AS +++++
--- User ---
[MBR] aa1e9a8bebff3c386ac717e733428d5c
[BSP] 7c0e34a89bc4012955f88d0582a36d3c : Empty MBR Code
Partition table:
0 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 16065 | Size: 715394 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Dokončeno : << RKreport[0]_D_07042013_173339.txt >>
RKreport[0]_S_07042013_170918.txt;RKreport[0]_S_07042013_173326.txt
Freerapid 4ever
-
Žbeky
- Moderátor
-
Guru Level 13
- Příspěvky: 22288
- Registrován: květen 08
- Bydliště: Vsetín - Pardubice
- Pohlaví:
- Stav:
Offline
Re: Kontrola - keylogger
Stáhni si Junkware Removal Tool
na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
V SZ řeším jen záležitosti týkající se fóra. Na prosby a žádosti o technickou podporu nereaguji. Díky za pochopení.
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
HiJackThis + návod - HW Monitor - Jak označit příspěvek za vyřešený - Pravidla fóra
-
Teedok
- Level 3
- Příspěvky: 554
- Registrován: prosinec 08
- Bydliště: Jablonec nad nisou
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Kontrola - keylogger
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Professional x64
Ran by MarthyX on p 05.07.2013 at 9:54:43,15
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
~~~ Files
~~~ Folders
~~~ Chrome
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p 05.07.2013 at 9:58:47,80
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Professional x64
Ran by MarthyX on p 05.07.2013 at 9:54:43,15
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
~~~ Files
~~~ Folders
~~~ Chrome
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\dknkjnkhedbanphkkpbpcgoblmkbfhlf
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p 05.07.2013 at 9:58:47,80
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Freerapid 4ever
-
memphisto
- Guru Level 13
- Příspěvky: 21113
- Registrován: září 06
- Bydliště: Zlín - České Budějovice
- Pohlaví:
- Stav:
Offline
Re: Kontrola - keylogger
Dej ještě pro jistotu CF
Stáhni si TDSSKiller
Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.
Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.
Stáhni si TDSSKiller
Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.
Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji
-
Teedok
- Level 3
- Příspěvky: 554
- Registrován: prosinec 08
- Bydliště: Jablonec nad nisou
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Kontrola - keylogger
11:34:30.0993 5164 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
11:34:31.0165 5164 ============================================================
11:34:31.0165 5164 Current date / time: 2013/07/05 11:34:31.0165
11:34:31.0165 5164 SystemInfo:
11:34:31.0165 5164
11:34:31.0165 5164 OS Version: 6.1.7601 ServicePack: 1.0
11:34:31.0165 5164 Product type: Workstation
11:34:31.0165 5164 ComputerName: MARTHYX-PC
11:34:31.0165 5164 UserName: MarthyX
11:34:31.0165 5164 Windows directory: C:\Windows
11:34:31.0165 5164 System windows directory: C:\Windows
11:34:31.0165 5164 Running under WOW64
11:34:31.0165 5164 Processor architecture: Intel x64
11:34:31.0165 5164 Number of processors: 8
11:34:31.0165 5164 Page size: 0x1000
11:34:31.0165 5164 Boot type: Normal boot
11:34:31.0165 5164 ============================================================
11:34:31.0820 5164 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:34:32.0210 5164 Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:34:32.0272 5164 ============================================================
11:34:32.0272 5164 \Device\Harddisk0\DR0:
11:34:32.0272 5164 MBR partitions:
11:34:32.0272 5164 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0x54344800
11:34:32.0272 5164 \Device\Harddisk1\DR1:
11:34:32.0288 5164 MBR partitions:
11:34:32.0304 5164 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F00, BlocksNum 0x575408A2
11:34:32.0304 5164 ============================================================
11:34:32.0335 5164 C: <-> \Device\Harddisk0\DR0\Partition1
11:34:32.0366 5164 D: <-> \Device\Harddisk1\DR1\Partition1
11:34:32.0366 5164 ============================================================
11:34:32.0366 5164 Initialize success
11:34:32.0366 5164 ============================================================
11:34:37.0467 8048 ============================================================
11:34:37.0467 8048 Scan started
11:34:37.0467 8048 Mode: Manual;
11:34:37.0467 8048 ============================================================
11:34:39.0058 8048 ================ Scan system memory ========================
11:34:39.0058 8048 System memory - ok
11:34:39.0058 8048 ================ Scan services =============================
11:34:39.0277 8048 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
11:34:39.0277 8048 1394ohci - ok
11:34:39.0339 8048 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:34:39.0339 8048 ACPI - ok
11:34:39.0370 8048 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:34:39.0370 8048 AcpiPmi - ok
11:34:39.0526 8048 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:34:39.0526 8048 AdobeARMservice - ok
11:34:39.0760 8048 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:34:39.0760 8048 AdobeFlashPlayerUpdateSvc - ok
11:34:39.0807 8048 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
11:34:39.0823 8048 adp94xx - ok
11:34:39.0823 8048 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
11:34:39.0838 8048 adpahci - ok
11:34:39.0838 8048 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
11:34:39.0838 8048 adpu320 - ok
11:34:39.0870 8048 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:34:39.0870 8048 AeLookupSvc - ok
11:34:39.0916 8048 [ 6E79A119B0CE418FE44E0C824BF3F039 ] AFBAgent C:\Windows\system32\FBAgent.exe
11:34:39.0916 8048 AFBAgent - ok
11:34:39.0994 8048 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
11:34:40.0010 8048 AFD - ok
11:34:40.0072 8048 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:34:40.0088 8048 agp440 - ok
11:34:40.0104 8048 [ 14370049D8C9912EAC7603809A77C378 ] AiCharger C:\Windows\system32\DRIVERS\AiCharger.sys
11:34:40.0104 8048 AiCharger - ok
11:34:40.0119 8048 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
11:34:40.0119 8048 ALG - ok
11:34:40.0150 8048 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
11:34:40.0150 8048 aliide - ok
11:34:40.0166 8048 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
11:34:40.0166 8048 amdide - ok
11:34:40.0197 8048 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
11:34:40.0197 8048 AmdK8 - ok
11:34:40.0213 8048 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
11:34:40.0228 8048 AmdPPM - ok
11:34:40.0275 8048 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:34:40.0275 8048 amdsata - ok
11:34:40.0291 8048 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
11:34:40.0291 8048 amdsbs - ok
11:34:40.0322 8048 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:34:40.0322 8048 amdxata - ok
11:34:40.0369 8048 [ 7D9E301AB3247765702D0B65E2E47E50 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
11:34:40.0369 8048 AMPPAL - ok
11:34:40.0384 8048 [ 7D9E301AB3247765702D0B65E2E47E50 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
11:34:40.0384 8048 AMPPALP - ok
11:34:40.0478 8048 [ 864C632B999BE1237A3DC46736E71F27 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
11:34:40.0478 8048 AMPPALR3 - ok
11:34:40.0572 8048 [ 92A848F962DA91C631147D566414BB7E ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
11:34:40.0572 8048 AmUStor - ok
11:34:40.0650 8048 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
11:34:40.0650 8048 AppID - ok
11:34:40.0681 8048 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:34:40.0681 8048 AppIDSvc - ok
11:34:40.0728 8048 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
11:34:40.0728 8048 Appinfo - ok
11:34:40.0837 8048 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:34:40.0837 8048 Apple Mobile Device - ok
11:34:40.0884 8048 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
11:34:40.0899 8048 AppMgmt - ok
11:34:40.0930 8048 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
11:34:40.0930 8048 arc - ok
11:34:40.0930 8048 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
11:34:40.0946 8048 arcsas - ok
11:34:41.0008 8048 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
11:34:41.0008 8048 ASLDRService - ok
11:34:41.0024 8048 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
11:34:41.0024 8048 ASMMAP64 - ok
11:34:41.0071 8048 [ 718692FFF22D6AF47EBA0A741A924921 ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
11:34:41.0071 8048 asmthub3 - ok
11:34:41.0102 8048 [ BAD70A5AC534C108F680A33C654BC626 ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
11:34:41.0102 8048 asmtxhci - ok
11:34:41.0211 8048 [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:34:41.0227 8048 aspnet_state - ok
11:34:41.0274 8048 [ 0BAEFD3F648C6E7AB52990DD9565E4E2 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
11:34:41.0274 8048 aswFsBlk - ok
11:34:41.0336 8048 [ 890918D53B80B474CFAFB48995B85AF3 ] aswKbd C:\Windows\system32\drivers\aswKbd.sys
11:34:41.0336 8048 aswKbd - ok
11:34:41.0367 8048 [ FA562F34ED6633C66170B09182B4C049 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
11:34:41.0367 8048 aswMonFlt - ok
11:34:41.0398 8048 [ 64E2BAB4096C13D2342BC4661C967E07 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
11:34:41.0398 8048 aswRdr - ok
11:34:41.0476 8048 [ 5573AA70993A2BB81525B1C704B88763 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
11:34:41.0476 8048 aswRvrt - ok
11:34:41.0508 8048 [ 8C0800CDB501CFC1164B286A0478DC10 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
11:34:41.0508 8048 aswSnx - ok
11:34:41.0523 8048 [ 3815DB16CDA62190F5C0A65118F3D714 ] aswSP C:\Windows\system32\drivers\aswSP.sys
11:34:41.0539 8048 aswSP - ok
11:34:41.0554 8048 [ 29DD8E458A84171202AA4979364C30C0 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
11:34:41.0554 8048 aswTdi - ok
11:34:41.0601 8048 [ 22F521108881DC59837F6FC614E0568F ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
11:34:41.0601 8048 aswVmm - ok
11:34:41.0632 8048 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:34:41.0632 8048 AsyncMac - ok
11:34:41.0726 8048 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
11:34:41.0726 8048 atapi - ok
11:34:41.0757 8048 [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
11:34:41.0757 8048 ATKGFNEXSrv - ok
11:34:41.0804 8048 [ 41CEAFFCF3550785E59E3EC9BEE8D97A ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
11:34:41.0804 8048 ATKWMIACPIIO - ok
11:34:41.0866 8048 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:34:41.0882 8048 AudioEndpointBuilder - ok
11:34:41.0898 8048 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:34:41.0898 8048 AudioSrv - ok
11:34:41.0976 8048 [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
11:34:41.0991 8048 avast! Antivirus - ok
11:34:42.0100 8048 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:34:42.0100 8048 AxInstSV - ok
11:34:42.0147 8048 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
11:34:42.0163 8048 b06bdrv - ok
11:34:42.0210 8048 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
11:34:42.0210 8048 b57nd60a - ok
11:34:42.0241 8048 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
11:34:42.0241 8048 BDESVC - ok
11:34:42.0272 8048 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
11:34:42.0272 8048 Beep - ok
11:34:42.0350 8048 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
11:34:42.0366 8048 BFE - ok
11:34:42.0444 8048 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
11:34:42.0459 8048 BITS - ok
11:34:42.0475 8048 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:34:42.0475 8048 blbdrive - ok
11:34:42.0568 8048 [ 5FF7B9916A10E8E69E7C0D16F0B4787A ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
11:34:42.0568 8048 Bluetooth Device Monitor - ok
11:34:42.0600 8048 [ E43D73CAF1023976EFBA1D0F0E69E271 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
11:34:42.0615 8048 Bluetooth Media Service - ok
11:34:42.0646 8048 [ 20427929646784A482DF34EF8C4FED23 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
11:34:42.0662 8048 Bluetooth OBEX Service - ok
11:34:42.0724 8048 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:34:42.0724 8048 Bonjour Service - ok
11:34:42.0756 8048 BootScreen - ok
11:34:42.0865 8048 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:34:42.0865 8048 bowser - ok
11:34:42.0912 8048 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:34:42.0912 8048 BrFiltLo - ok
11:34:42.0927 8048 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:34:42.0927 8048 BrFiltUp - ok
11:34:43.0005 8048 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
11:34:43.0005 8048 Browser - ok
11:34:43.0021 8048 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:34:43.0021 8048 Brserid - ok
11:34:43.0036 8048 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:34:43.0052 8048 BrSerWdm - ok
11:34:43.0052 8048 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:34:43.0052 8048 BrUsbMdm - ok
11:34:43.0052 8048 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:34:43.0052 8048 BrUsbSer - ok
11:34:43.0130 8048 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
11:34:43.0130 8048 BthEnum - ok
11:34:43.0161 8048 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
11:34:43.0161 8048 BTHMODEM - ok
11:34:43.0192 8048 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
11:34:43.0192 8048 BthPan - ok
11:34:43.0208 8048 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
11:34:43.0224 8048 BTHPORT - ok
11:34:43.0255 8048 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
11:34:43.0270 8048 bthserv - ok
11:34:43.0317 8048 [ 9E2AF97302B9F4BF97E952A865EB31AE ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
11:34:43.0317 8048 BTHSSecurityMgr - ok
11:34:43.0333 8048 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
11:34:43.0333 8048 BTHUSB - ok
11:34:43.0364 8048 [ 274E47BD9C1367BDBFA9DF10C2E6C544 ] btmaudio C:\Windows\system32\drivers\btmaud.sys
11:34:43.0364 8048 btmaudio - ok
11:34:43.0380 8048 [ 75EAB5AAF6E9F83739249CE60B4B9C39 ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
11:34:43.0395 8048 btmaux - ok
11:34:43.0411 8048 [ 0B1CC2221DC5990E4557A78CE9AFAD4F ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
11:34:43.0426 8048 btmhsf - ok
11:34:43.0458 8048 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:34:43.0458 8048 cdfs - ok
11:34:43.0536 8048 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:34:43.0536 8048 cdrom - ok
11:34:43.0629 8048 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
11:34:43.0629 8048 CertPropSvc - ok
11:34:43.0676 8048 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
11:34:43.0676 8048 circlass - ok
11:34:43.0707 8048 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
11:34:43.0707 8048 CLFS - ok
11:34:43.0770 8048 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:34:43.0770 8048 clr_optimization_v2.0.50727_32 - ok
11:34:43.0816 8048 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:34:43.0816 8048 clr_optimization_v2.0.50727_64 - ok
11:34:44.0347 8048 [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:34:44.0425 8048 clr_optimization_v4.0.30319_32 - ok
11:34:44.0456 8048 [ 86329C35FF23CFEF0FB6C0023BA06BCE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:34:44.0596 8048 clr_optimization_v4.0.30319_64 - ok
11:34:44.0643 8048 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:34:44.0659 8048 CmBatt - ok
11:34:44.0674 8048 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:34:44.0674 8048 cmdide - ok
11:34:44.0706 8048 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
11:34:44.0721 8048 CNG - ok
11:34:44.0737 8048 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
11:34:44.0737 8048 Compbatt - ok
11:34:44.0815 8048 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
11:34:44.0815 8048 CompositeBus - ok
11:34:44.0830 8048 COMSysApp - ok
11:34:44.0862 8048 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
11:34:44.0862 8048 crcdisk - ok
11:34:44.0971 8048 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:34:44.0971 8048 CryptSvc - ok
11:34:45.0033 8048 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
11:34:45.0049 8048 CSC - ok
11:34:45.0064 8048 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
11:34:45.0080 8048 CscService - ok
11:34:45.0142 8048 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:34:45.0158 8048 DcomLaunch - ok
11:34:45.0189 8048 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
11:34:45.0189 8048 defragsvc - ok
11:34:45.0267 8048 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:34:45.0267 8048 DfsC - ok
11:34:45.0283 8048 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
11:34:45.0298 8048 Dhcp - ok
11:34:45.0314 8048 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
11:34:45.0314 8048 discache - ok
11:34:45.0345 8048 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
11:34:45.0345 8048 Disk - ok
11:34:45.0408 8048 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:34:45.0408 8048 Dnscache - ok
11:34:45.0470 8048 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
11:34:45.0470 8048 dot3svc - ok
11:34:45.0532 8048 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
11:34:45.0532 8048 DPS - ok
11:34:45.0564 8048 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:34:45.0564 8048 drmkaud - ok
11:34:45.0720 8048 [ 1ED08A6264C5C92099D6D1DAE5E8F530 ] DrvAgent64 C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
11:34:45.0720 8048 DrvAgent64 - ok
11:34:45.0798 8048 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
11:34:45.0798 8048 dtsoftbus01 - ok
11:34:45.0829 8048 [ 04930F585EFBAEDDF79773ADD1A5EF4E ] DVB7700ALL C:\Windows\system32\Drivers\dvb7700all.sys
11:34:45.0844 8048 DVB7700ALL - ok
11:34:45.0922 8048 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:34:45.0938 8048 DXGKrnl - ok
11:34:45.0954 8048 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
11:34:45.0969 8048 EapHost - ok
11:34:46.0047 8048 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
11:34:46.0110 8048 ebdrv - ok
11:34:46.0156 8048 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
11:34:46.0172 8048 EFS - ok
11:34:46.0203 8048 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:34:46.0203 8048 ehRecvr - ok
11:34:46.0234 8048 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
11:34:46.0234 8048 ehSched - ok
11:34:46.0266 8048 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
11:34:46.0266 8048 elxstor - ok
11:34:46.0312 8048 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:34:46.0328 8048 ErrDev - ok
11:34:46.0359 8048 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
11:34:46.0375 8048 EventSystem - ok
11:34:46.0500 8048 [ E3A96D5AE6E5C7B5472011BA77353368 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
11:34:46.0515 8048 EvtEng - ok
11:34:46.0562 8048 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
11:34:46.0562 8048 exfat - ok
11:34:46.0624 8048 Fabs - ok
11:34:46.0624 8048 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:34:46.0640 8048 fastfat - ok
11:34:46.0702 8048 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
11:34:46.0718 8048 Fax - ok
11:34:46.0734 8048 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:34:46.0734 8048 fdc - ok
11:34:46.0780 8048 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
11:34:46.0780 8048 fdPHost - ok
11:34:46.0780 8048 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
11:34:46.0796 8048 FDResPub - ok
11:34:46.0812 8048 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:34:46.0812 8048 FileInfo - ok
11:34:46.0843 8048 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:34:46.0843 8048 Filetrace - ok
11:34:46.0968 8048 FirebirdGuardianDefaultInstance - ok
11:34:46.0968 8048 FirebirdServerDefaultInstance - ok
11:34:47.0046 8048 [ FFF1130F7C9FA01D093A1EDFC5CCE8FC ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
11:34:47.0092 8048 FirebirdServerMAGIXInstance - ok
11:34:47.0139 8048 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:34:47.0139 8048 flpydisk - ok
11:34:47.0202 8048 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:34:47.0202 8048 FltMgr - ok
11:34:47.0295 8048 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
11:34:47.0311 8048 FontCache - ok
11:34:47.0404 8048 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:34:47.0404 8048 FontCache3.0.0.0 - ok
11:34:47.0420 8048 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:34:47.0420 8048 FsDepends - ok
11:34:47.0467 8048 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:34:47.0467 8048 Fs_Rec - ok
11:34:47.0654 8048 [ 895BA1CFF25E867CE5A52073E905C93B ] fussvc C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe
11:34:47.0654 8048 fussvc - ok
11:34:47.0732 8048 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:34:47.0732 8048 fvevol - ok
11:34:47.0748 8048 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
11:34:47.0763 8048 gagp30kx - ok
11:34:47.0826 8048 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:34:47.0841 8048 GEARAspiWDM - ok
11:34:47.0997 8048 GGSAFERDriver - ok
11:34:48.0091 8048 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
11:34:48.0091 8048 gpsvc - ok
11:34:48.0231 8048 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:34:48.0231 8048 gupdate - ok
11:34:48.0278 8048 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:34:48.0278 8048 gupdatem - ok
11:34:48.0309 8048 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:34:48.0309 8048 hcw85cir - ok
11:34:48.0387 8048 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:34:48.0403 8048 HdAudAddService - ok
11:34:48.0434 8048 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
11:34:48.0434 8048 HDAudBus - ok
11:34:48.0450 8048 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
11:34:48.0465 8048 HidBatt - ok
11:34:48.0481 8048 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
11:34:48.0481 8048 HidBth - ok
11:34:48.0481 8048 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
11:34:48.0481 8048 HidIr - ok
11:34:48.0528 8048 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
11:34:48.0528 8048 hidserv - ok
11:34:48.0543 8048 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:34:48.0543 8048 HidUsb - ok
11:34:48.0590 8048 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:34:48.0590 8048 hkmsvc - ok
11:34:48.0684 8048 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:34:48.0684 8048 HomeGroupListener - ok
11:34:48.0746 8048 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:34:48.0746 8048 HomeGroupProvider - ok
11:34:48.0777 8048 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:34:48.0777 8048 HpSAMD - ok
11:34:48.0840 8048 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:34:48.0855 8048 HTTP - ok
11:34:48.0902 8048 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:34:48.0902 8048 hwpolicy - ok
11:34:48.0918 8048 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:34:48.0918 8048 i8042prt - ok
11:34:48.0964 8048 [ 26CF4275034214ECEDD8EC17B0A18A99 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
11:34:48.0964 8048 iaStor - ok
11:34:48.0996 8048 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:34:48.0996 8048 iaStorV - ok
11:34:49.0027 8048 [ 8A4EC1C3F10385181B1066120C610AE5 ] iBtFltCoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
11:34:49.0027 8048 iBtFltCoex - ok
11:34:49.0089 8048 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:34:49.0105 8048 idsvc - ok
11:34:49.0308 8048 [ 174BCAC474DE13B2650E444CF124828E ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
11:34:49.0510 8048 igfx - ok
11:34:49.0557 8048 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
11:34:49.0557 8048 iirsp - ok
11:34:49.0651 8048 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
11:34:49.0666 8048 IKEEXT - ok
11:34:49.0776 8048 [ CB7DADEF3D83FE2C12655A0BDCBA99F2 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:34:49.0838 8048 IntcAzAudAddService - ok
11:34:49.0963 8048 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
11:34:49.0963 8048 intelide - ok
11:34:49.0994 8048 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:34:50.0010 8048 intelppm - ok
11:34:50.0025 8048 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:34:50.0041 8048 IPBusEnum - ok
11:34:50.0072 8048 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:34:50.0072 8048 IpFilterDriver - ok
11:34:50.0150 8048 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:34:50.0166 8048 iphlpsvc - ok
11:34:50.0212 8048 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:34:50.0212 8048 IPMIDRV - ok
11:34:50.0228 8048 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:34:50.0228 8048 IPNAT - ok
11:34:50.0306 8048 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
11:34:50.0306 8048 iPod Service - ok
11:34:50.0337 8048 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:34:50.0337 8048 IRENUM - ok
11:34:50.0415 8048 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:34:50.0415 8048 isapnp - ok
11:34:50.0431 8048 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:34:50.0431 8048 iScsiPrt - ok
11:34:50.0446 8048 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:34:50.0462 8048 kbdclass - ok
11:34:50.0478 8048 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:34:50.0478 8048 kbdhid - ok
11:34:50.0524 8048 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
11:34:50.0524 8048 kbfiltr - ok
11:34:50.0540 8048 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
11:34:50.0540 8048 KeyIso - ok
11:34:50.0602 8048 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:34:50.0602 8048 KSecDD - ok
11:34:50.0665 8048 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:34:50.0665 8048 KSecPkg - ok
11:34:50.0680 8048 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:34:50.0680 8048 ksthunk - ok
11:34:50.0712 8048 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
11:34:50.0712 8048 KtmRm - ok
11:34:50.0758 8048 [ A4A9CA24E54E81C6C3E469EAEB4B3F42 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
11:34:50.0774 8048 L1C - ok
11:34:50.0821 8048 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
11:34:50.0836 8048 LanmanServer - ok
11:34:50.0868 8048 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:34:50.0868 8048 LanmanWorkstation - ok
11:34:50.0914 8048 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:34:50.0914 8048 lltdio - ok
11:34:50.0946 8048 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:34:50.0946 8048 lltdsvc - ok
11:34:50.0961 8048 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:34:50.0961 8048 lmhosts - ok
11:34:50.0992 8048 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
11:34:50.0992 8048 LSI_FC - ok
11:34:51.0024 8048 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
11:34:51.0024 8048 LSI_SAS - ok
11:34:51.0039 8048 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:34:51.0039 8048 LSI_SAS2 - ok
11:34:51.0055 8048 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:34:51.0055 8048 LSI_SCSI - ok
11:34:51.0070 8048 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
11:34:51.0070 8048 luafv - ok
11:34:51.0133 8048 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:34:51.0133 8048 Mcx2Svc - ok
11:34:51.0148 8048 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
11:34:51.0148 8048 megasas - ok
11:34:51.0164 8048 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
11:34:51.0164 8048 MegaSR - ok
11:34:51.0195 8048 [ 1C6E73FC46B509EFF9D0086AA37132DF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
11:34:51.0195 8048 MEIx64 - ok
11:34:51.0242 8048 Microsoft SharePoint Workspace Audit Service - ok
11:34:51.0273 8048 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
11:34:51.0273 8048 MMCSS - ok
11:34:51.0289 8048 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
11:34:51.0289 8048 Modem - ok
11:34:51.0304 8048 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:34:51.0304 8048 monitor - ok
11:34:51.0336 8048 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:34:51.0336 8048 mouclass - ok
11:34:51.0367 8048 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:34:51.0367 8048 mouhid - ok
11:34:51.0445 8048 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:34:51.0460 8048 mountmgr - ok
11:34:51.0538 8048 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:34:51.0538 8048 MozillaMaintenance - ok
11:34:51.0585 8048 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
11:34:51.0601 8048 mpio - ok
11:34:51.0616 8048 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:34:51.0616 8048 mpsdrv - ok
11:34:51.0694 8048 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:34:51.0694 8048 MpsSvc - ok
11:34:51.0804 8048 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:34:51.0804 8048 MRxDAV - ok
11:34:51.0866 8048 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:34:51.0866 8048 mrxsmb - ok
11:34:51.0897 8048 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:34:51.0897 8048 mrxsmb10 - ok
11:34:51.0913 8048 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:34:51.0913 8048 mrxsmb20 - ok
11:34:51.0928 8048 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
11:34:51.0928 8048 msahci - ok
11:34:52.0022 8048 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:34:52.0022 8048 msdsm - ok
11:34:52.0053 8048 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
11:34:52.0069 8048 MSDTC - ok
11:34:52.0084 8048 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:34:52.0084 8048 Msfs - ok
11:34:52.0100 8048 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:34:52.0116 8048 mshidkmdf - ok
11:34:52.0131 8048 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:34:52.0131 8048 msisadrv - ok
11:34:52.0194 8048 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:34:52.0194 8048 MSiSCSI - ok
11:34:52.0194 8048 msiserver - ok
11:34:52.0225 8048 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:34:52.0225 8048 MSKSSRV - ok
11:34:52.0256 8048 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:34:52.0272 8048 MSPCLOCK - ok
11:34:52.0272 8048 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:34:52.0287 8048 MSPQM - ok
11:34:52.0428 8048 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:34:52.0443 8048 MsRPC - ok
11:34:52.0521 8048 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
11:34:52.0521 8048 mssmbios - ok
11:34:52.0537 8048 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:34:52.0537 8048 MSTEE - ok
11:34:52.0568 8048 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
11:34:52.0568 8048 MTConfig - ok
11:34:52.0599 8048 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
11:34:52.0599 8048 Mup - ok
11:34:52.0755 8048 [ 8F57DB74BF5407A4CDA6C8B005DC8DD0 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
11:34:52.0755 8048 MyWiFiDHCPDNS - ok
11:34:52.0927 8048 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
11:34:52.0942 8048 napagent - ok
11:34:53.0020 8048 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:34:53.0036 8048 NativeWifiP - ok
11:34:53.0301 8048 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:34:53.0332 8048 NDIS - ok
11:34:53.0379 8048 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:34:53.0395 8048 NdisCap - ok
11:34:53.0426 8048 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:34:53.0426 8048 NdisTapi - ok
11:34:53.0535 8048 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:34:53.0535 8048 Ndisuio - ok
11:34:53.0613 8048 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:34:53.0613 8048 NdisWan - ok
11:34:53.0691 8048 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:34:53.0691 8048 NDProxy - ok
11:34:53.0722 8048 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:34:53.0722 8048 NetBIOS - ok
11:34:53.0816 8048 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:34:53.0832 8048 NetBT - ok
11:34:53.0878 8048 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
11:34:53.0878 8048 Netlogon - ok
11:34:53.0972 8048 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
11:34:53.0988 8048 Netman - ok
11:34:54.0393 8048 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:34:54.0409 8048 NetMsmqActivator - ok
11:34:54.0471 8048 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:34:54.0471 8048 NetPipeActivator - ok
11:34:54.0565 8048 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
11:34:54.0580 8048 netprofm - ok
11:34:54.0612 8048 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:34:54.0612 8048 NetTcpActivator - ok
11:34:54.0627 8048 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:34:54.0627 8048 NetTcpPortSharing - ok
11:34:56.0000 8048 [ 50AD7F7040C22BB7CAA59A0880875A21 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
11:34:56.0140 8048 NETwNs64 - ok
11:34:56.0187 8048 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
11:34:56.0187 8048 nfrd960 - ok
11:34:56.0328 8048 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:34:56.0328 8048 NlaSvc - ok
11:34:56.0390 8048 [ 5FE6F8C05F0769BBB74AFAC11453B182 ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys
11:34:56.0390 8048 nmwcd - ok
11:34:56.0515 8048 [ 73C929945C0850B8D1FE2FEA05FDF05D ] nmwcdc C:\Windows\system32\drivers\ccdcmbox64.sys
11:34:56.0515 8048 nmwcdc - ok
11:34:56.0593 8048 [ 292DDF13F91F2CB2482B57AACD6AEB9B ] nmwcdnsux64 C:\Windows\system32\drivers\nmwcdnsux64.sys
11:34:56.0593 8048 nmwcdnsux64 - ok
11:34:56.0718 8048 [ 351533ACC2A069B94E80BBFC177E8FDF ] NPF C:\Windows\system32\drivers\npf.sys
11:34:56.0718 8048 NPF - ok
11:34:56.0764 8048 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:34:56.0764 8048 Npfs - ok
11:34:56.0811 8048 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
11:34:56.0827 8048 nsi - ok
11:34:56.0858 8048 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:34:56.0858 8048 nsiproxy - ok
11:34:57.0076 8048 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:34:57.0139 8048 Ntfs - ok
11:34:57.0154 8048 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
11:34:57.0154 8048 Null - ok
11:34:57.0248 8048 [ 960E39A54E525DF58CB29193147DFFA1 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
11:34:57.0248 8048 NVHDA - ok
11:34:57.0420 8048 [ D9C790C061CAC58E2B4AD168C705AC5E ] nvkflt C:\Windows\system32\DRIVERS\nvkflt.sys
11:34:57.0435 8048 nvkflt - ok
11:34:57.0934 8048 [ 48D26FF990099C1AD51F81BAEDDB3B98 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:34:58.0137 8048 nvlddmkm - ok
11:34:58.0153 8048 [ 3393E8972E95F6C985150A1DC1D4B026 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
11:34:58.0153 8048 nvpciflt - ok
11:34:58.0262 8048 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:34:58.0278 8048 nvraid - ok
11:34:58.0293 8048 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:34:58.0293 8048 nvstor - ok
11:34:58.0340 8048 [ 708547B06809A454B953803CBC449BC0 ] NVSvc C:\Windows\system32\nvvsvc.exe
11:34:58.0356 8048 NVSvc - ok
11:34:58.0449 8048 [ CEA3A0FBE6B86EF7A85B62EB41ED5DCB ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
11:34:58.0465 8048 nvUpdatusService - ok
11:34:58.0496 8048 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:34:58.0496 8048 nv_agp - ok
11:34:58.0512 8048 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:34:58.0512 8048 ohci1394 - ok
11:34:58.0590 8048 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:34:58.0590 8048 ose64 - ok
11:34:58.0699 8048 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:34:58.0792 8048 osppsvc - ok
11:34:58.0824 8048 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:34:58.0824 8048 p2pimsvc - ok
11:34:58.0839 8048 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
11:34:58.0855 8048 p2psvc - ok
11:34:58.0964 8048 [ 01907300EB52206B06FACB9608F369A9 ] PanService C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
11:34:58.0964 8048 PanService - ok
11:34:59.0011 8048 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
11:34:59.0011 8048 Parport - ok
11:34:59.0073 8048 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:34:59.0073 8048 partmgr - ok
11:34:59.0089 8048 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:34:59.0089 8048 PcaSvc - ok
11:34:59.0151 8048 [ 3FDE033DFB0D07F8B7D5C9A3044AA121 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
11:34:59.0151 8048 pccsmcfd - ok
11:34:59.0182 8048 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
11:34:59.0182 8048 pci - ok
11:34:59.0245 8048 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
11:34:59.0260 8048 pciide - ok
11:34:59.0385 8048 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
11:34:59.0385 8048 pcmcia - ok
11:34:59.0401 8048 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
11:34:59.0401 8048 pcw - ok
11:34:59.0432 8048 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:34:59.0432 8048 PEAUTH - ok
11:34:59.0463 8048 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
11:34:59.0494 8048 PeerDistSvc - ok
11:34:59.0557 8048 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:34:59.0557 8048 PerfHost - ok
11:34:59.0650 8048 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
11:34:59.0682 8048 pla - ok
11:34:59.0744 8048 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:34:59.0744 8048 PlugPlay - ok
11:34:59.0760 8048 PnkBstrA - ok
11:34:59.0791 8048 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:34:59.0791 8048 PNRPAutoReg - ok
11:34:59.0822 8048 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:34:59.0822 8048 PNRPsvc - ok
11:34:59.0884 8048 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:34:59.0900 8048 PolicyAgent - ok
11:34:59.0931 8048 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
11:34:59.0931 8048 Power - ok
11:35:00.0009 8048 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:35:00.0009 8048 PptpMiniport - ok
11:35:00.0040 8048 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
11:35:00.0040 8048 Processor - ok
11:35:00.0087 8048 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
11:35:00.0103 8048 ProfSvc - ok
11:35:00.0103 8048 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:35:00.0103 8048 ProtectedStorage - ok
11:35:00.0165 8048 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:35:00.0165 8048 Psched - ok
11:35:00.0228 8048 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
11:35:00.0259 8048 ql2300 - ok
11:35:00.0274 8048 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
11:35:00.0274 8048 ql40xx - ok
11:35:00.0306 8048 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
11:35:00.0321 8048 QWAVE - ok
11:35:00.0321 8048 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:35:00.0337 8048 QWAVEdrv - ok
11:35:00.0352 8048 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:35:00.0352 8048 RasAcd - ok
11:35:00.0384 8048 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:35:00.0384 8048 RasAgileVpn - ok
11:35:00.0415 8048 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
11:35:00.0415 8048 RasAuto - ok
11:35:00.0462 8048 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:35:00.0477 8048 Rasl2tp - ok
11:35:00.0540 8048 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
11:35:00.0555 8048 RasMan - ok
11:35:00.0571 8048 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:35:00.0571 8048 RasPppoe - ok
11:35:00.0586 8048 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:35:00.0586 8048 RasSstp - ok
11:34:31.0165 5164 ============================================================
11:34:31.0165 5164 Current date / time: 2013/07/05 11:34:31.0165
11:34:31.0165 5164 SystemInfo:
11:34:31.0165 5164
11:34:31.0165 5164 OS Version: 6.1.7601 ServicePack: 1.0
11:34:31.0165 5164 Product type: Workstation
11:34:31.0165 5164 ComputerName: MARTHYX-PC
11:34:31.0165 5164 UserName: MarthyX
11:34:31.0165 5164 Windows directory: C:\Windows
11:34:31.0165 5164 System windows directory: C:\Windows
11:34:31.0165 5164 Running under WOW64
11:34:31.0165 5164 Processor architecture: Intel x64
11:34:31.0165 5164 Number of processors: 8
11:34:31.0165 5164 Page size: 0x1000
11:34:31.0165 5164 Boot type: Normal boot
11:34:31.0165 5164 ============================================================
11:34:31.0820 5164 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:34:32.0210 5164 Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:34:32.0272 5164 ============================================================
11:34:32.0272 5164 \Device\Harddisk0\DR0:
11:34:32.0272 5164 MBR partitions:
11:34:32.0272 5164 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0x54344800
11:34:32.0272 5164 \Device\Harddisk1\DR1:
11:34:32.0288 5164 MBR partitions:
11:34:32.0304 5164 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F00, BlocksNum 0x575408A2
11:34:32.0304 5164 ============================================================
11:34:32.0335 5164 C: <-> \Device\Harddisk0\DR0\Partition1
11:34:32.0366 5164 D: <-> \Device\Harddisk1\DR1\Partition1
11:34:32.0366 5164 ============================================================
11:34:32.0366 5164 Initialize success
11:34:32.0366 5164 ============================================================
11:34:37.0467 8048 ============================================================
11:34:37.0467 8048 Scan started
11:34:37.0467 8048 Mode: Manual;
11:34:37.0467 8048 ============================================================
11:34:39.0058 8048 ================ Scan system memory ========================
11:34:39.0058 8048 System memory - ok
11:34:39.0058 8048 ================ Scan services =============================
11:34:39.0277 8048 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
11:34:39.0277 8048 1394ohci - ok
11:34:39.0339 8048 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:34:39.0339 8048 ACPI - ok
11:34:39.0370 8048 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:34:39.0370 8048 AcpiPmi - ok
11:34:39.0526 8048 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:34:39.0526 8048 AdobeARMservice - ok
11:34:39.0760 8048 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:34:39.0760 8048 AdobeFlashPlayerUpdateSvc - ok
11:34:39.0807 8048 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
11:34:39.0823 8048 adp94xx - ok
11:34:39.0823 8048 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
11:34:39.0838 8048 adpahci - ok
11:34:39.0838 8048 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
11:34:39.0838 8048 adpu320 - ok
11:34:39.0870 8048 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:34:39.0870 8048 AeLookupSvc - ok
11:34:39.0916 8048 [ 6E79A119B0CE418FE44E0C824BF3F039 ] AFBAgent C:\Windows\system32\FBAgent.exe
11:34:39.0916 8048 AFBAgent - ok
11:34:39.0994 8048 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
11:34:40.0010 8048 AFD - ok
11:34:40.0072 8048 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:34:40.0088 8048 agp440 - ok
11:34:40.0104 8048 [ 14370049D8C9912EAC7603809A77C378 ] AiCharger C:\Windows\system32\DRIVERS\AiCharger.sys
11:34:40.0104 8048 AiCharger - ok
11:34:40.0119 8048 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
11:34:40.0119 8048 ALG - ok
11:34:40.0150 8048 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
11:34:40.0150 8048 aliide - ok
11:34:40.0166 8048 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
11:34:40.0166 8048 amdide - ok
11:34:40.0197 8048 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
11:34:40.0197 8048 AmdK8 - ok
11:34:40.0213 8048 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
11:34:40.0228 8048 AmdPPM - ok
11:34:40.0275 8048 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:34:40.0275 8048 amdsata - ok
11:34:40.0291 8048 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
11:34:40.0291 8048 amdsbs - ok
11:34:40.0322 8048 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:34:40.0322 8048 amdxata - ok
11:34:40.0369 8048 [ 7D9E301AB3247765702D0B65E2E47E50 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
11:34:40.0369 8048 AMPPAL - ok
11:34:40.0384 8048 [ 7D9E301AB3247765702D0B65E2E47E50 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
11:34:40.0384 8048 AMPPALP - ok
11:34:40.0478 8048 [ 864C632B999BE1237A3DC46736E71F27 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
11:34:40.0478 8048 AMPPALR3 - ok
11:34:40.0572 8048 [ 92A848F962DA91C631147D566414BB7E ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
11:34:40.0572 8048 AmUStor - ok
11:34:40.0650 8048 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
11:34:40.0650 8048 AppID - ok
11:34:40.0681 8048 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:34:40.0681 8048 AppIDSvc - ok
11:34:40.0728 8048 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
11:34:40.0728 8048 Appinfo - ok
11:34:40.0837 8048 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:34:40.0837 8048 Apple Mobile Device - ok
11:34:40.0884 8048 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
11:34:40.0899 8048 AppMgmt - ok
11:34:40.0930 8048 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
11:34:40.0930 8048 arc - ok
11:34:40.0930 8048 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
11:34:40.0946 8048 arcsas - ok
11:34:41.0008 8048 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
11:34:41.0008 8048 ASLDRService - ok
11:34:41.0024 8048 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
11:34:41.0024 8048 ASMMAP64 - ok
11:34:41.0071 8048 [ 718692FFF22D6AF47EBA0A741A924921 ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
11:34:41.0071 8048 asmthub3 - ok
11:34:41.0102 8048 [ BAD70A5AC534C108F680A33C654BC626 ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
11:34:41.0102 8048 asmtxhci - ok
11:34:41.0211 8048 [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:34:41.0227 8048 aspnet_state - ok
11:34:41.0274 8048 [ 0BAEFD3F648C6E7AB52990DD9565E4E2 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
11:34:41.0274 8048 aswFsBlk - ok
11:34:41.0336 8048 [ 890918D53B80B474CFAFB48995B85AF3 ] aswKbd C:\Windows\system32\drivers\aswKbd.sys
11:34:41.0336 8048 aswKbd - ok
11:34:41.0367 8048 [ FA562F34ED6633C66170B09182B4C049 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
11:34:41.0367 8048 aswMonFlt - ok
11:34:41.0398 8048 [ 64E2BAB4096C13D2342BC4661C967E07 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
11:34:41.0398 8048 aswRdr - ok
11:34:41.0476 8048 [ 5573AA70993A2BB81525B1C704B88763 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
11:34:41.0476 8048 aswRvrt - ok
11:34:41.0508 8048 [ 8C0800CDB501CFC1164B286A0478DC10 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
11:34:41.0508 8048 aswSnx - ok
11:34:41.0523 8048 [ 3815DB16CDA62190F5C0A65118F3D714 ] aswSP C:\Windows\system32\drivers\aswSP.sys
11:34:41.0539 8048 aswSP - ok
11:34:41.0554 8048 [ 29DD8E458A84171202AA4979364C30C0 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
11:34:41.0554 8048 aswTdi - ok
11:34:41.0601 8048 [ 22F521108881DC59837F6FC614E0568F ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
11:34:41.0601 8048 aswVmm - ok
11:34:41.0632 8048 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:34:41.0632 8048 AsyncMac - ok
11:34:41.0726 8048 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
11:34:41.0726 8048 atapi - ok
11:34:41.0757 8048 [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
11:34:41.0757 8048 ATKGFNEXSrv - ok
11:34:41.0804 8048 [ 41CEAFFCF3550785E59E3EC9BEE8D97A ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
11:34:41.0804 8048 ATKWMIACPIIO - ok
11:34:41.0866 8048 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:34:41.0882 8048 AudioEndpointBuilder - ok
11:34:41.0898 8048 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:34:41.0898 8048 AudioSrv - ok
11:34:41.0976 8048 [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
11:34:41.0991 8048 avast! Antivirus - ok
11:34:42.0100 8048 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:34:42.0100 8048 AxInstSV - ok
11:34:42.0147 8048 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
11:34:42.0163 8048 b06bdrv - ok
11:34:42.0210 8048 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
11:34:42.0210 8048 b57nd60a - ok
11:34:42.0241 8048 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
11:34:42.0241 8048 BDESVC - ok
11:34:42.0272 8048 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
11:34:42.0272 8048 Beep - ok
11:34:42.0350 8048 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
11:34:42.0366 8048 BFE - ok
11:34:42.0444 8048 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
11:34:42.0459 8048 BITS - ok
11:34:42.0475 8048 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:34:42.0475 8048 blbdrive - ok
11:34:42.0568 8048 [ 5FF7B9916A10E8E69E7C0D16F0B4787A ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
11:34:42.0568 8048 Bluetooth Device Monitor - ok
11:34:42.0600 8048 [ E43D73CAF1023976EFBA1D0F0E69E271 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
11:34:42.0615 8048 Bluetooth Media Service - ok
11:34:42.0646 8048 [ 20427929646784A482DF34EF8C4FED23 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
11:34:42.0662 8048 Bluetooth OBEX Service - ok
11:34:42.0724 8048 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:34:42.0724 8048 Bonjour Service - ok
11:34:42.0756 8048 BootScreen - ok
11:34:42.0865 8048 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:34:42.0865 8048 bowser - ok
11:34:42.0912 8048 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:34:42.0912 8048 BrFiltLo - ok
11:34:42.0927 8048 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:34:42.0927 8048 BrFiltUp - ok
11:34:43.0005 8048 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
11:34:43.0005 8048 Browser - ok
11:34:43.0021 8048 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:34:43.0021 8048 Brserid - ok
11:34:43.0036 8048 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:34:43.0052 8048 BrSerWdm - ok
11:34:43.0052 8048 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:34:43.0052 8048 BrUsbMdm - ok
11:34:43.0052 8048 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:34:43.0052 8048 BrUsbSer - ok
11:34:43.0130 8048 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
11:34:43.0130 8048 BthEnum - ok
11:34:43.0161 8048 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
11:34:43.0161 8048 BTHMODEM - ok
11:34:43.0192 8048 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
11:34:43.0192 8048 BthPan - ok
11:34:43.0208 8048 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
11:34:43.0224 8048 BTHPORT - ok
11:34:43.0255 8048 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
11:34:43.0270 8048 bthserv - ok
11:34:43.0317 8048 [ 9E2AF97302B9F4BF97E952A865EB31AE ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
11:34:43.0317 8048 BTHSSecurityMgr - ok
11:34:43.0333 8048 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
11:34:43.0333 8048 BTHUSB - ok
11:34:43.0364 8048 [ 274E47BD9C1367BDBFA9DF10C2E6C544 ] btmaudio C:\Windows\system32\drivers\btmaud.sys
11:34:43.0364 8048 btmaudio - ok
11:34:43.0380 8048 [ 75EAB5AAF6E9F83739249CE60B4B9C39 ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
11:34:43.0395 8048 btmaux - ok
11:34:43.0411 8048 [ 0B1CC2221DC5990E4557A78CE9AFAD4F ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
11:34:43.0426 8048 btmhsf - ok
11:34:43.0458 8048 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:34:43.0458 8048 cdfs - ok
11:34:43.0536 8048 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:34:43.0536 8048 cdrom - ok
11:34:43.0629 8048 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
11:34:43.0629 8048 CertPropSvc - ok
11:34:43.0676 8048 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
11:34:43.0676 8048 circlass - ok
11:34:43.0707 8048 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
11:34:43.0707 8048 CLFS - ok
11:34:43.0770 8048 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:34:43.0770 8048 clr_optimization_v2.0.50727_32 - ok
11:34:43.0816 8048 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:34:43.0816 8048 clr_optimization_v2.0.50727_64 - ok
11:34:44.0347 8048 [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:34:44.0425 8048 clr_optimization_v4.0.30319_32 - ok
11:34:44.0456 8048 [ 86329C35FF23CFEF0FB6C0023BA06BCE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:34:44.0596 8048 clr_optimization_v4.0.30319_64 - ok
11:34:44.0643 8048 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:34:44.0659 8048 CmBatt - ok
11:34:44.0674 8048 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:34:44.0674 8048 cmdide - ok
11:34:44.0706 8048 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
11:34:44.0721 8048 CNG - ok
11:34:44.0737 8048 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
11:34:44.0737 8048 Compbatt - ok
11:34:44.0815 8048 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
11:34:44.0815 8048 CompositeBus - ok
11:34:44.0830 8048 COMSysApp - ok
11:34:44.0862 8048 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
11:34:44.0862 8048 crcdisk - ok
11:34:44.0971 8048 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:34:44.0971 8048 CryptSvc - ok
11:34:45.0033 8048 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
11:34:45.0049 8048 CSC - ok
11:34:45.0064 8048 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
11:34:45.0080 8048 CscService - ok
11:34:45.0142 8048 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:34:45.0158 8048 DcomLaunch - ok
11:34:45.0189 8048 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
11:34:45.0189 8048 defragsvc - ok
11:34:45.0267 8048 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:34:45.0267 8048 DfsC - ok
11:34:45.0283 8048 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
11:34:45.0298 8048 Dhcp - ok
11:34:45.0314 8048 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
11:34:45.0314 8048 discache - ok
11:34:45.0345 8048 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
11:34:45.0345 8048 Disk - ok
11:34:45.0408 8048 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:34:45.0408 8048 Dnscache - ok
11:34:45.0470 8048 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
11:34:45.0470 8048 dot3svc - ok
11:34:45.0532 8048 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
11:34:45.0532 8048 DPS - ok
11:34:45.0564 8048 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:34:45.0564 8048 drmkaud - ok
11:34:45.0720 8048 [ 1ED08A6264C5C92099D6D1DAE5E8F530 ] DrvAgent64 C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
11:34:45.0720 8048 DrvAgent64 - ok
11:34:45.0798 8048 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
11:34:45.0798 8048 dtsoftbus01 - ok
11:34:45.0829 8048 [ 04930F585EFBAEDDF79773ADD1A5EF4E ] DVB7700ALL C:\Windows\system32\Drivers\dvb7700all.sys
11:34:45.0844 8048 DVB7700ALL - ok
11:34:45.0922 8048 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:34:45.0938 8048 DXGKrnl - ok
11:34:45.0954 8048 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
11:34:45.0969 8048 EapHost - ok
11:34:46.0047 8048 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
11:34:46.0110 8048 ebdrv - ok
11:34:46.0156 8048 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
11:34:46.0172 8048 EFS - ok
11:34:46.0203 8048 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:34:46.0203 8048 ehRecvr - ok
11:34:46.0234 8048 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
11:34:46.0234 8048 ehSched - ok
11:34:46.0266 8048 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
11:34:46.0266 8048 elxstor - ok
11:34:46.0312 8048 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:34:46.0328 8048 ErrDev - ok
11:34:46.0359 8048 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
11:34:46.0375 8048 EventSystem - ok
11:34:46.0500 8048 [ E3A96D5AE6E5C7B5472011BA77353368 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
11:34:46.0515 8048 EvtEng - ok
11:34:46.0562 8048 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
11:34:46.0562 8048 exfat - ok
11:34:46.0624 8048 Fabs - ok
11:34:46.0624 8048 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:34:46.0640 8048 fastfat - ok
11:34:46.0702 8048 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
11:34:46.0718 8048 Fax - ok
11:34:46.0734 8048 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:34:46.0734 8048 fdc - ok
11:34:46.0780 8048 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
11:34:46.0780 8048 fdPHost - ok
11:34:46.0780 8048 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
11:34:46.0796 8048 FDResPub - ok
11:34:46.0812 8048 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:34:46.0812 8048 FileInfo - ok
11:34:46.0843 8048 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:34:46.0843 8048 Filetrace - ok
11:34:46.0968 8048 FirebirdGuardianDefaultInstance - ok
11:34:46.0968 8048 FirebirdServerDefaultInstance - ok
11:34:47.0046 8048 [ FFF1130F7C9FA01D093A1EDFC5CCE8FC ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
11:34:47.0092 8048 FirebirdServerMAGIXInstance - ok
11:34:47.0139 8048 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:34:47.0139 8048 flpydisk - ok
11:34:47.0202 8048 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:34:47.0202 8048 FltMgr - ok
11:34:47.0295 8048 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
11:34:47.0311 8048 FontCache - ok
11:34:47.0404 8048 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:34:47.0404 8048 FontCache3.0.0.0 - ok
11:34:47.0420 8048 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:34:47.0420 8048 FsDepends - ok
11:34:47.0467 8048 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:34:47.0467 8048 Fs_Rec - ok
11:34:47.0654 8048 [ 895BA1CFF25E867CE5A52073E905C93B ] fussvc C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe
11:34:47.0654 8048 fussvc - ok
11:34:47.0732 8048 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:34:47.0732 8048 fvevol - ok
11:34:47.0748 8048 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
11:34:47.0763 8048 gagp30kx - ok
11:34:47.0826 8048 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:34:47.0841 8048 GEARAspiWDM - ok
11:34:47.0997 8048 GGSAFERDriver - ok
11:34:48.0091 8048 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
11:34:48.0091 8048 gpsvc - ok
11:34:48.0231 8048 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:34:48.0231 8048 gupdate - ok
11:34:48.0278 8048 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:34:48.0278 8048 gupdatem - ok
11:34:48.0309 8048 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:34:48.0309 8048 hcw85cir - ok
11:34:48.0387 8048 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:34:48.0403 8048 HdAudAddService - ok
11:34:48.0434 8048 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
11:34:48.0434 8048 HDAudBus - ok
11:34:48.0450 8048 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
11:34:48.0465 8048 HidBatt - ok
11:34:48.0481 8048 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
11:34:48.0481 8048 HidBth - ok
11:34:48.0481 8048 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
11:34:48.0481 8048 HidIr - ok
11:34:48.0528 8048 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
11:34:48.0528 8048 hidserv - ok
11:34:48.0543 8048 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:34:48.0543 8048 HidUsb - ok
11:34:48.0590 8048 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:34:48.0590 8048 hkmsvc - ok
11:34:48.0684 8048 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:34:48.0684 8048 HomeGroupListener - ok
11:34:48.0746 8048 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:34:48.0746 8048 HomeGroupProvider - ok
11:34:48.0777 8048 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:34:48.0777 8048 HpSAMD - ok
11:34:48.0840 8048 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:34:48.0855 8048 HTTP - ok
11:34:48.0902 8048 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:34:48.0902 8048 hwpolicy - ok
11:34:48.0918 8048 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:34:48.0918 8048 i8042prt - ok
11:34:48.0964 8048 [ 26CF4275034214ECEDD8EC17B0A18A99 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
11:34:48.0964 8048 iaStor - ok
11:34:48.0996 8048 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:34:48.0996 8048 iaStorV - ok
11:34:49.0027 8048 [ 8A4EC1C3F10385181B1066120C610AE5 ] iBtFltCoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
11:34:49.0027 8048 iBtFltCoex - ok
11:34:49.0089 8048 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:34:49.0105 8048 idsvc - ok
11:34:49.0308 8048 [ 174BCAC474DE13B2650E444CF124828E ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
11:34:49.0510 8048 igfx - ok
11:34:49.0557 8048 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
11:34:49.0557 8048 iirsp - ok
11:34:49.0651 8048 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
11:34:49.0666 8048 IKEEXT - ok
11:34:49.0776 8048 [ CB7DADEF3D83FE2C12655A0BDCBA99F2 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:34:49.0838 8048 IntcAzAudAddService - ok
11:34:49.0963 8048 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
11:34:49.0963 8048 intelide - ok
11:34:49.0994 8048 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:34:50.0010 8048 intelppm - ok
11:34:50.0025 8048 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:34:50.0041 8048 IPBusEnum - ok
11:34:50.0072 8048 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:34:50.0072 8048 IpFilterDriver - ok
11:34:50.0150 8048 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:34:50.0166 8048 iphlpsvc - ok
11:34:50.0212 8048 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:34:50.0212 8048 IPMIDRV - ok
11:34:50.0228 8048 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:34:50.0228 8048 IPNAT - ok
11:34:50.0306 8048 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
11:34:50.0306 8048 iPod Service - ok
11:34:50.0337 8048 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:34:50.0337 8048 IRENUM - ok
11:34:50.0415 8048 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:34:50.0415 8048 isapnp - ok
11:34:50.0431 8048 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:34:50.0431 8048 iScsiPrt - ok
11:34:50.0446 8048 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:34:50.0462 8048 kbdclass - ok
11:34:50.0478 8048 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:34:50.0478 8048 kbdhid - ok
11:34:50.0524 8048 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
11:34:50.0524 8048 kbfiltr - ok
11:34:50.0540 8048 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
11:34:50.0540 8048 KeyIso - ok
11:34:50.0602 8048 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:34:50.0602 8048 KSecDD - ok
11:34:50.0665 8048 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:34:50.0665 8048 KSecPkg - ok
11:34:50.0680 8048 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:34:50.0680 8048 ksthunk - ok
11:34:50.0712 8048 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
11:34:50.0712 8048 KtmRm - ok
11:34:50.0758 8048 [ A4A9CA24E54E81C6C3E469EAEB4B3F42 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
11:34:50.0774 8048 L1C - ok
11:34:50.0821 8048 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
11:34:50.0836 8048 LanmanServer - ok
11:34:50.0868 8048 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:34:50.0868 8048 LanmanWorkstation - ok
11:34:50.0914 8048 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:34:50.0914 8048 lltdio - ok
11:34:50.0946 8048 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:34:50.0946 8048 lltdsvc - ok
11:34:50.0961 8048 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:34:50.0961 8048 lmhosts - ok
11:34:50.0992 8048 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
11:34:50.0992 8048 LSI_FC - ok
11:34:51.0024 8048 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
11:34:51.0024 8048 LSI_SAS - ok
11:34:51.0039 8048 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:34:51.0039 8048 LSI_SAS2 - ok
11:34:51.0055 8048 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:34:51.0055 8048 LSI_SCSI - ok
11:34:51.0070 8048 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
11:34:51.0070 8048 luafv - ok
11:34:51.0133 8048 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:34:51.0133 8048 Mcx2Svc - ok
11:34:51.0148 8048 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
11:34:51.0148 8048 megasas - ok
11:34:51.0164 8048 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
11:34:51.0164 8048 MegaSR - ok
11:34:51.0195 8048 [ 1C6E73FC46B509EFF9D0086AA37132DF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
11:34:51.0195 8048 MEIx64 - ok
11:34:51.0242 8048 Microsoft SharePoint Workspace Audit Service - ok
11:34:51.0273 8048 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
11:34:51.0273 8048 MMCSS - ok
11:34:51.0289 8048 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
11:34:51.0289 8048 Modem - ok
11:34:51.0304 8048 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:34:51.0304 8048 monitor - ok
11:34:51.0336 8048 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:34:51.0336 8048 mouclass - ok
11:34:51.0367 8048 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:34:51.0367 8048 mouhid - ok
11:34:51.0445 8048 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:34:51.0460 8048 mountmgr - ok
11:34:51.0538 8048 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:34:51.0538 8048 MozillaMaintenance - ok
11:34:51.0585 8048 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
11:34:51.0601 8048 mpio - ok
11:34:51.0616 8048 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:34:51.0616 8048 mpsdrv - ok
11:34:51.0694 8048 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:34:51.0694 8048 MpsSvc - ok
11:34:51.0804 8048 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:34:51.0804 8048 MRxDAV - ok
11:34:51.0866 8048 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:34:51.0866 8048 mrxsmb - ok
11:34:51.0897 8048 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:34:51.0897 8048 mrxsmb10 - ok
11:34:51.0913 8048 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:34:51.0913 8048 mrxsmb20 - ok
11:34:51.0928 8048 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
11:34:51.0928 8048 msahci - ok
11:34:52.0022 8048 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:34:52.0022 8048 msdsm - ok
11:34:52.0053 8048 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
11:34:52.0069 8048 MSDTC - ok
11:34:52.0084 8048 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:34:52.0084 8048 Msfs - ok
11:34:52.0100 8048 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:34:52.0116 8048 mshidkmdf - ok
11:34:52.0131 8048 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:34:52.0131 8048 msisadrv - ok
11:34:52.0194 8048 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:34:52.0194 8048 MSiSCSI - ok
11:34:52.0194 8048 msiserver - ok
11:34:52.0225 8048 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:34:52.0225 8048 MSKSSRV - ok
11:34:52.0256 8048 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:34:52.0272 8048 MSPCLOCK - ok
11:34:52.0272 8048 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:34:52.0287 8048 MSPQM - ok
11:34:52.0428 8048 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:34:52.0443 8048 MsRPC - ok
11:34:52.0521 8048 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
11:34:52.0521 8048 mssmbios - ok
11:34:52.0537 8048 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:34:52.0537 8048 MSTEE - ok
11:34:52.0568 8048 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
11:34:52.0568 8048 MTConfig - ok
11:34:52.0599 8048 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
11:34:52.0599 8048 Mup - ok
11:34:52.0755 8048 [ 8F57DB74BF5407A4CDA6C8B005DC8DD0 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
11:34:52.0755 8048 MyWiFiDHCPDNS - ok
11:34:52.0927 8048 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
11:34:52.0942 8048 napagent - ok
11:34:53.0020 8048 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:34:53.0036 8048 NativeWifiP - ok
11:34:53.0301 8048 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:34:53.0332 8048 NDIS - ok
11:34:53.0379 8048 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:34:53.0395 8048 NdisCap - ok
11:34:53.0426 8048 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:34:53.0426 8048 NdisTapi - ok
11:34:53.0535 8048 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:34:53.0535 8048 Ndisuio - ok
11:34:53.0613 8048 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:34:53.0613 8048 NdisWan - ok
11:34:53.0691 8048 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:34:53.0691 8048 NDProxy - ok
11:34:53.0722 8048 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:34:53.0722 8048 NetBIOS - ok
11:34:53.0816 8048 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:34:53.0832 8048 NetBT - ok
11:34:53.0878 8048 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
11:34:53.0878 8048 Netlogon - ok
11:34:53.0972 8048 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
11:34:53.0988 8048 Netman - ok
11:34:54.0393 8048 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:34:54.0409 8048 NetMsmqActivator - ok
11:34:54.0471 8048 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:34:54.0471 8048 NetPipeActivator - ok
11:34:54.0565 8048 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
11:34:54.0580 8048 netprofm - ok
11:34:54.0612 8048 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:34:54.0612 8048 NetTcpActivator - ok
11:34:54.0627 8048 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:34:54.0627 8048 NetTcpPortSharing - ok
11:34:56.0000 8048 [ 50AD7F7040C22BB7CAA59A0880875A21 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
11:34:56.0140 8048 NETwNs64 - ok
11:34:56.0187 8048 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
11:34:56.0187 8048 nfrd960 - ok
11:34:56.0328 8048 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:34:56.0328 8048 NlaSvc - ok
11:34:56.0390 8048 [ 5FE6F8C05F0769BBB74AFAC11453B182 ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys
11:34:56.0390 8048 nmwcd - ok
11:34:56.0515 8048 [ 73C929945C0850B8D1FE2FEA05FDF05D ] nmwcdc C:\Windows\system32\drivers\ccdcmbox64.sys
11:34:56.0515 8048 nmwcdc - ok
11:34:56.0593 8048 [ 292DDF13F91F2CB2482B57AACD6AEB9B ] nmwcdnsux64 C:\Windows\system32\drivers\nmwcdnsux64.sys
11:34:56.0593 8048 nmwcdnsux64 - ok
11:34:56.0718 8048 [ 351533ACC2A069B94E80BBFC177E8FDF ] NPF C:\Windows\system32\drivers\npf.sys
11:34:56.0718 8048 NPF - ok
11:34:56.0764 8048 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:34:56.0764 8048 Npfs - ok
11:34:56.0811 8048 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
11:34:56.0827 8048 nsi - ok
11:34:56.0858 8048 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:34:56.0858 8048 nsiproxy - ok
11:34:57.0076 8048 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:34:57.0139 8048 Ntfs - ok
11:34:57.0154 8048 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
11:34:57.0154 8048 Null - ok
11:34:57.0248 8048 [ 960E39A54E525DF58CB29193147DFFA1 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
11:34:57.0248 8048 NVHDA - ok
11:34:57.0420 8048 [ D9C790C061CAC58E2B4AD168C705AC5E ] nvkflt C:\Windows\system32\DRIVERS\nvkflt.sys
11:34:57.0435 8048 nvkflt - ok
11:34:57.0934 8048 [ 48D26FF990099C1AD51F81BAEDDB3B98 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:34:58.0137 8048 nvlddmkm - ok
11:34:58.0153 8048 [ 3393E8972E95F6C985150A1DC1D4B026 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
11:34:58.0153 8048 nvpciflt - ok
11:34:58.0262 8048 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:34:58.0278 8048 nvraid - ok
11:34:58.0293 8048 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:34:58.0293 8048 nvstor - ok
11:34:58.0340 8048 [ 708547B06809A454B953803CBC449BC0 ] NVSvc C:\Windows\system32\nvvsvc.exe
11:34:58.0356 8048 NVSvc - ok
11:34:58.0449 8048 [ CEA3A0FBE6B86EF7A85B62EB41ED5DCB ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
11:34:58.0465 8048 nvUpdatusService - ok
11:34:58.0496 8048 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:34:58.0496 8048 nv_agp - ok
11:34:58.0512 8048 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:34:58.0512 8048 ohci1394 - ok
11:34:58.0590 8048 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:34:58.0590 8048 ose64 - ok
11:34:58.0699 8048 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:34:58.0792 8048 osppsvc - ok
11:34:58.0824 8048 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:34:58.0824 8048 p2pimsvc - ok
11:34:58.0839 8048 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
11:34:58.0855 8048 p2psvc - ok
11:34:58.0964 8048 [ 01907300EB52206B06FACB9608F369A9 ] PanService C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
11:34:58.0964 8048 PanService - ok
11:34:59.0011 8048 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
11:34:59.0011 8048 Parport - ok
11:34:59.0073 8048 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:34:59.0073 8048 partmgr - ok
11:34:59.0089 8048 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:34:59.0089 8048 PcaSvc - ok
11:34:59.0151 8048 [ 3FDE033DFB0D07F8B7D5C9A3044AA121 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
11:34:59.0151 8048 pccsmcfd - ok
11:34:59.0182 8048 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
11:34:59.0182 8048 pci - ok
11:34:59.0245 8048 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
11:34:59.0260 8048 pciide - ok
11:34:59.0385 8048 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
11:34:59.0385 8048 pcmcia - ok
11:34:59.0401 8048 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
11:34:59.0401 8048 pcw - ok
11:34:59.0432 8048 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:34:59.0432 8048 PEAUTH - ok
11:34:59.0463 8048 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
11:34:59.0494 8048 PeerDistSvc - ok
11:34:59.0557 8048 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:34:59.0557 8048 PerfHost - ok
11:34:59.0650 8048 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
11:34:59.0682 8048 pla - ok
11:34:59.0744 8048 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:34:59.0744 8048 PlugPlay - ok
11:34:59.0760 8048 PnkBstrA - ok
11:34:59.0791 8048 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:34:59.0791 8048 PNRPAutoReg - ok
11:34:59.0822 8048 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:34:59.0822 8048 PNRPsvc - ok
11:34:59.0884 8048 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:34:59.0900 8048 PolicyAgent - ok
11:34:59.0931 8048 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
11:34:59.0931 8048 Power - ok
11:35:00.0009 8048 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:35:00.0009 8048 PptpMiniport - ok
11:35:00.0040 8048 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
11:35:00.0040 8048 Processor - ok
11:35:00.0087 8048 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
11:35:00.0103 8048 ProfSvc - ok
11:35:00.0103 8048 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:35:00.0103 8048 ProtectedStorage - ok
11:35:00.0165 8048 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:35:00.0165 8048 Psched - ok
11:35:00.0228 8048 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
11:35:00.0259 8048 ql2300 - ok
11:35:00.0274 8048 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
11:35:00.0274 8048 ql40xx - ok
11:35:00.0306 8048 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
11:35:00.0321 8048 QWAVE - ok
11:35:00.0321 8048 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:35:00.0337 8048 QWAVEdrv - ok
11:35:00.0352 8048 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:35:00.0352 8048 RasAcd - ok
11:35:00.0384 8048 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:35:00.0384 8048 RasAgileVpn - ok
11:35:00.0415 8048 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
11:35:00.0415 8048 RasAuto - ok
11:35:00.0462 8048 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:35:00.0477 8048 Rasl2tp - ok
11:35:00.0540 8048 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
11:35:00.0555 8048 RasMan - ok
11:35:00.0571 8048 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:35:00.0571 8048 RasPppoe - ok
11:35:00.0586 8048 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:35:00.0586 8048 RasSstp - ok
Freerapid 4ever
-
Teedok
- Level 3
- Příspěvky: 554
- Registrován: prosinec 08
- Bydliště: Jablonec nad nisou
- Pohlaví:
- Stav:
Offline
- Kontakt:
Re: Kontrola - keylogger
11:35:00.0664 8048 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:35:00.0664 8048 rdbss - ok
11:35:00.0680 8048 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
11:35:00.0680 8048 rdpbus - ok
11:35:00.0680 8048 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:35:00.0680 8048 RDPCDD - ok
11:35:00.0742 8048 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
11:35:00.0758 8048 RDPDR - ok
11:35:00.0774 8048 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:35:00.0774 8048 RDPENCDD - ok
11:35:00.0774 8048 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:35:00.0774 8048 RDPREFMP - ok
11:35:00.0836 8048 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:35:00.0836 8048 RDPWD - ok
11:35:00.0914 8048 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:35:00.0914 8048 rdyboost - ok
11:35:00.0992 8048 [ FD11C1287D38A46FB72353E14D50089C ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
11:35:00.0992 8048 RegSrvc - ok
11:35:01.0023 8048 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:35:01.0023 8048 RemoteAccess - ok
11:35:01.0070 8048 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:35:01.0070 8048 RemoteRegistry - ok
11:35:01.0148 8048 [ 9C3AC71A9934B884FAC567A8807E9C4D ] Revoflt C:\Windows\system32\DRIVERS\revoflt.sys
11:35:01.0148 8048 Revoflt - ok
11:35:01.0195 8048 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
11:35:01.0195 8048 RFCOMM - ok
11:35:01.0226 8048 [ B60F58F175DE20A6739194E85B035178 ] rpcapd C:\Program Files (x86)\WinPcap\rpcapd.exe
11:35:01.0226 8048 rpcapd - ok
11:35:01.0257 8048 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:35:01.0257 8048 RpcEptMapper - ok
11:35:01.0273 8048 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
11:35:01.0273 8048 RpcLocator - ok
11:35:01.0335 8048 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
11:35:01.0335 8048 RpcSs - ok
11:35:01.0366 8048 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:35:01.0366 8048 rspndr - ok
11:35:01.0429 8048 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
11:35:01.0429 8048 s3cap - ok
11:35:01.0444 8048 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
11:35:01.0444 8048 SamSs - ok
11:35:01.0460 8048 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:35:01.0476 8048 sbp2port - ok
11:35:01.0507 8048 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:35:01.0522 8048 SCardSvr - ok
11:35:01.0569 8048 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:35:01.0569 8048 scfilter - ok
11:35:01.0632 8048 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
11:35:01.0647 8048 Schedule - ok
11:35:01.0694 8048 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
11:35:01.0710 8048 SCPolicySvc - ok
11:35:01.0756 8048 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:35:01.0756 8048 SDRSVC - ok
11:35:01.0788 8048 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:35:01.0788 8048 secdrv - ok
11:35:01.0850 8048 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
11:35:01.0850 8048 seclogon - ok
11:35:01.0881 8048 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
11:35:01.0881 8048 SENS - ok
11:35:01.0912 8048 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:35:01.0928 8048 SensrSvc - ok
11:35:01.0944 8048 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
11:35:01.0959 8048 Serenum - ok
11:35:01.0959 8048 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
11:35:01.0975 8048 Serial - ok
11:35:02.0037 8048 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
11:35:02.0037 8048 sermouse - ok
11:35:02.0115 8048 [ C3BB6CF8F9EE199005A2AAE2815AD756 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
11:35:02.0115 8048 ServiceLayer - ok
11:35:02.0178 8048 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
11:35:02.0178 8048 SessionEnv - ok
11:35:02.0224 8048 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:35:02.0224 8048 sffdisk - ok
11:35:02.0224 8048 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:35:02.0240 8048 sffp_mmc - ok
11:35:02.0240 8048 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:35:02.0240 8048 sffp_sd - ok
11:35:02.0256 8048 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
11:35:02.0256 8048 sfloppy - ok
11:35:02.0318 8048 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:35:02.0318 8048 SharedAccess - ok
11:35:02.0380 8048 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:35:02.0380 8048 ShellHWDetection - ok
11:35:02.0427 8048 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:35:02.0427 8048 SiSRaid2 - ok
11:35:02.0443 8048 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
11:35:02.0443 8048 SiSRaid4 - ok
11:35:02.0552 8048 [ 4E8A4BB5B11D828FF986F6228B1CD3DF ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
11:35:02.0552 8048 SkypeUpdate - ok
11:35:02.0568 8048 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:35:02.0583 8048 Smb - ok
11:35:02.0630 8048 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:35:02.0630 8048 SNMPTRAP - ok
11:35:02.0708 8048 [ 0416266CCBC2B95EAE2C6E0AA5D228FD ] Splashtop MDES C:\ASUS.SYS\SIONExportService.exe
11:35:02.0708 8048 Splashtop MDES - ok
11:35:02.0724 8048 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
11:35:02.0724 8048 spldr - ok
11:35:02.0786 8048 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
11:35:02.0786 8048 Spooler - ok
11:35:02.0895 8048 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
11:35:02.0958 8048 sppsvc - ok
11:35:03.0004 8048 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:35:03.0004 8048 sppuinotify - ok
11:35:03.0082 8048 [ EAD5300C93946B0250A309E2BF2BE4CF ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
11:35:03.0098 8048 SQLWriter - ok
11:35:03.0176 8048 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
11:35:03.0192 8048 srv - ok
11:35:03.0207 8048 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:35:03.0207 8048 srv2 - ok
11:35:03.0238 8048 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:35:03.0238 8048 srvnet - ok
11:35:03.0270 8048 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:35:03.0270 8048 SSDPSRV - ok
11:35:03.0285 8048 SSHDRV76 - ok
11:35:03.0301 8048 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:35:03.0316 8048 SstpSvc - ok
11:35:03.0394 8048 [ C321084609422404F8DD1513C988DBEA ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
11:35:03.0394 8048 Stereo Service - ok
11:35:03.0426 8048 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
11:35:03.0426 8048 stexstor - ok
11:35:03.0504 8048 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
11:35:03.0519 8048 stisvc - ok
11:35:03.0566 8048 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
11:35:03.0566 8048 storflt - ok
11:35:03.0597 8048 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
11:35:03.0613 8048 StorSvc - ok
11:35:03.0628 8048 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
11:35:03.0628 8048 storvsc - ok
11:35:03.0644 8048 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
11:35:03.0644 8048 swenum - ok
11:35:03.0800 8048 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
11:35:03.0800 8048 SwitchBoard - ok
11:35:03.0831 8048 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
11:35:03.0831 8048 swprv - ok
11:35:03.0894 8048 [ 7E8902F9929A5D9FFD0F545332CE0F10 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
11:35:03.0909 8048 SynTP - ok
11:35:04.0018 8048 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
11:35:04.0050 8048 SysMain - ok
11:35:04.0112 8048 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:35:04.0112 8048 TabletInputService - ok
11:35:04.0128 8048 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
11:35:04.0128 8048 TapiSrv - ok
11:35:04.0159 8048 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
11:35:04.0174 8048 TBS - ok
11:35:04.0252 8048 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:35:04.0252 8048 Tcpip - ok
11:35:04.0299 8048 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:35:04.0315 8048 TCPIP6 - ok
11:35:04.0377 8048 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:35:04.0377 8048 tcpipreg - ok
11:35:04.0408 8048 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:35:04.0408 8048 TDPIPE - ok
11:35:04.0455 8048 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:35:04.0455 8048 TDTCP - ok
11:35:04.0502 8048 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:35:04.0502 8048 tdx - ok
11:35:04.0627 8048 [ BB676D2C7AD5E7131D12417E4691F9B9 ] Te.Service C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe
11:35:04.0642 8048 Te.Service - ok
11:35:04.0845 8048 [ 57DDE1395F86EE048AB25717EEB8CAEB ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
11:35:04.0861 8048 TeamViewer8 - ok
11:35:04.0923 8048 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
11:35:04.0923 8048 TermDD - ok
11:35:04.0986 8048 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
11:35:05.0001 8048 TermService - ok
11:35:05.0017 8048 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
11:35:05.0032 8048 Themes - ok
11:35:05.0064 8048 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
11:35:05.0064 8048 THREADORDER - ok
11:35:05.0079 8048 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
11:35:05.0079 8048 TrkWks - ok
11:35:05.0173 8048 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:35:05.0173 8048 TrustedInstaller - ok
11:35:05.0235 8048 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:35:05.0235 8048 tssecsrv - ok
11:35:05.0282 8048 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:35:05.0282 8048 TsUsbFlt - ok
11:35:05.0376 8048 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:35:05.0376 8048 tunnel - ok
11:35:05.0407 8048 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
11:35:05.0407 8048 uagp35 - ok
11:35:05.0469 8048 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:35:05.0469 8048 udfs - ok
11:35:05.0485 8048 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:35:05.0500 8048 UI0Detect - ok
11:35:05.0516 8048 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:35:05.0516 8048 uliagpkx - ok
11:35:05.0610 8048 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
11:35:05.0610 8048 umbus - ok
11:35:05.0641 8048 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
11:35:05.0641 8048 UmPass - ok
11:35:05.0672 8048 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
11:35:05.0688 8048 UmRdpService - ok
11:35:05.0719 8048 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
11:35:05.0734 8048 upnphost - ok
11:35:05.0812 8048 [ 34AFB83C7BBA370E404E52CC2290350C ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
11:35:05.0812 8048 upperdev - ok
11:35:05.0890 8048 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
11:35:05.0890 8048 USBAAPL64 - ok
11:35:05.0922 8048 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:35:05.0922 8048 usbccgp - ok
11:35:05.0984 8048 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:35:05.0984 8048 usbcir - ok
11:35:06.0000 8048 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
11:35:06.0000 8048 usbehci - ok
11:35:06.0031 8048 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:35:06.0031 8048 usbhub - ok
11:35:06.0062 8048 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:35:06.0062 8048 usbohci - ok
11:35:06.0093 8048 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:35:06.0093 8048 usbprint - ok
11:35:06.0156 8048 [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser C:\Windows\system32\DRIVERS\usbser.sys
11:35:06.0156 8048 usbser - ok
11:35:06.0218 8048 [ AA75E1EFBEE7186B4CBAAACF1F15E6CA ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
11:35:06.0218 8048 UsbserFilt - ok
11:35:06.0234 8048 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:35:06.0234 8048 USBSTOR - ok
11:35:06.0249 8048 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
11:35:06.0265 8048 usbuhci - ok
11:35:06.0312 8048 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
11:35:06.0312 8048 usbvideo - ok
11:35:06.0421 8048 utslzlbfrhqoie - ok
11:35:06.0436 8048 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
11:35:06.0436 8048 UxSms - ok
11:35:06.0452 8048 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
11:35:06.0452 8048 VaultSvc - ok
11:35:06.0468 8048 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:35:06.0468 8048 vdrvroot - ok
11:35:06.0530 8048 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
11:35:06.0546 8048 vds - ok
11:35:06.0577 8048 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:35:06.0577 8048 vga - ok
11:35:06.0608 8048 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
11:35:06.0608 8048 VgaSave - ok
11:35:06.0670 8048 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:35:06.0670 8048 vhdmp - ok
11:35:06.0717 8048 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
11:35:06.0717 8048 viaide - ok
11:35:06.0733 8048 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
11:35:06.0748 8048 vmbus - ok
11:35:06.0764 8048 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
11:35:06.0764 8048 VMBusHID - ok
11:35:06.0780 8048 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:35:06.0795 8048 volmgr - ok
11:35:06.0858 8048 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:35:06.0858 8048 volmgrx - ok
11:35:06.0873 8048 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:35:06.0873 8048 volsnap - ok
11:35:06.0904 8048 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
11:35:06.0904 8048 vsmraid - ok
11:35:07.0138 8048 [ F972436B5ED08069A1E7D623B77C226A ] VSPerfDrv110 C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys
11:35:07.0138 8048 VSPerfDrv110 - ok
11:35:07.0216 8048 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
11:35:07.0248 8048 VSS - ok
11:35:07.0263 8048 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
11:35:07.0263 8048 vwifibus - ok
11:35:07.0294 8048 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
11:35:07.0310 8048 vwififlt - ok
11:35:07.0341 8048 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
11:35:07.0341 8048 vwifimp - ok
11:35:07.0372 8048 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
11:35:07.0388 8048 W32Time - ok
11:35:07.0404 8048 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
11:35:07.0404 8048 WacomPen - ok
11:35:07.0482 8048 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:35:07.0482 8048 WANARP - ok
11:35:07.0497 8048 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:35:07.0497 8048 Wanarpv6 - ok
11:35:07.0591 8048 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
11:35:07.0606 8048 WatAdminSvc - ok
11:35:07.0684 8048 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
11:35:07.0716 8048 wbengine - ok
11:35:07.0747 8048 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:35:07.0747 8048 WbioSrvc - ok
11:35:07.0809 8048 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:35:07.0809 8048 wcncsvc - ok
11:35:07.0840 8048 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:35:07.0840 8048 WcsPlugInService - ok
11:35:07.0872 8048 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
11:35:07.0872 8048 Wd - ok
11:35:07.0950 8048 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:35:07.0965 8048 Wdf01000 - ok
11:35:07.0981 8048 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:35:07.0981 8048 WdiServiceHost - ok
11:35:07.0981 8048 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:35:07.0981 8048 WdiSystemHost - ok
11:35:08.0028 8048 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
11:35:08.0043 8048 WebClient - ok
11:35:08.0074 8048 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:35:08.0090 8048 Wecsvc - ok
11:35:08.0121 8048 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:35:08.0121 8048 wercplsupport - ok
11:35:08.0152 8048 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
11:35:08.0168 8048 WerSvc - ok
11:35:08.0184 8048 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:35:08.0184 8048 WfpLwf - ok
11:35:08.0230 8048 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
11:35:08.0230 8048 WimFltr - ok
11:35:08.0230 8048 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:35:08.0230 8048 WIMMount - ok
11:35:08.0262 8048 WinDefend - ok
11:35:08.0262 8048 WinHttpAutoProxySvc - ok
11:35:08.0308 8048 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:35:08.0308 8048 Winmgmt - ok
11:35:08.0386 8048 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
11:35:08.0433 8048 WinRM - ok
11:35:08.0527 8048 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
11:35:08.0527 8048 WinUsb - ok
11:35:08.0574 8048 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
11:35:08.0589 8048 Wlansvc - ok
11:35:08.0652 8048 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
11:35:08.0652 8048 WmiAcpi - ok
11:35:08.0683 8048 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:35:08.0683 8048 wmiApSrv - ok
11:35:08.0730 8048 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:35:08.0730 8048 WPCSvc - ok
11:35:08.0792 8048 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:35:08.0792 8048 WPDBusEnum - ok
11:35:08.0839 8048 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:35:08.0839 8048 ws2ifsl - ok
11:35:08.0870 8048 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
11:35:08.0870 8048 wscsvc - ok
11:35:08.0870 8048 WSearch - ok
11:35:08.0932 8048 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
11:35:08.0979 8048 wuauserv - ok
11:35:09.0042 8048 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:35:09.0042 8048 WudfPf - ok
11:35:09.0104 8048 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:35:09.0104 8048 WUDFRd - ok
11:35:09.0120 8048 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:35:09.0135 8048 wudfsvc - ok
11:35:09.0182 8048 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
11:35:09.0182 8048 WwanSvc - ok
11:35:09.0244 8048 ================ Scan global ===============================
11:35:09.0260 8048 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:35:09.0322 8048 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
11:35:09.0322 8048 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
11:35:09.0354 8048 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:35:09.0369 8048 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:35:09.0369 8048 [Global] - ok
11:35:09.0369 8048 ================ Scan MBR ==================================
11:35:09.0385 8048 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:35:09.0790 8048 \Device\Harddisk0\DR0 - ok
11:35:10.0118 8048 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
11:35:10.0180 8048 \Device\Harddisk1\DR1 - ok
11:35:10.0180 8048 ================ Scan VBR ==================================
11:35:10.0180 8048 [ 5BED3CB160780F2819DE49A21FB8FD31 ] \Device\Harddisk0\DR0\Partition1
11:35:10.0180 8048 \Device\Harddisk0\DR0\Partition1 - ok
11:35:10.0180 8048 [ 788D984F72853E1425FFED45D222C523 ] \Device\Harddisk1\DR1\Partition1
11:35:10.0196 8048 \Device\Harddisk1\DR1\Partition1 - ok
11:35:10.0196 8048 ============================================================
11:35:10.0196 8048 Scan finished
11:35:10.0196 8048 ============================================================
11:35:10.0196 5364 Detected object count: 0
11:35:10.0196 5364 Actual detected object count: 0
11:35:15.0672 7688 Deinitialize success
////////////////////////////////////////////////////////////////////////////////////////////
Combofix:
ComboFix 13-07-04.01 - MarthyX 05.07.2013 12:00:18.1.8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.8102.5835 [GMT 2:00]
Spuštěný z: c:\users\MarthyX\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\users\MarthyX\AppData\Local\assembly\tmp
c:\windows\DPINST.LOG
c:\windows\IsUn0407.exe
c:\windows\msvcr71.dll
c:\windows\SysWow64\d2d1debug1.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-06-05 do 2013-07-05 )))))))))))))))))))))))))))))))
.
.
2013-07-05 10:09 . 2013-07-05 10:09 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-07-05 10:09 . 2013-07-05 10:09 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-07-05 10:05 . 2013-07-05 10:05 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2BAF9A3F-CE04-46BC-9220-54D8CEE39F4B}\offreg.dll
2013-07-05 07:54 . 2013-07-05 07:54 -------- d-----w- c:\windows\ERUNT
2013-07-05 07:54 . 2013-07-05 07:54 -------- d-----w- C:\JRT
2013-07-05 06:23 . 2013-06-12 03:08 9552976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2BAF9A3F-CE04-46BC-9220-54D8CEE39F4B}\mpengine.dll
2013-06-20 21:11 . 2013-06-20 21:11 -------- d-----w- c:\users\MarthyX\AppData\Roaming\DVDVideoSoft
2013-06-20 21:11 . 2013-06-20 21:11 -------- d-----w- c:\program files (x86)\DVDVideoSoft
2013-06-20 21:11 . 2013-06-20 21:11 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft
2013-06-20 13:31 . 2013-06-20 13:31 -------- d-----w- c:\program files (x86)\Trend Micro
2013-06-18 17:16 . 2013-06-18 17:16 -------- d-----w- c:\users\MarthyX\AppData\Local\Application Data
2013-06-18 17:15 . 2013-06-18 17:15 -------- d-----w- c:\program files (x86)\NbuExplorer
2013-06-18 17:14 . 2012-12-19 13:53 19632 ----a-w- c:\windows\system32\roboot64.exe
2013-06-16 01:01 . 2013-06-08 12:28 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-06-16 01:01 . 2013-06-08 11:13 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-06-16 01:01 . 2013-06-08 14:08 279040 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2013-06-16 01:01 . 2013-06-08 11:41 218112 ----a-w- c:\program files (x86)\Internet Explorer\sqmapi.dll
2013-06-16 01:01 . 2013-06-08 14:08 1365504 ----a-w- c:\windows\system32\urlmon.dll
2013-06-16 01:01 . 2013-06-08 14:06 2648064 ----a-w- c:\windows\system32\iertutil.dll
2013-06-16 01:01 . 2013-06-08 14:06 526336 ----a-w- c:\windows\system32\ieui.dll
2013-06-16 01:01 . 2013-06-08 14:06 15404544 ----a-w- c:\windows\system32\ieframe.dll
2013-06-16 01:00 . 2013-06-08 14:07 19233792 ----a-w- c:\windows\system32\mshtml.dll
2013-06-12 13:53 . 2013-06-12 14:00 -------- d-----w- c:\program files (x86)\Google
2013-06-11 21:20 . 2013-05-08 06:39 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-06-11 21:20 . 2013-04-26 05:51 751104 ----a-w- c:\windows\system32\win32spl.dll
2013-06-11 21:20 . 2013-04-26 04:55 492544 ----a-w- c:\windows\SysWow64\win32spl.dll
2013-06-11 21:20 . 2013-05-10 05:49 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-06-11 21:20 . 2013-05-10 03:20 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2013-06-11 21:20 . 2013-04-17 07:02 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-06-11 21:20 . 2013-04-17 06:24 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-06-11 21:20 . 2013-05-13 05:51 1464320 ----a-w- c:\windows\system32\crypt32.dll
2013-06-11 21:20 . 2013-05-13 03:43 1192448 ----a-w- c:\windows\system32\certutil.exe
2013-06-11 21:20 . 2013-05-13 03:08 903168 ----a-w- c:\windows\SysWow64\certutil.exe
2013-06-11 21:19 . 2013-05-13 04:45 1160192 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-06-11 21:19 . 2013-05-13 05:51 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-06-11 21:19 . 2013-05-13 05:51 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-06-11 21:19 . 2013-05-13 04:45 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-06-11 21:19 . 2013-05-13 05:50 52224 ----a-w- c:\windows\system32\certenc.dll
2013-06-11 21:19 . 2013-05-13 04:45 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-06-11 21:19 . 2013-05-13 03:08 43008 ----a-w- c:\windows\SysWow64\certenc.dll
2013-06-11 21:19 . 2013-03-31 22:52 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-06-11 21:19 . 2013-04-25 23:30 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-27 20:07 . 2013-05-05 13:47 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-06-27 20:07 . 2012-09-14 10:51 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-06-27 20:07 . 2012-09-14 10:51 1030952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-06-12 19:07 . 2012-11-19 09:01 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-12 19:07 . 2012-11-19 09:01 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-12 01:02 . 2012-09-23 11:36 75825640 ----a-w- c:\windows\system32\MRT.exe
2013-05-09 08:59 . 2013-05-05 13:47 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-05-09 08:59 . 2012-09-14 10:51 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-05-09 08:59 . 2012-09-14 10:51 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-05-09 08:59 . 2013-05-29 15:49 22600 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2013-05-09 08:59 . 2012-09-14 10:51 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-05-09 08:59 . 2012-09-14 10:51 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-09 08:58 . 2012-09-14 10:50 41664 ----a-w- c:\windows\avastSS.scr
2013-05-09 08:58 . 2012-09-14 10:51 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-05-07 17:04 . 2012-09-14 11:09 78848 ----a-w- c:\windows\KMSEmulator.exe
2013-05-06 18:56 . 2009-07-13 23:57 20639232 ----a-w- c:\windows\system32\imageres.dll
2013-05-06 12:49 . 2013-05-06 12:49 163712 ----a-w- c:\windows\SysWow64\drivers\vidstub.sys
2013-05-06 09:53 . 2013-05-06 09:53 21712 ----a-w- c:\windows\SysWow64\drivers\DrvAgent64.SYS
2013-05-06 07:41 . 2013-05-06 07:41 632064 ----a-w- c:\windows\SysWow64\msvcr80.dll
2013-05-06 07:41 . 2013-05-06 07:41 554240 ----a-w- c:\windows\SysWow64\msvcp80.dll
2013-05-06 07:41 . 2013-05-06 07:41 34048 ----a-w- c:\windows\SysWow64\eEmpty.exe
2013-05-02 00:06 . 2012-09-14 08:26 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-18 15:15 . 2013-04-18 15:15 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10144.bin
2013-04-13 05:49 . 2013-05-15 03:09 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 03:09 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 03:09 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 03:09 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 03:09 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 03:09 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 12:52 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-10 06:01 . 2013-05-15 03:09 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-04-10 06:01 . 2013-05-15 03:09 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-04-10 03:30 . 2013-05-15 03:08 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-04-08 11:32 . 2013-04-08 11:32 25256224 ----a-w- c:\windows\system32\nvcompiler.dll
2013-04-08 11:32 . 2012-09-14 10:14 201576 ----a-w- c:\windows\SysWow64\nvinit.dll
2013-04-08 11:32 . 2013-04-08 11:32 7935352 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-04-08 11:32 . 2012-09-14 10:14 1107440 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-04-08 11:32 . 2013-04-08 11:32 30496 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2013-04-08 11:32 . 2013-04-08 11:32 284448 ----a-w- c:\windows\system32\drivers\nvkflt.sys
2013-04-08 11:32 . 2012-09-14 10:14 962216 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2013-04-08 11:32 . 2013-04-08 11:32 2722592 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-04-08 11:32 . 2013-04-08 11:32 1988384 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-04-08 11:32 . 2013-04-08 11:32 18061328 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-04-08 11:32 . 2013-04-08 11:32 11077920 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-04-08 11:32 . 2013-04-08 11:32 15054288 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-04-08 11:32 . 2012-09-14 10:14 2833232 ----a-w- c:\windows\system32\nvapi64.dll
2013-04-08 11:32 . 2013-04-08 11:32 20458784 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-04-08 11:32 . 2013-04-08 11:32 26938656 ----a-w- c:\windows\system32\nvoglv64.dll
2013-04-08 11:32 . 2012-09-14 10:14 245872 ----a-w- c:\windows\system32\nvinitx.dll
2013-04-08 11:32 . 2013-04-08 11:32 6264680 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-04-08 11:32 . 2013-04-08 11:32 12642504 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-04-08 11:32 . 2013-04-08 11:32 9393344 ----a-w- c:\windows\system32\nvcuda.dll
2013-04-08 11:32 . 2012-09-14 10:14 15135104 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-04-08 11:32 . 2013-04-08 11:32 7567136 ----a-w- c:\windows\system32\nvopencl.dll
2013-04-08 11:32 . 2013-04-08 11:32 1510176 ----a-w- c:\windows\system32\nvdispgenco64.dll
2013-04-08 11:32 . 2013-04-08 11:32 1814304 ----a-w- c:\windows\system32\nvdispco64.dll
2013-04-08 11:32 . 2013-04-08 11:32 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-04-08 11:32 . 2012-09-14 10:14 2512336 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-04-08 11:32 . 2013-04-08 11:32 2906912 ----a-w- c:\windows\system32\nvcuvid.dll
2013-04-08 11:32 . 2013-04-08 11:32 2347296 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-11-07 11:08 . 2012-11-07 11:09 18420101 ----a-w- c:\program files (x86)\mpatchcz1.2.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-03 19603048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2011-07-21 5716608]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"BootSkin Startup Jobs"="c:\progra~2\Stardock\WINCUS~1\BootSkin\BootSkin.exe" [2004-04-26 270336]
.
c:\users\MarthyX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Fences.lnk - c:\program files (x86)\Stardock\Fences\Fences.exe /startup [2012-10-29 4017368]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer5"=wdmaud.drv
.
R1 SSHDRV76;SSHDRV76;c:\windows\system32\drivers\SSHDRV76.sys;c:\windows\SYSNATIVE\drivers\SSHDRV76.sys [x]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 utslzlbfrhqoie;utslzlbfrhqoie;c:\windows\SysWOW64\PBZAJC~1.EXE;c:\windows\SysWOW64\PBZAJC~1.EXE [x]
R3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Te.Service;Te.Service;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvkflt.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files (x86)\Firebird\bin\fbguard.exe;c:\program files (x86)\Firebird\bin\fbguard.exe [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [x]
S2 Splashtop MDES;Splashtop Meta Data Export Service;c:\asus.sys\SIONExportService.exe;c:\asus.sys\SIONExportService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AiCharger.sys [x]
S3 AMPPAL;Virtu?ln? adapt?r Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys;c:\windows\SYSNATIVE\drivers\btmaud.sys [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 DVB7700ALL;DiBcom DIB7700 based TV tuner device;c:\windows\system32\Drivers\dvb7700all.sys;c:\windows\SYSNATIVE\Drivers\dvb7700all.sys [x]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files (x86)\Firebird\bin\fbserver.exe;c:\program files (x86)\Firebird\bin\fbserver.exe [x]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-07-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-19 19:07]
.
2013-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-12 13:53]
.
2013-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-12 13:53]
.
2013-07-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1481928539-701506488-1058861579-1000Core.job
- c:\users\MarthyX\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-14 07:56]
.
2013-07-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1481928539-701506488-1058861579-1000UA.job
- c:\users\MarthyX\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-14 07:56]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-05-18 10365952]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-03-21 361984]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-13 168216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-13 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-13 416024]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-07-27 1935120]
"Fences"="c:\program files (x86)\Stardock\Fences\Fences.exe" [2012-10-29 4017368]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files (x86)\Stardock\Fences\FencesMenu64.dll" [2012-10-29 551640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.10.1.1
FF - ProfilePath - c:\users\MarthyX\AppData\Roaming\Mozilla\Firefox\Profiles\m78xhm8d.default\
FF - prefs.js: browser.startup.homepage -
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-SystemKey - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SynAsusAcpi - c:\program files (x86)\Synaptics\SynTP\SynAsusAcpi.exe
AddRemove-Mafia Game - c:\windows\system32\MafiaSetup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-07-05 12:11:39
ComboFix-quarantined-files.txt 2013-07-05 10:11
ComboFix2.txt 2012-06-19 21:58
.
Před spuštěním: Volných bajtů: 58 309 578 752
Po spuštění: Volných bajtů: 58 130 284 544
.
- - End Of File - - 0E0AB8993651405B43CA2A6568774BA3
D41D8CD98F00B204E9800998ECF8427E
11:35:00.0664 8048 rdbss - ok
11:35:00.0680 8048 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
11:35:00.0680 8048 rdpbus - ok
11:35:00.0680 8048 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:35:00.0680 8048 RDPCDD - ok
11:35:00.0742 8048 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
11:35:00.0758 8048 RDPDR - ok
11:35:00.0774 8048 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:35:00.0774 8048 RDPENCDD - ok
11:35:00.0774 8048 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:35:00.0774 8048 RDPREFMP - ok
11:35:00.0836 8048 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:35:00.0836 8048 RDPWD - ok
11:35:00.0914 8048 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:35:00.0914 8048 rdyboost - ok
11:35:00.0992 8048 [ FD11C1287D38A46FB72353E14D50089C ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
11:35:00.0992 8048 RegSrvc - ok
11:35:01.0023 8048 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:35:01.0023 8048 RemoteAccess - ok
11:35:01.0070 8048 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:35:01.0070 8048 RemoteRegistry - ok
11:35:01.0148 8048 [ 9C3AC71A9934B884FAC567A8807E9C4D ] Revoflt C:\Windows\system32\DRIVERS\revoflt.sys
11:35:01.0148 8048 Revoflt - ok
11:35:01.0195 8048 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
11:35:01.0195 8048 RFCOMM - ok
11:35:01.0226 8048 [ B60F58F175DE20A6739194E85B035178 ] rpcapd C:\Program Files (x86)\WinPcap\rpcapd.exe
11:35:01.0226 8048 rpcapd - ok
11:35:01.0257 8048 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:35:01.0257 8048 RpcEptMapper - ok
11:35:01.0273 8048 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
11:35:01.0273 8048 RpcLocator - ok
11:35:01.0335 8048 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
11:35:01.0335 8048 RpcSs - ok
11:35:01.0366 8048 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:35:01.0366 8048 rspndr - ok
11:35:01.0429 8048 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
11:35:01.0429 8048 s3cap - ok
11:35:01.0444 8048 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
11:35:01.0444 8048 SamSs - ok
11:35:01.0460 8048 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:35:01.0476 8048 sbp2port - ok
11:35:01.0507 8048 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:35:01.0522 8048 SCardSvr - ok
11:35:01.0569 8048 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:35:01.0569 8048 scfilter - ok
11:35:01.0632 8048 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
11:35:01.0647 8048 Schedule - ok
11:35:01.0694 8048 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
11:35:01.0710 8048 SCPolicySvc - ok
11:35:01.0756 8048 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:35:01.0756 8048 SDRSVC - ok
11:35:01.0788 8048 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:35:01.0788 8048 secdrv - ok
11:35:01.0850 8048 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
11:35:01.0850 8048 seclogon - ok
11:35:01.0881 8048 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
11:35:01.0881 8048 SENS - ok
11:35:01.0912 8048 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:35:01.0928 8048 SensrSvc - ok
11:35:01.0944 8048 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
11:35:01.0959 8048 Serenum - ok
11:35:01.0959 8048 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
11:35:01.0975 8048 Serial - ok
11:35:02.0037 8048 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
11:35:02.0037 8048 sermouse - ok
11:35:02.0115 8048 [ C3BB6CF8F9EE199005A2AAE2815AD756 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
11:35:02.0115 8048 ServiceLayer - ok
11:35:02.0178 8048 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
11:35:02.0178 8048 SessionEnv - ok
11:35:02.0224 8048 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:35:02.0224 8048 sffdisk - ok
11:35:02.0224 8048 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:35:02.0240 8048 sffp_mmc - ok
11:35:02.0240 8048 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:35:02.0240 8048 sffp_sd - ok
11:35:02.0256 8048 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
11:35:02.0256 8048 sfloppy - ok
11:35:02.0318 8048 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:35:02.0318 8048 SharedAccess - ok
11:35:02.0380 8048 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:35:02.0380 8048 ShellHWDetection - ok
11:35:02.0427 8048 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:35:02.0427 8048 SiSRaid2 - ok
11:35:02.0443 8048 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
11:35:02.0443 8048 SiSRaid4 - ok
11:35:02.0552 8048 [ 4E8A4BB5B11D828FF986F6228B1CD3DF ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
11:35:02.0552 8048 SkypeUpdate - ok
11:35:02.0568 8048 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:35:02.0583 8048 Smb - ok
11:35:02.0630 8048 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:35:02.0630 8048 SNMPTRAP - ok
11:35:02.0708 8048 [ 0416266CCBC2B95EAE2C6E0AA5D228FD ] Splashtop MDES C:\ASUS.SYS\SIONExportService.exe
11:35:02.0708 8048 Splashtop MDES - ok
11:35:02.0724 8048 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
11:35:02.0724 8048 spldr - ok
11:35:02.0786 8048 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
11:35:02.0786 8048 Spooler - ok
11:35:02.0895 8048 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
11:35:02.0958 8048 sppsvc - ok
11:35:03.0004 8048 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:35:03.0004 8048 sppuinotify - ok
11:35:03.0082 8048 [ EAD5300C93946B0250A309E2BF2BE4CF ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
11:35:03.0098 8048 SQLWriter - ok
11:35:03.0176 8048 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
11:35:03.0192 8048 srv - ok
11:35:03.0207 8048 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:35:03.0207 8048 srv2 - ok
11:35:03.0238 8048 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:35:03.0238 8048 srvnet - ok
11:35:03.0270 8048 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:35:03.0270 8048 SSDPSRV - ok
11:35:03.0285 8048 SSHDRV76 - ok
11:35:03.0301 8048 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:35:03.0316 8048 SstpSvc - ok
11:35:03.0394 8048 [ C321084609422404F8DD1513C988DBEA ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
11:35:03.0394 8048 Stereo Service - ok
11:35:03.0426 8048 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
11:35:03.0426 8048 stexstor - ok
11:35:03.0504 8048 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
11:35:03.0519 8048 stisvc - ok
11:35:03.0566 8048 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
11:35:03.0566 8048 storflt - ok
11:35:03.0597 8048 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
11:35:03.0613 8048 StorSvc - ok
11:35:03.0628 8048 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
11:35:03.0628 8048 storvsc - ok
11:35:03.0644 8048 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
11:35:03.0644 8048 swenum - ok
11:35:03.0800 8048 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
11:35:03.0800 8048 SwitchBoard - ok
11:35:03.0831 8048 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
11:35:03.0831 8048 swprv - ok
11:35:03.0894 8048 [ 7E8902F9929A5D9FFD0F545332CE0F10 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
11:35:03.0909 8048 SynTP - ok
11:35:04.0018 8048 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
11:35:04.0050 8048 SysMain - ok
11:35:04.0112 8048 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:35:04.0112 8048 TabletInputService - ok
11:35:04.0128 8048 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
11:35:04.0128 8048 TapiSrv - ok
11:35:04.0159 8048 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
11:35:04.0174 8048 TBS - ok
11:35:04.0252 8048 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:35:04.0252 8048 Tcpip - ok
11:35:04.0299 8048 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:35:04.0315 8048 TCPIP6 - ok
11:35:04.0377 8048 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:35:04.0377 8048 tcpipreg - ok
11:35:04.0408 8048 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:35:04.0408 8048 TDPIPE - ok
11:35:04.0455 8048 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:35:04.0455 8048 TDTCP - ok
11:35:04.0502 8048 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:35:04.0502 8048 tdx - ok
11:35:04.0627 8048 [ BB676D2C7AD5E7131D12417E4691F9B9 ] Te.Service C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe
11:35:04.0642 8048 Te.Service - ok
11:35:04.0845 8048 [ 57DDE1395F86EE048AB25717EEB8CAEB ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
11:35:04.0861 8048 TeamViewer8 - ok
11:35:04.0923 8048 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
11:35:04.0923 8048 TermDD - ok
11:35:04.0986 8048 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
11:35:05.0001 8048 TermService - ok
11:35:05.0017 8048 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
11:35:05.0032 8048 Themes - ok
11:35:05.0064 8048 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
11:35:05.0064 8048 THREADORDER - ok
11:35:05.0079 8048 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
11:35:05.0079 8048 TrkWks - ok
11:35:05.0173 8048 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:35:05.0173 8048 TrustedInstaller - ok
11:35:05.0235 8048 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:35:05.0235 8048 tssecsrv - ok
11:35:05.0282 8048 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:35:05.0282 8048 TsUsbFlt - ok
11:35:05.0376 8048 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:35:05.0376 8048 tunnel - ok
11:35:05.0407 8048 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
11:35:05.0407 8048 uagp35 - ok
11:35:05.0469 8048 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:35:05.0469 8048 udfs - ok
11:35:05.0485 8048 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:35:05.0500 8048 UI0Detect - ok
11:35:05.0516 8048 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:35:05.0516 8048 uliagpkx - ok
11:35:05.0610 8048 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
11:35:05.0610 8048 umbus - ok
11:35:05.0641 8048 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
11:35:05.0641 8048 UmPass - ok
11:35:05.0672 8048 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
11:35:05.0688 8048 UmRdpService - ok
11:35:05.0719 8048 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
11:35:05.0734 8048 upnphost - ok
11:35:05.0812 8048 [ 34AFB83C7BBA370E404E52CC2290350C ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
11:35:05.0812 8048 upperdev - ok
11:35:05.0890 8048 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
11:35:05.0890 8048 USBAAPL64 - ok
11:35:05.0922 8048 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:35:05.0922 8048 usbccgp - ok
11:35:05.0984 8048 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:35:05.0984 8048 usbcir - ok
11:35:06.0000 8048 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
11:35:06.0000 8048 usbehci - ok
11:35:06.0031 8048 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:35:06.0031 8048 usbhub - ok
11:35:06.0062 8048 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
11:35:06.0062 8048 usbohci - ok
11:35:06.0093 8048 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:35:06.0093 8048 usbprint - ok
11:35:06.0156 8048 [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser C:\Windows\system32\DRIVERS\usbser.sys
11:35:06.0156 8048 usbser - ok
11:35:06.0218 8048 [ AA75E1EFBEE7186B4CBAAACF1F15E6CA ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
11:35:06.0218 8048 UsbserFilt - ok
11:35:06.0234 8048 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:35:06.0234 8048 USBSTOR - ok
11:35:06.0249 8048 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
11:35:06.0265 8048 usbuhci - ok
11:35:06.0312 8048 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
11:35:06.0312 8048 usbvideo - ok
11:35:06.0421 8048 utslzlbfrhqoie - ok
11:35:06.0436 8048 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
11:35:06.0436 8048 UxSms - ok
11:35:06.0452 8048 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
11:35:06.0452 8048 VaultSvc - ok
11:35:06.0468 8048 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:35:06.0468 8048 vdrvroot - ok
11:35:06.0530 8048 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
11:35:06.0546 8048 vds - ok
11:35:06.0577 8048 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:35:06.0577 8048 vga - ok
11:35:06.0608 8048 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
11:35:06.0608 8048 VgaSave - ok
11:35:06.0670 8048 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:35:06.0670 8048 vhdmp - ok
11:35:06.0717 8048 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
11:35:06.0717 8048 viaide - ok
11:35:06.0733 8048 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
11:35:06.0748 8048 vmbus - ok
11:35:06.0764 8048 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
11:35:06.0764 8048 VMBusHID - ok
11:35:06.0780 8048 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:35:06.0795 8048 volmgr - ok
11:35:06.0858 8048 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:35:06.0858 8048 volmgrx - ok
11:35:06.0873 8048 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:35:06.0873 8048 volsnap - ok
11:35:06.0904 8048 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
11:35:06.0904 8048 vsmraid - ok
11:35:07.0138 8048 [ F972436B5ED08069A1E7D623B77C226A ] VSPerfDrv110 C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys
11:35:07.0138 8048 VSPerfDrv110 - ok
11:35:07.0216 8048 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
11:35:07.0248 8048 VSS - ok
11:35:07.0263 8048 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
11:35:07.0263 8048 vwifibus - ok
11:35:07.0294 8048 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
11:35:07.0310 8048 vwififlt - ok
11:35:07.0341 8048 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
11:35:07.0341 8048 vwifimp - ok
11:35:07.0372 8048 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
11:35:07.0388 8048 W32Time - ok
11:35:07.0404 8048 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
11:35:07.0404 8048 WacomPen - ok
11:35:07.0482 8048 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:35:07.0482 8048 WANARP - ok
11:35:07.0497 8048 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:35:07.0497 8048 Wanarpv6 - ok
11:35:07.0591 8048 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
11:35:07.0606 8048 WatAdminSvc - ok
11:35:07.0684 8048 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
11:35:07.0716 8048 wbengine - ok
11:35:07.0747 8048 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:35:07.0747 8048 WbioSrvc - ok
11:35:07.0809 8048 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:35:07.0809 8048 wcncsvc - ok
11:35:07.0840 8048 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:35:07.0840 8048 WcsPlugInService - ok
11:35:07.0872 8048 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
11:35:07.0872 8048 Wd - ok
11:35:07.0950 8048 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:35:07.0965 8048 Wdf01000 - ok
11:35:07.0981 8048 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:35:07.0981 8048 WdiServiceHost - ok
11:35:07.0981 8048 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:35:07.0981 8048 WdiSystemHost - ok
11:35:08.0028 8048 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
11:35:08.0043 8048 WebClient - ok
11:35:08.0074 8048 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:35:08.0090 8048 Wecsvc - ok
11:35:08.0121 8048 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:35:08.0121 8048 wercplsupport - ok
11:35:08.0152 8048 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
11:35:08.0168 8048 WerSvc - ok
11:35:08.0184 8048 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:35:08.0184 8048 WfpLwf - ok
11:35:08.0230 8048 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
11:35:08.0230 8048 WimFltr - ok
11:35:08.0230 8048 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:35:08.0230 8048 WIMMount - ok
11:35:08.0262 8048 WinDefend - ok
11:35:08.0262 8048 WinHttpAutoProxySvc - ok
11:35:08.0308 8048 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:35:08.0308 8048 Winmgmt - ok
11:35:08.0386 8048 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
11:35:08.0433 8048 WinRM - ok
11:35:08.0527 8048 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
11:35:08.0527 8048 WinUsb - ok
11:35:08.0574 8048 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
11:35:08.0589 8048 Wlansvc - ok
11:35:08.0652 8048 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
11:35:08.0652 8048 WmiAcpi - ok
11:35:08.0683 8048 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:35:08.0683 8048 wmiApSrv - ok
11:35:08.0730 8048 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:35:08.0730 8048 WPCSvc - ok
11:35:08.0792 8048 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:35:08.0792 8048 WPDBusEnum - ok
11:35:08.0839 8048 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:35:08.0839 8048 ws2ifsl - ok
11:35:08.0870 8048 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
11:35:08.0870 8048 wscsvc - ok
11:35:08.0870 8048 WSearch - ok
11:35:08.0932 8048 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
11:35:08.0979 8048 wuauserv - ok
11:35:09.0042 8048 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:35:09.0042 8048 WudfPf - ok
11:35:09.0104 8048 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:35:09.0104 8048 WUDFRd - ok
11:35:09.0120 8048 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:35:09.0135 8048 wudfsvc - ok
11:35:09.0182 8048 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
11:35:09.0182 8048 WwanSvc - ok
11:35:09.0244 8048 ================ Scan global ===============================
11:35:09.0260 8048 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:35:09.0322 8048 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
11:35:09.0322 8048 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
11:35:09.0354 8048 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:35:09.0369 8048 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:35:09.0369 8048 [Global] - ok
11:35:09.0369 8048 ================ Scan MBR ==================================
11:35:09.0385 8048 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:35:09.0790 8048 \Device\Harddisk0\DR0 - ok
11:35:10.0118 8048 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
11:35:10.0180 8048 \Device\Harddisk1\DR1 - ok
11:35:10.0180 8048 ================ Scan VBR ==================================
11:35:10.0180 8048 [ 5BED3CB160780F2819DE49A21FB8FD31 ] \Device\Harddisk0\DR0\Partition1
11:35:10.0180 8048 \Device\Harddisk0\DR0\Partition1 - ok
11:35:10.0180 8048 [ 788D984F72853E1425FFED45D222C523 ] \Device\Harddisk1\DR1\Partition1
11:35:10.0196 8048 \Device\Harddisk1\DR1\Partition1 - ok
11:35:10.0196 8048 ============================================================
11:35:10.0196 8048 Scan finished
11:35:10.0196 8048 ============================================================
11:35:10.0196 5364 Detected object count: 0
11:35:10.0196 5364 Actual detected object count: 0
11:35:15.0672 7688 Deinitialize success
////////////////////////////////////////////////////////////////////////////////////////////
Combofix:
ComboFix 13-07-04.01 - MarthyX 05.07.2013 12:00:18.1.8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.8102.5835 [GMT 2:00]
Spuštěný z: c:\users\MarthyX\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Disabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\users\MarthyX\AppData\Local\assembly\tmp
c:\windows\DPINST.LOG
c:\windows\IsUn0407.exe
c:\windows\msvcr71.dll
c:\windows\SysWow64\d2d1debug1.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-06-05 do 2013-07-05 )))))))))))))))))))))))))))))))
.
.
2013-07-05 10:09 . 2013-07-05 10:09 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-07-05 10:09 . 2013-07-05 10:09 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-07-05 10:05 . 2013-07-05 10:05 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2BAF9A3F-CE04-46BC-9220-54D8CEE39F4B}\offreg.dll
2013-07-05 07:54 . 2013-07-05 07:54 -------- d-----w- c:\windows\ERUNT
2013-07-05 07:54 . 2013-07-05 07:54 -------- d-----w- C:\JRT
2013-07-05 06:23 . 2013-06-12 03:08 9552976 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2BAF9A3F-CE04-46BC-9220-54D8CEE39F4B}\mpengine.dll
2013-06-20 21:11 . 2013-06-20 21:11 -------- d-----w- c:\users\MarthyX\AppData\Roaming\DVDVideoSoft
2013-06-20 21:11 . 2013-06-20 21:11 -------- d-----w- c:\program files (x86)\DVDVideoSoft
2013-06-20 21:11 . 2013-06-20 21:11 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft
2013-06-20 13:31 . 2013-06-20 13:31 -------- d-----w- c:\program files (x86)\Trend Micro
2013-06-18 17:16 . 2013-06-18 17:16 -------- d-----w- c:\users\MarthyX\AppData\Local\Application Data
2013-06-18 17:15 . 2013-06-18 17:15 -------- d-----w- c:\program files (x86)\NbuExplorer
2013-06-18 17:14 . 2012-12-19 13:53 19632 ----a-w- c:\windows\system32\roboot64.exe
2013-06-16 01:01 . 2013-06-08 12:28 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2013-06-16 01:01 . 2013-06-08 11:13 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-06-16 01:01 . 2013-06-08 14:08 279040 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2013-06-16 01:01 . 2013-06-08 11:41 218112 ----a-w- c:\program files (x86)\Internet Explorer\sqmapi.dll
2013-06-16 01:01 . 2013-06-08 14:08 1365504 ----a-w- c:\windows\system32\urlmon.dll
2013-06-16 01:01 . 2013-06-08 14:06 2648064 ----a-w- c:\windows\system32\iertutil.dll
2013-06-16 01:01 . 2013-06-08 14:06 526336 ----a-w- c:\windows\system32\ieui.dll
2013-06-16 01:01 . 2013-06-08 14:06 15404544 ----a-w- c:\windows\system32\ieframe.dll
2013-06-16 01:00 . 2013-06-08 14:07 19233792 ----a-w- c:\windows\system32\mshtml.dll
2013-06-12 13:53 . 2013-06-12 14:00 -------- d-----w- c:\program files (x86)\Google
2013-06-11 21:20 . 2013-05-08 06:39 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-06-11 21:20 . 2013-04-26 05:51 751104 ----a-w- c:\windows\system32\win32spl.dll
2013-06-11 21:20 . 2013-04-26 04:55 492544 ----a-w- c:\windows\SysWow64\win32spl.dll
2013-06-11 21:20 . 2013-05-10 05:49 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-06-11 21:20 . 2013-05-10 03:20 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2013-06-11 21:20 . 2013-04-17 07:02 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-06-11 21:20 . 2013-04-17 06:24 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-06-11 21:20 . 2013-05-13 05:51 1464320 ----a-w- c:\windows\system32\crypt32.dll
2013-06-11 21:20 . 2013-05-13 03:43 1192448 ----a-w- c:\windows\system32\certutil.exe
2013-06-11 21:20 . 2013-05-13 03:08 903168 ----a-w- c:\windows\SysWow64\certutil.exe
2013-06-11 21:19 . 2013-05-13 04:45 1160192 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-06-11 21:19 . 2013-05-13 05:51 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-06-11 21:19 . 2013-05-13 05:51 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-06-11 21:19 . 2013-05-13 04:45 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-06-11 21:19 . 2013-05-13 05:50 52224 ----a-w- c:\windows\system32\certenc.dll
2013-06-11 21:19 . 2013-05-13 04:45 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-06-11 21:19 . 2013-05-13 03:08 43008 ----a-w- c:\windows\SysWow64\certenc.dll
2013-06-11 21:19 . 2013-03-31 22:52 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-06-11 21:19 . 2013-04-25 23:30 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-27 20:07 . 2013-05-05 13:47 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-06-27 20:07 . 2012-09-14 10:51 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-06-27 20:07 . 2012-09-14 10:51 1030952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-06-12 19:07 . 2012-11-19 09:01 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-12 19:07 . 2012-11-19 09:01 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-12 01:02 . 2012-09-23 11:36 75825640 ----a-w- c:\windows\system32\MRT.exe
2013-05-09 08:59 . 2013-05-05 13:47 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-05-09 08:59 . 2012-09-14 10:51 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-05-09 08:59 . 2012-09-14 10:51 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-05-09 08:59 . 2013-05-29 15:49 22600 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2013-05-09 08:59 . 2012-09-14 10:51 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-05-09 08:59 . 2012-09-14 10:51 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-09 08:58 . 2012-09-14 10:50 41664 ----a-w- c:\windows\avastSS.scr
2013-05-09 08:58 . 2012-09-14 10:51 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-05-07 17:04 . 2012-09-14 11:09 78848 ----a-w- c:\windows\KMSEmulator.exe
2013-05-06 18:56 . 2009-07-13 23:57 20639232 ----a-w- c:\windows\system32\imageres.dll
2013-05-06 12:49 . 2013-05-06 12:49 163712 ----a-w- c:\windows\SysWow64\drivers\vidstub.sys
2013-05-06 09:53 . 2013-05-06 09:53 21712 ----a-w- c:\windows\SysWow64\drivers\DrvAgent64.SYS
2013-05-06 07:41 . 2013-05-06 07:41 632064 ----a-w- c:\windows\SysWow64\msvcr80.dll
2013-05-06 07:41 . 2013-05-06 07:41 554240 ----a-w- c:\windows\SysWow64\msvcp80.dll
2013-05-06 07:41 . 2013-05-06 07:41 34048 ----a-w- c:\windows\SysWow64\eEmpty.exe
2013-05-02 00:06 . 2012-09-14 08:26 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-18 15:15 . 2013-04-18 15:15 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10144.bin
2013-04-13 05:49 . 2013-05-15 03:09 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 03:09 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 03:09 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 03:09 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 03:09 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 03:09 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 12:52 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-10 06:01 . 2013-05-15 03:09 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-04-10 06:01 . 2013-05-15 03:09 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-04-10 03:30 . 2013-05-15 03:08 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-04-08 11:32 . 2013-04-08 11:32 25256224 ----a-w- c:\windows\system32\nvcompiler.dll
2013-04-08 11:32 . 2012-09-14 10:14 201576 ----a-w- c:\windows\SysWow64\nvinit.dll
2013-04-08 11:32 . 2013-04-08 11:32 7935352 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-04-08 11:32 . 2012-09-14 10:14 1107440 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-04-08 11:32 . 2013-04-08 11:32 30496 ----a-w- c:\windows\system32\drivers\nvpciflt.sys
2013-04-08 11:32 . 2013-04-08 11:32 284448 ----a-w- c:\windows\system32\drivers\nvkflt.sys
2013-04-08 11:32 . 2012-09-14 10:14 962216 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2013-04-08 11:32 . 2013-04-08 11:32 2722592 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-04-08 11:32 . 2013-04-08 11:32 1988384 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-04-08 11:32 . 2013-04-08 11:32 18061328 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-04-08 11:32 . 2013-04-08 11:32 11077920 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-04-08 11:32 . 2013-04-08 11:32 15054288 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-04-08 11:32 . 2012-09-14 10:14 2833232 ----a-w- c:\windows\system32\nvapi64.dll
2013-04-08 11:32 . 2013-04-08 11:32 20458784 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-04-08 11:32 . 2013-04-08 11:32 26938656 ----a-w- c:\windows\system32\nvoglv64.dll
2013-04-08 11:32 . 2012-09-14 10:14 245872 ----a-w- c:\windows\system32\nvinitx.dll
2013-04-08 11:32 . 2013-04-08 11:32 6264680 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-04-08 11:32 . 2013-04-08 11:32 12642504 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-04-08 11:32 . 2013-04-08 11:32 9393344 ----a-w- c:\windows\system32\nvcuda.dll
2013-04-08 11:32 . 2012-09-14 10:14 15135104 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-04-08 11:32 . 2013-04-08 11:32 7567136 ----a-w- c:\windows\system32\nvopencl.dll
2013-04-08 11:32 . 2013-04-08 11:32 1510176 ----a-w- c:\windows\system32\nvdispgenco64.dll
2013-04-08 11:32 . 2013-04-08 11:32 1814304 ----a-w- c:\windows\system32\nvdispco64.dll
2013-04-08 11:32 . 2013-04-08 11:32 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-04-08 11:32 . 2012-09-14 10:14 2512336 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-04-08 11:32 . 2013-04-08 11:32 2906912 ----a-w- c:\windows\system32\nvcuvid.dll
2013-04-08 11:32 . 2013-04-08 11:32 2347296 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-11-07 11:08 . 2012-11-07 11:09 18420101 ----a-w- c:\program files (x86)\mpatchcz1.2.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-03 19603048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2011-07-21 5716608]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"BootSkin Startup Jobs"="c:\progra~2\Stardock\WINCUS~1\BootSkin\BootSkin.exe" [2004-04-26 270336]
.
c:\users\MarthyX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Fences.lnk - c:\program files (x86)\Stardock\Fences\Fences.exe /startup [2012-10-29 4017368]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer5"=wdmaud.drv
.
R1 SSHDRV76;SSHDRV76;c:\windows\system32\drivers\SSHDRV76.sys;c:\windows\SYSNATIVE\drivers\SSHDRV76.sys [x]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 utslzlbfrhqoie;utslzlbfrhqoie;c:\windows\SysWOW64\PBZAJC~1.EXE;c:\windows\SysWOW64\PBZAJC~1.EXE [x]
R3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Te.Service;Te.Service;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvkflt.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files (x86)\Firebird\bin\fbguard.exe;c:\program files (x86)\Firebird\bin\fbguard.exe [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [x]
S2 Splashtop MDES;Splashtop Meta Data Export Service;c:\asus.sys\SIONExportService.exe;c:\asus.sys\SIONExportService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AiCharger.sys [x]
S3 AMPPAL;Virtu?ln? adapt?r Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys;c:\windows\SYSNATIVE\drivers\btmaud.sys [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 DVB7700ALL;DiBcom DIB7700 based TV tuner device;c:\windows\system32\Drivers\dvb7700all.sys;c:\windows\SYSNATIVE\Drivers\dvb7700all.sys [x]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files (x86)\Firebird\bin\fbserver.exe;c:\program files (x86)\Firebird\bin\fbserver.exe [x]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-07-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-19 19:07]
.
2013-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-12 13:53]
.
2013-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-12 13:53]
.
2013-07-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1481928539-701506488-1058861579-1000Core.job
- c:\users\MarthyX\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-14 07:56]
.
2013-07-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1481928539-701506488-1058861579-1000UA.job
- c:\users\MarthyX\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-14 07:56]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-06-06 21:57 778192 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-05-18 10365952]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-03-21 361984]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-13 168216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-13 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-13 416024]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-07-27 1935120]
"Fences"="c:\program files (x86)\Stardock\Fences\Fences.exe" [2012-10-29 4017368]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files (x86)\Stardock\Fences\FencesMenu64.dll" [2012-10-29 551640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.10.1.1
FF - ProfilePath - c:\users\MarthyX\AppData\Roaming\Mozilla\Firefox\Profiles\m78xhm8d.default\
FF - prefs.js: browser.startup.homepage -
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-SystemKey - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SynAsusAcpi - c:\program files (x86)\Synaptics\SynTP\SynAsusAcpi.exe
AddRemove-Mafia Game - c:\windows\system32\MafiaSetup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-07-05 12:11:39
ComboFix-quarantined-files.txt 2013-07-05 10:11
ComboFix2.txt 2012-06-19 21:58
.
Před spuštěním: Volných bajtů: 58 309 578 752
Po spuštění: Volných bajtů: 58 130 284 544
.
- - End Of File - - 0E0AB8993651405B43CA2A6568774BA3
D41D8CD98F00B204E9800998ECF8427E
Freerapid 4ever
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 94 hostů