Poprosil bych o kontrolu

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Uživatelský avatar
pompeus50
Level 2.5
Level 2.5
Příspěvky: 263
Registrován: duben 07
Pohlaví: Muž
Stav:
Offline

Poprosil bych o kontrolu

Příspěvekod pompeus50 » 18 črc 2013 23:33

Ahoj,poprosil bych o kontrolu. Při otevírání jiné stránky v příspěvcích například na FB mě to automaticky hodí na stránku s nějakou reklamou

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:30:33, on 18.7.2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_8_800_94_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Users\Jitka\Desktop\programy\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.helpmefindyour.info/?p ... g=EN&cc=CZ
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.qip.ru/search?query=%s&from=IE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SSearch-NNewTabb - {9B5C4993-CD61-6FF2-9CB0-63BF7EB5DA4B} - C:\ProgramData\SSearch-NNewTabb\516b0622b8d74.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Jitka\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre7\bin\jp2iexp.dll
O9 - Extra button: QIP 2005 - {1EF681F7-A04B-4D6D-9012-A307CCA55610} - (no file) (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.0 ... rol_32.CAB
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/CZ/Core/ ... _Win32.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~2\websea~1\sprote~1.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files (x86)\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12035 bytes

Reklama
Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: Poprosil bych o kontrolu

Příspěvekod memphisto » 19 črc 2013 08:23

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
- Pokud používáš Firefox, klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
- Pokud používáš Chrome, nic dalšího nevybírej a dej Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(ZATÍM SÁM NIC NEMAŽ!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner

Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji

Uživatelský avatar
pompeus50
Level 2.5
Level 2.5
Příspěvky: 263
Registrován: duben 07
Pohlaví: Muž
Stav:
Offline

Re: Poprosil bych o kontrolu

Příspěvekod pompeus50 » 19 črc 2013 13:08

ATF Cleaner - pročištěno

Malwarebytes' Anti-Malware scan

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.07.19.04

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
Jitka :: JITKA-PC [administrátor]

19.7.2013 12:54:01
MBAM-log-2013-07-19 (13-01-42).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 222610
Uplynulý čas: 7 minut, 3 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 1
C:\ProgramData\SSearch-NNewTabb\516b0622b8d74.dll (PUP.Adware.MultiPlug) -> Nebyla provedena žádná instrukce.

Nalezené klíče v registru: 4
HKCR\CLSID\{9B5C4993-CD61-6FF2-9CB0-63BF7EB5DA4B} (PUP.Adware.MultiPlug) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9B5C4993-CD61-6FF2-9CB0-63BF7EB5DA4B} (PUP.Adware.MultiPlug) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{9B5C4993-CD61-6FF2-9CB0-63BF7EB5DA4B} (PUP.Adware.MultiPlug) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9B5C4993-CD61-6FF2-9CB0-63BF7EB5DA4B} (PUP.Adware.MultiPlug) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 1
C:\Users\Jitka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum (Rogue.LiveSecurityPlatinum) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 6
C:\ProgramData\SSearch-NNewTabb\516b0622b8d74.dll (PUP.Adware.MultiPlug) -> Nebyla provedena žádná instrukce.
C:\ProgramData\0C1CFB13004E9F7B17BCA4BB2F3B707C\0C1CFB13004E9F7B17BCA4BB2F3B707C.exe (Trojan.LameShield) -> Nebyla provedena žádná instrukce.
C:\ProgramData\BBrowusse22savve\516b05dd3dfb9.dll (PUP.Adware.MultiPlug) -> Nebyla provedena žádná instrukce.
C:\Windows\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\U\80000000.@ (Trojan.Sirefef) -> Nebyla provedena žádná instrukce.
C:\Windows\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\U\800000cb.@ (Trojan.Sirefef) -> Nebyla provedena žádná instrukce.
C:\Users\Jitka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum\Live Security Platinum.lnk (Rogue.LiveSecurityPlatinum) -> Nebyla provedena žádná instrukce.

(konec)


AdwCleaner scan

# AdwCleaner v2.305 - Log vytvooen 19/07/2013 v 13:03:34
# Aktualizováno 11/07/2013 Xplode
# Operaení systém : Windows (TM) Vista Home Premium Service Pack 2 (64 bits)
# Uživatel : Jitka - JITKA-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Jitka\Desktop\adwcleaner.exe
# Volba [Prohledat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Nalezeno : C:\Program Files (x86)\Conduit
Složka Nalezeno : C:\Program Files (x86)\ConduitEngine
Složka Nalezeno : C:\Program Files (x86)\RadarSync2
Složka Nalezeno : C:\Program Files (x86)\WebSearch
Složka Nalezeno : C:\ProgramData\Babylon
Složka Nalezeno : C:\ProgramData\BBrowusse22savve
Složka Nalezeno : C:\ProgramData\BBrowusse22savve
Složka Nalezeno : C:\ProgramData\BetterSoft
Složka Nalezeno : C:\ProgramData\InstallMate
Složka Nalezeno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SSearch-NNewTabb
Složka Nalezeno : C:\ProgramData\Premium
Složka Nalezeno : C:\ProgramData\SoftSafe
Složka Nalezeno : C:\ProgramData\SSearch-NNewTabb
Složka Nalezeno : C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpklaojhfpppchcgdnfjdpoabfjacfmc
Složka Nalezeno : C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljklhdogbckokbbklcdmedgdijcdfkih
Složka Nalezeno : C:\Users\Jitka\AppData\LocalLow\BBrowusse22savve
Složka Nalezeno : C:\Users\Jitka\AppData\LocalLow\BBrowusse22savve
Složka Nalezeno : C:\Users\Jitka\AppData\LocalLow\Conduit
Složka Nalezeno : C:\Users\Jitka\AppData\LocalLow\ConduitEngine
Složka Nalezeno : C:\Users\Jitka\AppData\LocalLow\RadarSync2
Složka Nalezeno : C:\Users\Jitka\AppData\LocalLow\SSearch-NNewTabb
Složka Nalezeno : C:\Users\Jitka\AppData\Roaming\Babylon
Složka Nalezeno : C:\Users\Jitka\AppData\Roaming\dvdvideosoftiehelpers
Soubor Nalezeno : C:\Windows\Tasks\SpeedUpMyPC.job

***** [Registry] *****

Data Nalezeno : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\websea~1\sprote~1.dll
Hodnota Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{6EDC3889-B841-4127-A2BF-C5FC48F972C7}]
Hodnota Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\Conduit
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\conduitEngine
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\conduitEngine
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\RadarSync2
Klíe Nalezeno : HKCU\Software\AppDataLow\SProtector
Klíe Nalezeno : HKCU\Software\AppDataLow\Toolbar
Klíe Nalezeno : HKCU\Software\Conduit
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\OptimizerPro
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\RadarSync2 Toolbar
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6D57FC9B-0137-41B5-B670-29D553EAB232}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6EDC3889-B841-4127-A2BF-C5FC48F972C7}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8278BA2B-13A5-4412-980D-8ECD3EBC649D}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9B5C4993-CD61-6FF2-9CB0-63BF7EB5DA4B}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6EDC3889-B841-4127-A2BF-C5FC48F972C7}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9B5C4993-CD61-6FF2-9CB0-63BF7EB5DA4B}
Klíe Nalezeno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Nalezeno : HKCU\Software\systweak
Klíe Nalezeno : HKCU\Software\YahooPartnerToolbar
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíe Nalezeno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Klíe Nalezeno : HKLM\Software\Babylon
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Conduit.Engine
Klíe Nalezeno : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Toolbar.CT2770693
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Klíe Nalezeno : HKLM\Software\Conduit
Klíe Nalezeno : HKLM\Software\conduitEngine
Klíe Nalezeno : HKLM\Software\conduitEngine
Klíe Nalezeno : HKLM\Software\ICQ\ICQToolbar
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ADA05141-33DD-4089-BBD5-495C2E6077B9}
Klíe Nalezeno : HKLM\Software\RadarSync2
Klíe Nalezeno : HKLM\Software\SP Global
Klíe Nalezeno : HKLM\Software\SProtector
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{14F35FFC-522A-4DD1-A07E-6B8B65C6891E}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6D57FC9B-0137-41B5-B670-29D553EAB232}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6EDC3889-B841-4127-A2BF-C5FC48F972C7}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{8278BA2B-13A5-4412-980D-8ECD3EBC649D}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9B5C4993-CD61-6FF2-9CB0-63BF7EB5DA4B}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{ADA05141-33DD-4089-BBD5-495C2E6077B9}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6DBEB0C5-DD8B-462C-86A9-6FCBFA738C31}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BE4BCF5E-604D-4E15-8D18-FE695DC6C9C9}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9B5C4993-CD61-6FF2-9CB0-63BF7EB5DA4B}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\RadarSync2 Toolbar
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Klíe Nalezeno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro
Klíe Nalezeno : HKU\S-1-5-21-3416734063-1635780789-2204153844-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Nalezeno : HKU\S-1-5-21-3416734063-1635780789-2204153844-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Klíe Nalezeno : HKU\S-1-5-21-3416734063-1635780789-2204153844-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Klíe Nalezeno : HKU\S-1-5-21-3416734063-1635780789-2204153844-1000\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Nalezeno : HKU\S-1-5-21-3416734063-1635780789-2204153844-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Nalezeno : HKU\S-1-5-21-3416734063-1635780789-2204153844-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíe Nalezeno : HKU\S-1-5-21-3416734063-1635780789-2204153844-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v9.0.8112.16421

[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://websearch.helpmefindyour.info/?p ... g=EN&cc=CZ
[HKCU\Software\Microsoft\Internet Explorer\SearchUrl - (Par défaut)] = hxxp://search.qip.ru/search?query=%s&from=IE

-\\ Google Chrome v28.0.1500.72

Soubor : C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [12296 octets] - [19/07/2013 13:03:34]

########## EOF - C:\AdwCleaner[R1].txt - [12357 octets] ##########

Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: Poprosil bych o kontrolu

Příspěvekod memphisto » 19 črc 2013 17:51

V Adw i Mbam nech vše smazat a dodej logy po mazání

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit

-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji

Uživatelský avatar
pompeus50
Level 2.5
Level 2.5
Příspěvky: 263
Registrován: duben 07
Pohlaví: Muž
Stav:
Offline

Re: Poprosil bych o kontrolu

Příspěvekod pompeus50 » 19 črc 2013 20:48

AdwCleaner snan po smazání

# AdwCleaner v2.306 - Log vytvooen 19/07/2013 v 20:13:16
# Aktualizováno 19/07/2013 Xplode
# Operaení systém : Windows (TM) Vista Home Premium Service Pack 2 (64 bits)
# Uživatel : Jitka - JITKA-PC
# Spuštin systém : Normální
# Spuštino z : C:\Users\Jitka\Desktop\adwcleaner.exe
# Volba [Vymazat]


***** [Služby] *****


***** [Soubory / Složky] *****

Soubor Vymazáno : C:\Windows\Tasks\SpeedUpMyPC.job
Vymazáno poi restartu : C:\Program Files (x86)\Conduit
Vymazáno poi restartu : C:\Program Files (x86)\ConduitEngine
Vymazáno poi restartu : C:\Program Files (x86)\RadarSync2
Vymazáno poi restartu : C:\Program Files (x86)\WebSearch
Vymazáno poi restartu : C:\ProgramData\Babylon
Vymazáno poi restartu : C:\ProgramData\BBrowusse22savve
Vymazáno poi restartu : C:\ProgramData\BBrowusse22savve
Vymazáno poi restartu : C:\ProgramData\BetterSoft
Vymazáno poi restartu : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SSearch-NNewTabb
Vymazáno poi restartu : C:\ProgramData\Premium
Vymazáno poi restartu : C:\ProgramData\SoftSafe
Vymazáno poi restartu : C:\ProgramData\SSearch-NNewTabb
Vymazáno poi restartu : C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpklaojhfpppchcgdnfjdpoabfjacfmc
Vymazáno poi restartu : C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljklhdogbckokbbklcdmedgdijcdfkih
Vymazáno poi restartu : C:\Users\Jitka\AppData\LocalLow\BBrowusse22savve
Vymazáno poi restartu : C:\Users\Jitka\AppData\LocalLow\BBrowusse22savve
Vymazáno poi restartu : C:\Users\Jitka\AppData\LocalLow\Conduit
Vymazáno poi restartu : C:\Users\Jitka\AppData\LocalLow\ConduitEngine
Vymazáno poi restartu : C:\Users\Jitka\AppData\LocalLow\RadarSync2
Vymazáno poi restartu : C:\Users\Jitka\AppData\LocalLow\SSearch-NNewTabb
Vymazáno poi restartu : C:\Users\Jitka\AppData\Roaming\Babylon
Vymazáno poi restartu : C:\Users\Jitka\AppData\Roaming\dvdvideosoftiehelpers

***** [Registry] *****

Hodnota Vymazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{6EDC3889-B841-4127-A2BF-C5FC48F972C7}]
Hodnota Vymazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\Conduit
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\conduitEngine
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\RadarSync2
Klíe Vymazáno : HKCU\Software\AppDataLow\SProtector
Klíe Vymazáno : HKCU\Software\AppDataLow\Toolbar
Klíe Vymazáno : HKCU\Software\Conduit
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\OptimizerPro
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\RadarSync2 Toolbar
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6D57FC9B-0137-41B5-B670-29D553EAB232}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6EDC3889-B841-4127-A2BF-C5FC48F972C7}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8278BA2B-13A5-4412-980D-8ECD3EBC649D}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6EDC3889-B841-4127-A2BF-C5FC48F972C7}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9B5C4993-CD61-6FF2-9CB0-63BF7EB5DA4B}
Klíe Vymazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Vymazáno : HKCU\Software\systweak
Klíe Vymazáno : HKCU\Software\YahooPartnerToolbar
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíe Vymazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Klíe Vymazáno : HKLM\Software\Babylon
Klíe Vymazáno : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Conduit.Engine
Klíe Vymazáno : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Toolbar.CT2770693
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Klíe Vymazáno : HKLM\Software\Conduit
Klíe Vymazáno : HKLM\Software\conduitEngine
Klíe Vymazáno : HKLM\Software\ICQ\ICQToolbar
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ADA05141-33DD-4089-BBD5-495C2E6077B9}
Klíe Vymazáno : HKLM\Software\RadarSync2
Klíe Vymazáno : HKLM\Software\SP Global
Klíe Vymazáno : HKLM\Software\SProtector
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{14F35FFC-522A-4DD1-A07E-6B8B65C6891E}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6D57FC9B-0137-41B5-B670-29D553EAB232}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6EDC3889-B841-4127-A2BF-C5FC48F972C7}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{8278BA2B-13A5-4412-980D-8ECD3EBC649D}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{ADA05141-33DD-4089-BBD5-495C2E6077B9}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6DBEB0C5-DD8B-462C-86A9-6FCBFA738C31}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BE4BCF5E-604D-4E15-8D18-FE695DC6C9C9}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Klíe Vymazáno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\RadarSync2 Toolbar
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Klíe Vymazáno : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Klíe Vymazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v9.0.8112.16421

Zaminino : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com
Zaminino : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://websearch.helpmefindyour.info/?p ... g=EN&cc=CZ --> hxxp://www.google.com
Zaminino : [HKCU\Software\Microsoft\Internet Explorer\SearchUrl - (Par défaut)] = hxxp://search.qip.ru/search?query=%s&from=IE --> Prázdná data

-\\ Google Chrome v28.0.1500.72

Soubor : C:\Users\Jitka\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Soubor je eistý.

*************************

AdwCleaner[R1].txt - [12405 octets] - [19/07/2013 13:03:34]
AdwCleaner[R2].txt - [11977 octets] - [19/07/2013 20:10:26]
AdwCleaner[S1].txt - [9973 octets] - [19/07/2013 20:13:16]

########## EOF - C:\AdwCleaner[S1].txt - [10033 octets] ##########


Malwarebytes' Anti-Malware scan po smazání

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.07.19.04

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
Jitka :: JITKA-PC [administrátor]

19.7.2013 20:25:49
mbam-log-2013-07-19 (20-25-49).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 222467
Uplynulý čas: 11 minut, 17 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

Uživatelský avatar
pompeus50
Level 2.5
Level 2.5
Příspěvky: 263
Registrován: duben 07
Pohlaví: Muž
Stav:
Offline

Re: Poprosil bych o kontrolu

Příspěvekod pompeus50 » 19 črc 2013 21:04

RogueKiller scan

RogueKiller V8.6.3 _x64_ [Jul 17 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows Vista (6.0.6002 Service Pack 2) 64 bits version
Spuštěno v : Normální režim
Uživatel : Jitka [Práva správce]
Mód : Kontrola -- Datum : 07/19/2013 20:48:00
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[BLPATH] OptimizerPro.exe -- C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe [-] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 5 ¤¤¤
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 1 ¤¤¤
[V1][ROGUE ST] schedule!3036567561.job : C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe - /schedule /profile "c:\programdata\bettersoft\optimizerpro\3036567561.ini" [-][-][-] -> NALEZENO

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤
[ZeroAccess][soubor] n : C:\Users\Jitka\AppData\Local\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\n [-] --> NALEZENO
[ZeroAccess][soubor] @ : C:\Windows\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\@ [-] --> NALEZENO
[ZeroAccess][soubor] @ : C:\Users\Jitka\AppData\Local\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\@ [-] --> NALEZENO
[ZeroAccess][desky] U : C:\Windows\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\U [-] --> NALEZENO
[ZeroAccess][desky] U : C:\Users\Jitka\AppData\Local\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\U [-] --> NALEZENO
[ZeroAccess][desky] L : C:\Windows\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\L [-] --> NALEZENO
[ZeroAccess][desky] L : C:\Users\Jitka\AppData\Local\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\L [-] --> NALEZENO

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : Rogue.ProgFiles|ZeroAccess ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST9320320AS ATA Device +++++
--- User ---
[MBR] f6d85e36c06986069831d72260ff4cbb
[BSP] 3fff684de580b5f164c267c65f30732e : Toshiba MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 294885 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 603926528 | Size: 10356 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: ST9320320AS ATA Device +++++
--- User ---
[MBR] 3aa9ddfca72963c0ef19b1a361227bb7
[BSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code
Partition table:
0 - [XXXXXX] FAT16 (0x06) [VISIBLE] Offset (sectors): 253 | Size: 1927 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[0]_S_07192013_204800.txt >>


Junkware Removal Tool scan

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.1.6 (07.17.2013:4)
OS: Windows (TM) Vista Home Premium x64
Ran by Jitka on pá 19.07.2013 at 20:51:52,72
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{D6275609-6280-4335-AEDA-B09C03158BE1}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{D6275609-6280-4335-AEDA-B09C03158BE1}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\bettersoft"
Successfully deleted: [Folder] "C:\ProgramData\premium"
Successfully deleted: [Folder] "C:\ProgramData\softsafe"
Successfully deleted: [Folder] "C:\Users\Jitka\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduitengine"
Successfully deleted: [Folder] "C:\Program Files (x86)\websearch"
Successfully deleted: [Empty Folder] C:\Users\Jitka\appdata\local\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on pá 19.07.2013 at 21:01:52,73
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: Poprosil bych o kontrolu

Příspěvekod memphisto » 19 črc 2013 22:26

Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "

- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání- Finished "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji

Uživatelský avatar
pompeus50
Level 2.5
Level 2.5
Příspěvky: 263
Registrován: duben 07
Pohlaví: Muž
Stav:
Offline

Re: Poprosil bych o kontrolu

Příspěvekod pompeus50 » 19 črc 2013 23:11

RogueKiller scan

RogueKiller V8.6.3 _x64_ [Jul 17 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows Vista (6.0.6002 Service Pack 2) 64 bits version
Spuštěno v : Normální režim
Uživatel : Jitka [Práva správce]
Mód : Kontrola -- Datum : 07/19/2013 23:07:47
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤
[ZeroAccess][desky] U : C:\Windows\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\U [-] --> NALEZENO

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ZeroAccess ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST9320320AS ATA Device +++++
--- User ---
[MBR] f6d85e36c06986069831d72260ff4cbb
[BSP] 3fff684de580b5f164c267c65f30732e : Toshiba MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 294885 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 603926528 | Size: 10356 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: ST9320320AS ATA Device +++++
--- User ---
[MBR] 3aa9ddfca72963c0ef19b1a361227bb7
[BSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code
Partition table:
0 - [XXXXXX] FAT16 (0x06) [VISIBLE] Offset (sectors): 253 | Size: 1927 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[0]_S_07192013_230747.txt >>
RKreport[0]_D_07192013_223332.txt;RKreport[0]_D_07192013_223725.txt;RKreport[0]_S_07192013_204800.txt
RKreport[0]_S_07192013_223713.txt


Co se týče TDSSKiller scanu,tak log kde uvadíš kde má být není.
Pod C: je složka TDSSKiller_Quarantine/datum/zasubsys0000 a pak jen složky file0000,zafs0000,object.ini ;)

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43298
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Poprosil bych o kontrolu

Příspěvekod jaro3 » 19 črc 2013 23:35

Udělej ještě jednou:
Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.

Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "

- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání skončeno "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.

A ten log by se měl objevit ihned po skončení skenu , jen ho myší zkopíruj a dej sem.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
pompeus50
Level 2.5
Level 2.5
Příspěvky: 263
Registrován: duben 07
Pohlaví: Muž
Stav:
Offline

Re: Poprosil bych o kontrolu

Příspěvekod pompeus50 » 23 črc 2013 15:21

RogueKiller

RogueKiller V8.6.3 _x64_ [Jul 17 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows Vista (6.0.6002 Service Pack 2) 64 bits version
Spuštěno v : Normální režim
Uživatel : Jitka [Práva správce]
Mód : Odebrat -- Datum : 07/22/2013 23:06:22
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤
[ZeroAccess][desky] U : C:\Windows\Installer\{ff24043d-55f8-5ce9-a20a-8337d9b4b888}\U [-] --> VYMAZÁNO

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ZeroAccess ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: ST9320320AS ATA Device +++++
--- User ---
[MBR] e7670bb9b1f8b47f16aff564140d93cb
[BSP] e29dd8b1a789bbb7cbcec76bf3fb2bdb : Toshiba MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 294885 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 603926528 | Size: 10356 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: ST9320320AS ATA Device +++++
--- User ---
[MBR] 3aa9ddfca72963c0ef19b1a361227bb7
[BSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code
Partition table:
0 - [XXXXXX] FAT16 (0x06) [VISIBLE] Offset (sectors): 253 | Size: 1927 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[0]_D_07222013_230622.txt >>
RKreport[0]_S_07222013_230500.txt


ComboFix

ComboFix 13-07-22.01 - Jitka 23.07.2013 12:06:22.8.2 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3068.984 [GMT 2:00]
Spuštěný z: c:\users\Jitka\Desktop\ComboFix.exe
AV: ESET Smart Security 5.0 *Disabled/Outdated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Disabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 5.0 *Disabled/Outdated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\BBrowusse22savve
c:\programdata\BBrowusse22savve\516b05dd3dfb9.tlb
c:\programdata\BBrowusse22savve\data\BBrowusse22savve.dat
c:\programdata\BBrowusse22savve\settings.ini
c:\programdata\Microsoft\Windows\Start Menu\Programs\SSearch-NNewTabb
c:\programdata\Microsoft\Windows\Start Menu\Programs\SSearch-NNewTabb\SSearch-NNewTabb.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\SSearch-NNewTabb\Uninstall.lnk
c:\programdata\SSearch-NNewTabb
c:\programdata\SSearch-NNewTabb\516b0622b8d74.tlb
c:\programdata\SSearch-NNewTabb\data\SSearch-NNewTabb.dat
c:\programdata\SSearch-NNewTabb\settings.ini
c:\programdata\SSearch-NNewTabb\uninstall.exe
c:\users\Jitka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum
c:\windows\RazorDOX
c:\windows\RazorDOX\RazorDOX.dll
c:\windows\RazorDOX\RazorDOX.ini
c:\windows\SysWow64\frapsvid.dll
c:\windows\SysWow64\UNWISE.EXE
.
c:\windows\system32\Services.exe . . . je infikován!!
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-06-23 do 2013-07-23 )))))))))))))))))))))))))))))))
.
.
2013-07-23 11:09 . 2013-07-23 11:09 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-07-19 20:40 . 2013-07-19 20:40 -------- d-----w- C:\TDSSKiller_Quarantine
2013-07-19 18:51 . 2013-07-19 18:51 -------- d-----w- c:\windows\ERUNT
2013-07-19 18:19 . 2013-07-19 18:19 -------- d-----w- c:\users\Jitka\AppData\Local\ATI
2013-07-19 18:18 . 2013-07-20 15:02 -------- d-----w- c:\users\Jitka\AppData\Local\Adobe
2013-07-19 18:13 . 2013-07-19 18:14 1357 ----a-w- c:\windows\DeleteOnReboot.bat
2013-07-18 20:46 . 2013-07-18 20:46 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-07-18 20:45 . 2013-07-18 20:45 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-18 17:37 . 2013-07-18 17:44 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-07-18 17:37 . 2013-07-18 17:44 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-27 16:56 . 2013-06-27 17:46 -------- d-----w- c:\program files (x86)\Metro Last Light
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-19 20:56 . 2011-07-23 14:32 384512 ----a-w- c:\windows\system32\services.exe
2013-07-18 20:45 . 2012-12-01 18:36 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-07-18 20:45 . 2010-05-05 10:29 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-05-15 09:50 . 2010-06-24 09:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2013-07-19 . E2D076F2C1239AA6C7412BA6B8B1DE4E . 384512 . . [6.0.6000.16386] .. c:\windows\system32\services.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
"PC Suite Tray"="c:\program files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" [2011-06-16 1500160]
"Facebook Update"="c:\users\Jitka\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-11-30 138096]
"Zoner Photo Studio Autoupdate"="c:\program files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE" [2012-12-04 773728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-11-16 641704]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2009-09-04 417792]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-05-15 152392]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"RequireSignedAppInit_DLLs"=0 (0x0)
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe"
.
R3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAu64.sys;c:\windows\SYSNATIVE\drivers\AESTAu64.sys [x]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys;c:\windows\SYSNATIVE\drivers\acedrv11.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Themes
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-06-09 08:14 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-07-13 12:20 1173456 ----a-w- c:\program files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-07-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-18 17:44]
.
2013-07-22 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3416734063-1635780789-2204153844-1000Core.job
- c:\users\Jitka\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-03-16 15:53]
.
2013-07-22 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3416734063-1635780789-2204153844-1000UA.job
- c:\users\Jitka\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-03-16 15:53]
.
2013-07-23 c:\windows\Tasks\GlaryInitialize.job
- c:\program files (x86)\Glary Utilities\initialize.exe [2013-03-07 12:10]
.
2013-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-03-02 19:28]
.
2013-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-03-02 19:28]
.
2012-04-07 c:\windows\Tasks\HPCeeScheduleForJitka.job
- c:\program files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe [2009-02-23 10:34]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2011-09-22 4035152]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-03-17 1128448]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.100.100
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0 ... rol_32.CAB
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-11979258.sys
HKLM-Run-SmartMenu - c:\program files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-SP_4e24eecb - c:\program files (x86)\WebSearch\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}]
"ImagePath"="\??\c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3416734063-1635780789-2204153844-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BFD9DAB5-E315-D7B6-CF1A-175F784DE2E0}*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-3416734063-1635780789-2204153844-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:00,79,f7,ed,9e,9b,01,f0,ad,44,4a,61,bb,11,ff,80,9f,ae,12,30,11,84,ef,
d0,d6,e6,4b,bc,9f,d4,d0,30,aa,fa,80,c4,b0,14,d4,1c,ff,87,5c,c0,40,e6,c1,88,\
"??"=hex:69,3e,43,58,9f,64,ba,75,fe,6b,77,07,2a,78,dd,74
.
[HKEY_USERS\S-1-5-21-3416734063-1635780789-2204153844-1000\Software\SecuROM\License information*]
"datasecu"=hex:08,11,84,d8,1e,31,0b,6b,fd,9a,92,d1,28,5d,df,b5,8d,63,4d,58,a0,
ac,08,84,e8,f4,62,f3,df,39,16,d0,ab,8e,34,be,d5,cf,df,fa,72,d6,59,48,e5,1e,\
"rkeysecu"=hex:e3,09,90,45,be,37,09,12,f0,16,4f,d2,31,0c,84,36
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0012\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\DigitalPersona\Bin\DpHostW.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\ESET\ESET Smart Security\x86\ekrn.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\SMINST\BLService.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
c:\program files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
c:\program files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
c:\program files (x86)\PC Connectivity Solution\ServiceLayer.exe
c:\program files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\program files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
.
**************************************************************************
.
Celkový čas: 2013-07-23 13:26:36 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-07-23 11:26
.
Před spuštěním: Volných bajtů: 30 977 445 888
Po spuštění: Volných bajtů: 30 732 623 872
.
- - End Of File - - 6733AC30B46F06BD5FE78657D1A881BB
588AE8F0C685C02BA11F30D9CD7E61A0

Uživatelský avatar
pompeus50
Level 2.5
Level 2.5
Příspěvky: 263
Registrován: duben 07
Pohlaví: Muž
Stav:
Offline

Re: Poprosil bych o kontrolu

Příspěvekod pompeus50 » 23 črc 2013 15:22

23:18:55.0090 4696 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
23:18:55.0543 4696 ============================================================
23:18:55.0543 4696 Current date / time: 2013/07/22 23:18:55.0543
23:18:55.0543 4696 SystemInfo:
23:18:55.0543 4696
23:18:55.0543 4696 OS Version: 6.0.6002 ServicePack: 2.0
23:18:55.0543 4696 Product type: Workstation
23:18:55.0543 4696 ComputerName: JITKA-PC
23:18:55.0543 4696 UserName: Jitka
23:18:55.0543 4696 Windows directory: C:\Windows
23:18:55.0543 4696 System windows directory: C:\Windows
23:18:55.0543 4696 Running under WOW64
23:18:55.0543 4696 Processor architecture: Intel x64
23:18:55.0543 4696 Number of processors: 2
23:18:55.0543 4696 Page size: 0x1000
23:18:55.0543 4696 Boot type: Normal boot
23:18:55.0543 4696 ============================================================
23:18:58.0647 4696 Drive \Device\Harddisk1\DR1 - Size: 0x78800000 (1.88 Gb), SectorSize: 0x200, Cylinders: 0xF5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
23:18:58.0663 4696 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:18:58.0678 4696 Drive \Device\Harddisk1\DR1 - Size: 0x78800000 (1.88 Gb), SectorSize: 0x200, Cylinders: 0xF5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:18:58.0678 4696 ============================================================
23:18:58.0678 4696 \Device\Harddisk1\DR1:
23:18:58.0678 4696 MBR partitions:
23:18:58.0678 4696 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0xFD, BlocksNum 0x3C3F03
23:18:58.0678 4696 \Device\Harddisk0\DR0:
23:18:58.0678 4696 MBR partitions:
23:18:58.0678 4696 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x23FF2800
23:18:58.0678 4696 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x23FF3000, BlocksNum 0x143A000
23:18:58.0678 4696 \Device\Harddisk1\DR1:
23:18:58.0678 4696 MBR partitions:
23:18:58.0678 4696 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0xFD, BlocksNum 0x3C3F03
23:18:58.0678 4696 ============================================================
23:18:58.0834 4696 C: <-> \Device\Harddisk0\DR0\Partition1
23:18:58.0897 4696 D: <-> \Device\Harddisk0\DR0\Partition2
23:18:58.0897 4696 ============================================================
23:18:58.0897 4696 Initialize success
23:18:58.0897 4696 ============================================================
23:19:00.0940 4344 ============================================================
23:19:00.0940 4344 Scan started
23:19:00.0940 4344 Mode: Manual;
23:19:00.0940 4344 ============================================================
23:19:03.0140 4344 ================ Scan system memory ========================
23:19:03.0140 4344 System memory - ok
23:19:03.0140 4344 ================ Scan services =============================
23:19:03.0499 4344 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
23:19:03.0499 4344 Accelerometer - ok
23:19:03.0623 4344 [ A3769020F7E8A70FD3E824C050F33306 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
23:19:03.0623 4344 acedrv11 - ok
23:19:03.0764 4344 [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI C:\Windows\system32\drivers\acpi.sys
23:19:03.0764 4344 ACPI - ok
23:19:03.0857 4344 [ 2F0683FD2DF1D92E891CACA14B45A8C1 ] adfs C:\Windows\system32\drivers\adfs.sys
23:19:03.0857 4344 adfs - ok
23:19:04.0247 4344 [ 4AE327C9C375D985FF2A2AAB92765218 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
23:19:04.0247 4344 Adobe LM Service - ok
23:19:04.0513 4344 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:19:04.0513 4344 AdobeARMservice - ok
23:19:04.0778 4344 [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:19:04.0778 4344 AdobeFlashPlayerUpdateSvc - ok
23:19:04.0934 4344 [ F14215E37CF124104575073F782111D2 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
23:19:04.0965 4344 adp94xx - ok
23:19:04.0996 4344 [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci C:\Windows\system32\drivers\adpahci.sys
23:19:04.0996 4344 adpahci - ok
23:19:05.0027 4344 [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
23:19:05.0027 4344 adpu160m - ok
23:19:05.0059 4344 [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
23:19:05.0059 4344 adpu320 - ok
23:19:05.0152 4344 [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:19:05.0152 4344 AeLookupSvc - ok
23:19:05.0277 4344 [ F8E805622F8A26B254155819A1F72E4B ] AESTAud C:\Windows\system32\drivers\AESTAu64.sys
23:19:05.0293 4344 AESTAud - ok
23:19:05.0605 4344 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
23:19:05.0605 4344 AESTFilters - ok
23:19:05.0761 4344 [ C4F6CE6087760AD70960C9EB130E7943 ] AFD C:\Windows\system32\drivers\afd.sys
23:19:05.0776 4344 AFD - ok
23:19:05.0807 4344 [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440 C:\Windows\system32\drivers\agp440.sys
23:19:05.0807 4344 agp440 - ok
23:19:05.0854 4344 [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
23:19:05.0854 4344 aic78xx - ok
23:19:05.0870 4344 [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG C:\Windows\System32\alg.exe
23:19:05.0870 4344 ALG - ok
23:19:05.0885 4344 [ E0CA5BB8E6C79533DC6B1DA7361A201E ] aliide C:\Windows\system32\drivers\aliide.sys
23:19:05.0885 4344 aliide - ok
23:19:05.0901 4344 ALSysIO - ok
23:19:06.0104 4344 [ D45D3540C5AE2A48C6112DF03F06F374 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
23:19:06.0104 4344 AMD External Events Utility - ok
23:19:06.0307 4344 [ 7034F8D1B9703D711D3F92C95DEB377D ] amdide C:\Windows\system32\drivers\amdide.sys
23:19:06.0307 4344 amdide - ok
23:19:06.0416 4344 [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
23:19:06.0494 4344 AmdK8 - ok
23:19:08.0147 4344 [ 5B871F3E4A4A6C4693A413E3138B51D0 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
23:19:08.0647 4344 amdkmdag - ok
23:19:08.0771 4344 [ 9BE1140CE8D2C5E878F136A7B85D41B3 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
23:19:08.0787 4344 amdkmdap - ok
23:19:08.0881 4344 [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo C:\Windows\System32\appinfo.dll
23:19:08.0881 4344 Appinfo - ok
23:19:09.0099 4344 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:19:09.0115 4344 Apple Mobile Device - ok
23:19:09.0146 4344 [ BA8417D4765F3988FF921F30F630E303 ] arc C:\Windows\system32\drivers\arc.sys
23:19:09.0161 4344 arc - ok
23:19:09.0177 4344 [ 9D41C435619733B34CC16A511E644B11 ] arcsas C:\Windows\system32\drivers\arcsas.sys
23:19:09.0177 4344 arcsas - ok
23:19:09.0193 4344 [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:19:09.0193 4344 AsyncMac - ok
23:19:09.0224 4344 [ E68D9B3A3905619732F7FE039466A623 ] atapi C:\Windows\system32\drivers\atapi.sys
23:19:09.0224 4344 atapi - ok
23:19:10.0534 4344 [ 5B871F3E4A4A6C4693A413E3138B51D0 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
23:19:10.0628 4344 atikmdag - ok
23:19:10.0815 4344 [ 54494B93BB5AD74C807100144EC30D64 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
23:19:10.0815 4344 atksgt - ok
23:19:11.0143 4344 [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:19:11.0143 4344 AudioEndpointBuilder - ok
23:19:11.0345 4344 [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv C:\Windows\System32\Audiosrv.dll
23:19:11.0361 4344 AudioSrv - ok
23:19:11.0548 4344 [ DFEC23C325AD5E4E66365F8C44FAD7BA ] AVerAF15 C:\Windows\system32\Drivers\AVerAF15.sys
23:19:11.0579 4344 AVerAF15 - ok
23:19:11.0673 4344 [ F509C4FD2EBA6AF4FD8794AEB6F3EFB7 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
23:19:11.0689 4344 BCM43XX - ok
23:19:11.0689 4344 Beep - ok
23:19:12.0047 4344 [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE C:\Windows\System32\bfe.dll
23:19:12.0157 4344 BFE - ok
23:19:12.0344 4344 [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
23:19:12.0344 4344 blbdrive - ok
23:19:12.0562 4344 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:19:12.0562 4344 Bonjour Service - ok
23:19:12.0703 4344 [ 2348447A80920B2493A9B582A23E81E1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:19:12.0749 4344 bowser - ok
23:19:12.0781 4344 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
23:19:12.0781 4344 BrFiltLo - ok
23:19:12.0796 4344 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
23:19:12.0812 4344 BrFiltUp - ok
23:19:12.0843 4344 [ A1B39DE453433B115B4EA69EE0343816 ] Browser C:\Windows\System32\browser.dll
23:19:12.0843 4344 Browser - ok
23:19:12.0859 4344 [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid C:\Windows\system32\drivers\brserid.sys
23:19:12.0874 4344 Brserid - ok
23:19:12.0890 4344 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
23:19:12.0890 4344 BrSerWdm - ok
23:19:13.0046 4344 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
23:19:13.0093 4344 BrUsbMdm - ok
23:19:13.0202 4344 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
23:19:13.0264 4344 BrUsbSer - ok
23:19:13.0342 4344 [ 09F926A0D9C0BAFD8417A4307D2ED13C ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
23:19:13.0358 4344 BthEnum - ok
23:19:13.0389 4344 [ 72F70A38BB15252EB7C4DA7BA3BD4ED1 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
23:19:13.0389 4344 BTHMODEM - ok
23:19:13.0420 4344 [ BEFC5311736B475AC5B60C14FF7C775A ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
23:19:13.0436 4344 BthPan - ok
23:19:13.0685 4344 [ E1466882252FF51EDDE48C3F7EDA2591 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
23:19:13.0717 4344 BTHPORT - ok
23:19:14.0013 4344 [ 22E65FFD640F16968F855F5B3528D366 ] BthServ C:\Windows\System32\bthserv.dll
23:19:14.0013 4344 BthServ - ok
23:19:14.0387 4344 [ 970192CDED77A128E7E30722E5EE6B9C ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
23:19:14.0387 4344 BTHUSB - ok
23:19:14.0434 4344 [ 0C5D9C8B412BE72C4535EC67A24C01DB ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
23:19:14.0434 4344 btwaudio - ok
23:19:14.0450 4344 [ DF18E4291C43BED05B1D0C2D5C0E96D6 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
23:19:14.0450 4344 btwavdt - ok
23:19:14.0481 4344 [ 637A44C54520A9958E2E5E3EE9E26C4A ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
23:19:14.0481 4344 btwrchid - ok
23:19:14.0528 4344 catchme - ok
23:19:14.0575 4344 [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:19:14.0590 4344 cdfs - ok
23:19:14.0606 4344 [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:19:14.0606 4344 cdrom - ok
23:19:14.0699 4344 [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc C:\Windows\System32\certprop.dll
23:19:14.0699 4344 CertPropSvc - ok
23:19:14.0746 4344 [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
23:19:14.0746 4344 circlass - ok
23:19:14.0902 4344 [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS C:\Windows\system32\CLFS.sys
23:19:14.0980 4344 CLFS - ok
23:19:15.0167 4344 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:19:15.0183 4344 clr_optimization_v2.0.50727_32 - ok
23:19:15.0401 4344 [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:19:15.0401 4344 clr_optimization_v2.0.50727_64 - ok
23:19:15.0698 4344 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:19:15.0807 4344 clr_optimization_v4.0.30319_32 - ok
23:19:15.0916 4344 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:19:16.0010 4344 clr_optimization_v4.0.30319_64 - ok
23:19:16.0135 4344 [ B52D9A14CE4101577900A364BA86F3DF ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:19:16.0150 4344 CmBatt - ok
23:19:16.0166 4344 [ 8C6AA24C1D7273A02284588426AB8CE3 ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:19:16.0166 4344 cmdide - ok
23:19:16.0244 4344 [ 12E94E225BD7B05A2BCCD5C0B841E921 ] Com4QLBEx C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
23:19:16.0306 4344 Com4QLBEx - ok
23:19:16.0337 4344 [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:19:16.0337 4344 Compbatt - ok
23:19:16.0369 4344 COMSysApp - ok
23:19:16.0384 4344 [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
23:19:16.0384 4344 crcdisk - ok
23:19:16.0462 4344 [ 18918613E63F387CDE4D95CA7D49DCF7 ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:19:16.0462 4344 CryptSvc - ok
23:19:16.0681 4344 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch C:\Windows\system32\rpcss.dll
23:19:16.0681 4344 DcomLaunch - ok
23:19:16.0727 4344 [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:19:16.0727 4344 DfsC - ok
23:19:16.0993 4344 [ C647F468F7DE343DF8C143655C5557D4 ] DFSR C:\Windows\system32\DFSR.exe
23:19:17.0024 4344 DFSR - ok
23:19:17.0180 4344 [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
23:19:17.0180 4344 Dhcp - ok
23:19:17.0211 4344 [ B0107E40ECDB5FA692EBF832F295D905 ] disk C:\Windows\system32\drivers\disk.sys
23:19:17.0211 4344 disk - ok
23:19:17.0320 4344 [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:19:17.0320 4344 Dnscache - ok
23:19:17.0383 4344 [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc C:\Windows\System32\dot3svc.dll
23:19:17.0414 4344 dot3svc - ok
23:19:17.0476 4344 [ 087236F57B946424C263FA7B5BC28499 ] DpHost C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
23:19:17.0476 4344 DpHost - ok
23:19:17.0507 4344 [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS C:\Windows\system32\dps.dll
23:19:17.0507 4344 DPS - ok
23:19:17.0539 4344 [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:19:17.0539 4344 drmkaud - ok
23:19:17.0710 4344 [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:19:17.0710 4344 DXGKrnl - ok
23:19:17.0788 4344 [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
23:19:17.0788 4344 E1G60 - ok
23:19:17.0882 4344 [ 13533557D01B88C83110D5CF749F14D7 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
23:19:17.0882 4344 eamonm - ok
23:19:17.0975 4344 [ C2303883FD9BE49DC36A6400643002EA ] EapHost C:\Windows\System32\eapsvc.dll
23:19:17.0991 4344 EapHost - ok
23:19:18.0131 4344 [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache C:\Windows\system32\drivers\ecache.sys
23:19:18.0131 4344 Ecache - ok
23:19:18.0241 4344 [ E097728129E7B79BF1089D7AEF42332B ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
23:19:18.0241 4344 ehdrv - ok
23:19:18.0365 4344 [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:19:18.0381 4344 ehRecvr - ok
23:19:18.0397 4344 [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched C:\Windows\ehome\ehsched.exe
23:19:18.0397 4344 ehSched - ok
23:19:18.0475 4344 [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart C:\Windows\ehome\ehstart.dll
23:19:18.0475 4344 ehstart - ok
23:19:18.0631 4344 [ C7BB95CF9631AA401E4ADED1648F6AF7 ] ekrn C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
23:19:18.0631 4344 ekrn - ok
23:19:18.0818 4344 [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor C:\Windows\system32\drivers\elxstor.sys
23:19:18.0849 4344 elxstor - ok
23:19:18.0974 4344 [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt C:\Windows\system32\emdmgmt.dll
23:19:19.0005 4344 EMDMgmt - ok
23:19:19.0036 4344 [ F218A3A27ED6592C0E22EC3595554447 ] enecir C:\Windows\system32\DRIVERS\enecir.sys
23:19:19.0052 4344 enecir - ok
23:19:19.0177 4344 [ 198C6FBC30BBD9632EA051203DCCF204 ] epfw C:\Windows\system32\DRIVERS\epfw.sys
23:19:19.0177 4344 epfw - ok
23:19:19.0208 4344 [ 56DE463F517710A8AA44EEF82C35B3C9 ] EpfwLWF C:\Windows\system32\DRIVERS\EpfwLWF.sys
23:19:19.0208 4344 EpfwLWF - ok
23:19:19.0239 4344 [ 710B0442BB2F99278D7B8E02A8849C11 ] epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys
23:19:19.0239 4344 epfwwfp - ok
23:19:19.0270 4344 [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:19:19.0286 4344 ErrDev - ok
23:19:19.0426 4344 [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem C:\Windows\system32\es.dll
23:19:19.0551 4344 EventSystem - ok
23:19:19.0785 4344 [ 486844F47B6636044A42454614ED4523 ] exfat C:\Windows\system32\drivers\exfat.sys
23:19:19.0785 4344 exfat - ok
23:19:19.0785 4344 ezSharedSvc - ok
23:19:19.0847 4344 [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:19:19.0847 4344 fastfat - ok
23:19:19.0863 4344 [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
23:19:19.0863 4344 fdc - ok
23:19:19.0879 4344 [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost C:\Windows\system32\fdPHost.dll
23:19:19.0925 4344 fdPHost - ok
23:19:19.0972 4344 [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub C:\Windows\system32\fdrespub.dll
23:19:19.0972 4344 FDResPub - ok
23:19:19.0988 4344 [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:19:19.0988 4344 FileInfo - ok
23:19:20.0003 4344 [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:19:20.0003 4344 Filetrace - ok
23:19:20.0159 4344 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
23:19:20.0269 4344 FLEXnet Licensing Service - ok
23:19:20.0331 4344 [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
23:19:20.0331 4344 flpydisk - ok
23:19:20.0471 4344 [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:19:20.0471 4344 FltMgr - ok
23:19:20.0659 4344 [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache C:\Windows\system32\FntCache.dll
23:19:20.0768 4344 FontCache - ok
23:19:20.0893 4344 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:19:20.0893 4344 FontCache3.0.0.0 - ok
23:19:20.0986 4344 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
23:19:20.0986 4344 fssfltr - ok
23:19:21.0517 4344 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
23:19:21.0626 4344 fsssvc - ok
23:19:21.0719 4344 [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:19:21.0719 4344 Fs_Rec - ok
23:19:21.0751 4344 [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
23:19:21.0766 4344 gagp30kx - ok
23:19:21.0860 4344 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:19:21.0860 4344 GEARAspiWDM - ok
23:19:21.0969 4344 [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc C:\Windows\System32\gpsvc.dll
23:19:22.0000 4344 gpsvc - ok
23:19:22.0250 4344 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:19:22.0265 4344 gupdate - ok
23:19:22.0265 4344 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:19:22.0265 4344 gupdatem - ok
23:19:22.0437 4344 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
23:19:22.0499 4344 hamachi - ok
23:19:22.0593 4344 [ 68E732382B32417FF61FD663259B4B09 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:19:22.0609 4344 HdAudAddService - ok
23:19:22.0905 4344 [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
23:19:22.0921 4344 HDAudBus - ok
23:19:23.0030 4344 [ B4881C84A180E75B8C25DC1D726C375F ] HidBth C:\Windows\system32\drivers\hidbth.sys
23:19:23.0077 4344 HidBth - ok
23:19:23.0108 4344 [ 5F47839455D01FF6403B008D481A6F5B ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
23:19:23.0108 4344 HidIr - ok
23:19:23.0217 4344 [ 59361D38A297755D46A540E450202B2A ] hidserv C:\Windows\System32\hidserv.dll
23:19:23.0233 4344 hidserv - ok
23:19:23.0342 4344 [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:19:23.0357 4344 HidUsb - ok
23:19:23.0435 4344 [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc C:\Windows\system32\kmsvc.dll
23:19:23.0435 4344 hkmsvc - ok
23:19:23.0513 4344 [ A19B0BB5A7EB6DF2DD4A0711D36955EE ] HP Health Check Service c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
23:19:23.0513 4344 HP Health Check Service - ok
23:19:23.0576 4344 [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
23:19:23.0576 4344 HpCISSs - ok
23:19:23.0607 4344 [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
23:19:23.0607 4344 hpdskflt - ok
23:19:23.0638 4344 [ 0ECC54FD34D6A089C300846B011E81D6 ] HpqKbFiltr C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
23:19:23.0638 4344 HpqKbFiltr - ok
23:19:23.0669 4344 [ 188FF0ADF66768D53AD94F43972E1E9A ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
23:19:23.0685 4344 hpqwmiex - ok
23:19:23.0794 4344 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv C:\Windows\system32\Hpservice.exe
23:19:23.0810 4344 hpsrv - ok
23:19:23.0857 4344 [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:19:23.0857 4344 HTTP - ok
23:19:23.0966 4344 [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
23:19:23.0981 4344 i2omp - ok
23:19:24.0028 4344 [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
23:19:24.0028 4344 i8042prt - ok
23:19:24.0059 4344 [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
23:19:24.0059 4344 iaStorV - ok
23:19:24.0137 4344 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
23:19:24.0153 4344 IDriverT - ok
23:19:24.0481 4344 [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:19:24.0512 4344 idsvc - ok
23:19:24.0559 4344 [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp C:\Windows\system32\drivers\iirsp.sys
23:19:24.0559 4344 iirsp - ok
23:19:24.0886 4344 [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT C:\Windows\System32\ikeext.dll
23:19:24.0933 4344 IKEEXT - ok
23:19:24.0949 4344 [ 475490CAF376E55E6E8B37BBDFEB2E81 ] intelide C:\Windows\system32\drivers\intelide.sys
23:19:24.0949 4344 intelide - ok
23:19:24.0980 4344 [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:19:24.0980 4344 intelppm - ok
23:19:25.0011 4344 [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:19:25.0058 4344 IPBusEnum - ok
23:19:25.0167 4344 [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:19:25.0167 4344 IpFilterDriver - ok
23:19:25.0323 4344 [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:19:25.0323 4344 iphlpsvc - ok
23:19:25.0339 4344 IpInIp - ok
23:19:25.0479 4344 [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
23:19:25.0541 4344 IPMIDRV - ok
23:19:25.0557 4344 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
23:19:25.0557 4344 IPNAT - ok
23:19:25.0822 4344 [ 2872B90D57C8310194A78A9787406467 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
23:19:25.0947 4344 iPod Service - ok
23:19:25.0994 4344 [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:19:26.0009 4344 IRENUM - ok
23:19:26.0041 4344 [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:19:26.0041 4344 isapnp - ok
23:19:26.0072 4344 [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
23:19:26.0072 4344 iScsiPrt - ok
23:19:26.0103 4344 [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
23:19:26.0119 4344 iteatapi - ok
23:19:26.0181 4344 [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid C:\Windows\system32\drivers\iteraid.sys
23:19:26.0181 4344 iteraid - ok
23:19:26.0243 4344 [ 54DF9EAFB54A98E1A2AC3DB69C16CF05 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
23:19:26.0243 4344 JMCR - ok
23:19:26.0275 4344 [ 423696F3BA6472DD17699209B933BC26 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:19:26.0275 4344 kbdclass - ok
23:19:26.0306 4344 [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
23:19:26.0306 4344 kbdhid - ok
23:19:26.0399 4344 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso C:\Windows\system32\lsass.exe
23:19:26.0415 4344 KeyIso - ok
23:19:26.0477 4344 [ 2758D174604F597BBC8A217FF667913D ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:19:26.0477 4344 KSecDD - ok
23:19:26.0509 4344 [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
23:19:26.0509 4344 ksthunk - ok
23:19:26.0633 4344 [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm C:\Windows\system32\msdtckrm.dll
23:19:26.0711 4344 KtmRm - ok
23:19:26.0836 4344 [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer C:\Windows\System32\srvsvc.dll
23:19:26.0836 4344 LanmanServer - ok
23:19:26.0867 4344 [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:19:26.0883 4344 LanmanWorkstation - ok
23:19:26.0914 4344 [ ABF90FC5A127F481219B873C1B8DFC1C ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
23:19:26.0914 4344 LightScribeService - ok
23:19:26.0977 4344 [ 8E4CA9AFD55EF6B509C80A8715ABF8C6 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
23:19:26.0977 4344 lirsgt - ok
23:19:27.0117 4344 [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:19:27.0117 4344 lltdio - ok
23:19:27.0179 4344 [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:19:27.0179 4344 lltdsvc - ok
23:19:27.0226 4344 [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:19:27.0226 4344 lmhosts - ok
23:19:27.0257 4344 [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
23:19:27.0257 4344 LSI_FC - ok
23:19:27.0273 4344 [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
23:19:27.0273 4344 LSI_SAS - ok
23:19:27.0304 4344 [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
23:19:27.0304 4344 LSI_SCSI - ok
23:19:27.0335 4344 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv C:\Windows\system32\drivers\luafv.sys
23:19:27.0335 4344 luafv - ok
23:19:27.0351 4344 [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:19:27.0351 4344 Mcx2Svc - ok
23:19:27.0367 4344 [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas C:\Windows\system32\drivers\megasas.sys
23:19:27.0382 4344 megasas - ok
23:19:27.0398 4344 [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR C:\Windows\system32\drivers\megasr.sys
23:19:27.0413 4344 MegaSR - ok
23:19:27.0741 4344 Microsoft SharePoint Workspace Audit Service - ok
23:19:27.0803 4344 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS C:\Windows\system32\mmcss.dll
23:19:27.0819 4344 MMCSS - ok
23:19:27.0835 4344 [ 59848D5CC74606F0EE7557983BB73C2E ] Modem C:\Windows\system32\drivers\modem.sys
23:19:27.0835 4344 Modem - ok
23:19:27.0928 4344 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:19:27.0928 4344 monitor - ok
23:19:27.0959 4344 [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:19:27.0959 4344 mouclass - ok
23:19:28.0006 4344 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:19:28.0006 4344 mouhid - ok
23:19:28.0022 4344 [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
23:19:28.0022 4344 MountMgr - ok
23:19:28.0084 4344 [ F8276EB8698142884498A528DFEA8478 ] mpio C:\Windows\system32\drivers\mpio.sys
23:19:28.0100 4344 mpio - ok
23:19:28.0131 4344 [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:19:28.0131 4344 mpsdrv - ok
23:19:28.0147 4344 [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
23:19:28.0147 4344 Mraid35x - ok
23:19:28.0240 4344 [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:19:28.0240 4344 MRxDAV - ok
23:19:28.0334 4344 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:19:28.0349 4344 mrxsmb - ok
23:19:28.0459 4344 [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:19:28.0505 4344 mrxsmb10 - ok
23:19:28.0552 4344 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:19:28.0552 4344 mrxsmb20 - ok
23:19:28.0568 4344 [ AA459F2AB3AB603C357FF117CAE3D818 ] msahci C:\Windows\system32\drivers\msahci.sys
23:19:28.0568 4344 msahci - ok
23:19:28.0739 4344 [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:19:28.0739 4344 msdsm - ok
23:19:28.0786 4344 [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC C:\Windows\System32\msdtc.exe
23:19:28.0802 4344 MSDTC - ok
23:19:28.0802 4344 [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:19:28.0802 4344 Msfs - ok
23:19:28.0817 4344 [ 00EBC952961664780D43DCA157E79B27 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:19:28.0817 4344 msisadrv - ok
23:19:28.0849 4344 [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:19:28.0864 4344 MSiSCSI - ok
23:19:28.0864 4344 msiserver - ok
23:19:28.0880 4344 [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:19:28.0880 4344 MSKSSRV - ok
23:19:28.0895 4344 [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:19:28.0895 4344 MSPCLOCK - ok
23:19:28.0911 4344 [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:19:28.0911 4344 MSPQM - ok
23:19:29.0036 4344 [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:19:29.0145 4344 MsRPC - ok
23:19:29.0176 4344 [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
23:19:29.0176 4344 mssmbios - ok
23:19:29.0192 4344 [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:19:29.0192 4344 MSTEE - ok
23:19:29.0332 4344 [ 0CC49F78D8ACA0877D885F149084E543 ] Mup C:\Windows\system32\Drivers\mup.sys
23:19:29.0332 4344 Mup - ok
23:19:29.0535 4344 [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent C:\Windows\system32\qagentRT.dll
23:19:29.0613 4344 napagent - ok
23:19:29.0707 4344 [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:19:29.0707 4344 NativeWifiP - ok
23:19:29.0785 4344 [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS C:\Windows\system32\drivers\ndis.sys
23:19:29.0800 4344 NDIS - ok
23:19:29.0909 4344 [ 64DF698A425478E321981431AC171334 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:19:29.0909 4344 NdisTapi - ok
23:19:29.0925 4344 [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:19:29.0956 4344 Ndisuio - ok
23:19:30.0019 4344 [ F8158771905260982CE724076419EF19 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:19:30.0081 4344 NdisWan - ok
23:19:30.0159 4344 [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:19:30.0268 4344 NDProxy - ok
23:19:30.0299 4344 [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:19:30.0299 4344 NetBIOS - ok
23:19:30.0331 4344 [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
23:19:30.0331 4344 netbt - ok
23:19:30.0362 4344 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon C:\Windows\system32\lsass.exe
23:19:30.0362 4344 Netlogon - ok
23:19:30.0455 4344 [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman C:\Windows\System32\netman.dll
23:19:30.0471 4344 Netman - ok
23:19:30.0596 4344 [ 7846D0136CC2B264926A73047BA7688A ] netprofm C:\Windows\System32\netprofm.dll
23:19:30.0674 4344 netprofm - ok
23:19:30.0861 4344 [ 74751DDA198165947FD7454D83F49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:19:30.0861 4344 NetTcpPortSharing - ok
23:19:31.0064 4344 [ C86984AEE87900C1EEB6942EDE3BF4B6 ] NETw3v64 C:\Windows\system32\DRIVERS\NETw3v64.sys
23:19:31.0095 4344 NETw3v64 - ok
23:19:31.0126 4344 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
23:19:31.0126 4344 nfrd960 - ok
23:19:31.0157 4344 [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc C:\Windows\System32\nlasvc.dll
23:19:31.0173 4344 NlaSvc - ok
23:19:31.0267 4344 [ 88F2F2CB9FAEE2E14BCCF384F4C88061 ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys
23:19:31.0267 4344 nmwcd - ok
23:19:31.0282 4344 [ 31C1FAC4AE14FB2F8771C59BA3F90BAD ] nmwcdc C:\Windows\system32\drivers\ccdcmbox64.sys
23:19:31.0282 4344 nmwcdc - ok
23:19:31.0376 4344 [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:19:31.0376 4344 Npfs - ok
23:19:31.0407 4344 [ ACB62BAA1C319B17752553DF3026EEEB ] nsi C:\Windows\system32\nsisvc.dll
23:19:31.0407 4344 nsi - ok
23:19:31.0423 4344 [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:19:31.0438 4344 nsiproxy - ok
23:19:31.0688 4344 [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:19:31.0735 4344 Ntfs - ok
23:19:31.0750 4344 [ DD5D684975352B85B52E3FD5347C20CB ] Null C:\Windows\system32\drivers\Null.sys
23:19:31.0750 4344 Null - ok

Uživatelský avatar
pompeus50
Level 2.5
Level 2.5
Příspěvky: 263
Registrován: duben 07
Pohlaví: Muž
Stav:
Offline

Re: Poprosil bych o kontrolu

Příspěvekod pompeus50 » 23 črc 2013 15:25

23:19:31.0781 4344 [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:19:31.0781 4344 nvraid - ok
23:19:31.0797 4344 [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:19:31.0797 4344 nvstor - ok
23:19:31.0828 4344 [ 19067CA93075EF4823E3938A686F532F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:19:31.0828 4344 nv_agp - ok
23:19:31.0828 4344 NwlnkFlt - ok
23:19:31.0844 4344 NwlnkFwd - ok
23:19:31.0891 4344 [ B5B1CE65AC15BBD11C0619E3EF7CFC28 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
23:19:31.0891 4344 ohci1394 - ok
23:19:32.0109 4344 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:19:32.0109 4344 ose64 - ok
23:19:33.0419 4344 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:19:34.0231 4344 osppsvc - ok
23:19:34.0605 4344 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc C:\Windows\system32\p2psvc.dll
23:19:34.0808 4344 p2pimsvc - ok
23:19:34.0948 4344 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc C:\Windows\system32\p2psvc.dll
23:19:34.0964 4344 p2psvc - ok
23:19:34.0964 4344 [ AECD57F94C887F58919F307C35498EA0 ] Parport C:\Windows\system32\drivers\parport.sys
23:19:34.0995 4344 Parport - ok
23:19:35.0135 4344 [ B43751085E2ABE389DA466BC62A4B987 ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:19:35.0135 4344 partmgr - ok
23:19:35.0167 4344 [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc C:\Windows\System32\pcasvc.dll
23:19:35.0167 4344 PcaSvc - ok
23:19:35.0307 4344 [ BC0018C2D29F655188A0ED3FA94FDB24 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
23:19:35.0323 4344 pccsmcfd - ok
23:19:35.0338 4344 [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci C:\Windows\system32\drivers\pci.sys
23:19:35.0354 4344 pci - ok
23:19:35.0369 4344 [ 15E5C3F89A3452EFBDA3B39816DBC4EE ] pciide C:\Windows\system32\drivers\pciide.sys
23:19:35.0369 4344 pciide - ok
23:19:35.0385 4344 [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
23:19:35.0401 4344 pcmcia - ok
23:19:35.0479 4344 [ AF7CE12C4F3DC8CB2B07685C916BBCFE ] pcouffin C:\Windows\system32\Drivers\pcouffin.sys
23:19:35.0494 4344 pcouffin - ok
23:19:35.0572 4344 [ 58865916F53592A61549B04941BFD80D ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:19:35.0572 4344 PEAUTH - ok
23:19:36.0711 4344 [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost C:\Windows\SysWow64\perfhost.exe
23:19:36.0711 4344 PerfHost - ok
23:19:36.0789 4344 [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla C:\Windows\system32\pla.dll
23:19:36.0851 4344 pla - ok
23:19:36.0976 4344 [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:19:36.0992 4344 PlugPlay - ok
23:19:37.0163 4344 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
23:19:37.0179 4344 PNRPAutoReg - ok
23:19:37.0460 4344 [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc C:\Windows\system32\p2psvc.dll
23:19:37.0475 4344 PNRPsvc - ok
23:19:37.0600 4344 [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:19:37.0631 4344 PolicyAgent - ok
23:19:37.0741 4344 [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:19:37.0741 4344 PptpMiniport - ok
23:19:37.0772 4344 [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor C:\Windows\system32\drivers\processr.sys
23:19:37.0772 4344 Processor - ok
23:19:37.0865 4344 [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc C:\Windows\system32\profsvc.dll
23:19:37.0881 4344 ProfSvc - ok
23:19:37.0928 4344 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
23:19:37.0928 4344 ProtectedStorage - ok
23:19:38.0021 4344 [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
23:19:38.0021 4344 PSched - ok
23:19:38.0162 4344 [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300 C:\Windows\system32\drivers\ql2300.sys
23:19:38.0177 4344 ql2300 - ok
23:19:38.0209 4344 [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
23:19:38.0209 4344 ql40xx - ok
23:19:38.0271 4344 [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE C:\Windows\system32\qwave.dll
23:19:38.0287 4344 QWAVE - ok
23:19:38.0302 4344 [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:19:38.0318 4344 QWAVEdrv - ok
23:19:38.0349 4344 [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:19:38.0349 4344 RasAcd - ok
23:19:38.0380 4344 [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto C:\Windows\System32\rasauto.dll
23:19:38.0380 4344 RasAuto - ok
23:19:38.0505 4344 [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:19:38.0505 4344 Rasl2tp - ok
23:19:38.0583 4344 [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan C:\Windows\System32\rasmans.dll
23:19:38.0599 4344 RasMan - ok
23:19:38.0630 4344 [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:19:38.0630 4344 RasPppoe - ok
23:19:38.0661 4344 [ C6A593B51F34C33E5474539544072527 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:19:38.0661 4344 RasSstp - ok
23:19:38.0692 4344 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:19:38.0708 4344 rdbss - ok
23:19:38.0739 4344 [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:19:38.0739 4344 RDPCDD - ok
23:19:38.0879 4344 [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
23:19:38.0911 4344 rdpdr - ok
23:19:38.0942 4344 [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:19:38.0942 4344 RDPENCDD - ok
23:19:39.0082 4344 [ 5C141FC457F1AC833664789235ACA673 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:19:39.0129 4344 RDPWD - ok
23:19:39.0301 4344 [ BC0A4D47472B042537F4E57B950415FA ] Recovery Service for Windows C:\Program Files (x86)\SMINST\BLService.exe
23:19:39.0347 4344 Recovery Service for Windows - ok
23:19:39.0488 4344 [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess C:\Windows\System32\mprdim.dll
23:19:39.0488 4344 RemoteAccess - ok
23:19:39.0597 4344 [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:19:39.0597 4344 RemoteRegistry - ok
23:19:39.0628 4344 [ CD71E053D7260E4102D99A28F9196070 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
23:19:39.0628 4344 RFCOMM - ok
23:19:39.0691 4344 [ 805AE1F90C64758D19AAA001CF8CBA12 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
23:19:39.0706 4344 RichVideo - ok
23:19:39.0737 4344 [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator C:\Windows\system32\locator.exe
23:19:39.0737 4344 RpcLocator - ok
23:19:39.0893 4344 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs C:\Windows\system32\rpcss.dll
23:19:39.0909 4344 RpcSs - ok
23:19:39.0940 4344 [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:19:39.0940 4344 rspndr - ok
23:19:40.0081 4344 [ 8B91737DA75ADD21CB1554B38089196A ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh64.sys
23:19:40.0081 4344 RTL8169 - ok
23:19:40.0159 4344 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs C:\Windows\system32\lsass.exe
23:19:40.0159 4344 SamSs - ok
23:19:40.0252 4344 [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:19:40.0252 4344 sbp2port - ok
23:19:40.0283 4344 [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:19:40.0283 4344 SCardSvr - ok
23:19:40.0471 4344 [ 0F838C811AD295D2A4489B9993096C63 ] Schedule C:\Windows\system32\schedsvc.dll
23:19:40.0502 4344 Schedule - ok
23:19:40.0517 4344 scmsupp - ok
23:19:40.0627 4344 [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc C:\Windows\System32\certprop.dll
23:19:40.0627 4344 SCPolicySvc - ok
23:19:40.0642 4344 [ B42EE50F7D24F837F925332EB349ECA5 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
23:19:40.0658 4344 sdbus - ok
23:19:40.0705 4344 [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:19:40.0705 4344 SDRSVC - ok
23:19:41.0141 4344 [ 16A252022535B680046F6E34E136D378 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
23:19:41.0375 4344 SeaPort - ok
23:19:41.0453 4344 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:19:41.0531 4344 secdrv - ok
23:19:41.0594 4344 [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon C:\Windows\system32\seclogon.dll
23:19:41.0594 4344 seclogon - ok
23:19:41.0687 4344 [ 90973A64B96CD647FF81C79443618EED ] SENS C:\Windows\system32\sens.dll
23:19:41.0687 4344 SENS - ok
23:19:41.0703 4344 [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum C:\Windows\system32\drivers\serenum.sys
23:19:41.0703 4344 Serenum - ok
23:19:41.0719 4344 [ E62FAC91EE288DB29A9696A9D279929C ] Serial C:\Windows\system32\drivers\serial.sys
23:19:41.0719 4344 Serial - ok
23:19:41.0797 4344 [ A842F04833684BCEEA7336211BE478DF ] sermouse C:\Windows\system32\drivers\sermouse.sys
23:19:41.0797 4344 sermouse - ok
23:19:42.0155 4344 [ 8C1F87F5FDD92229D1754B98F073913F ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
23:19:42.0171 4344 ServiceLayer - ok
23:19:42.0202 4344 [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv C:\Windows\system32\sessenv.dll
23:19:42.0218 4344 SessionEnv - ok
23:19:42.0280 4344 [ 14D4B4465193A87C127933978E8C4106 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:19:42.0280 4344 sffdisk - ok
23:19:42.0343 4344 [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:19:42.0358 4344 sffp_mmc - ok
23:19:42.0374 4344 [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:19:42.0374 4344 sffp_sd - ok
23:19:42.0436 4344 [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
23:19:42.0436 4344 sfloppy - ok
23:19:42.0655 4344 [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:19:42.0686 4344 ShellHWDetection - ok
23:19:42.0701 4344 [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
23:19:42.0701 4344 SiSRaid2 - ok
23:19:42.0733 4344 [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
23:19:42.0733 4344 SiSRaid4 - ok
23:19:42.0873 4344 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
23:19:42.0873 4344 SkypeUpdate - ok
23:19:43.0232 4344 [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc C:\Windows\system32\SLsvc.exe
23:19:43.0341 4344 slsvc - ok
23:19:43.0466 4344 [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify C:\Windows\system32\SLUINotify.dll
23:19:43.0466 4344 SLUINotify - ok
23:19:43.0559 4344 [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:19:43.0575 4344 Smb - ok
23:19:43.0606 4344 [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:19:43.0606 4344 SNMPTRAP - ok
23:19:43.0700 4344 [ 386C3C63F00A7040C7EC5E384217E89D ] spldr C:\Windows\system32\drivers\spldr.sys
23:19:43.0700 4344 spldr - ok
23:19:43.0825 4344 [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler C:\Windows\System32\spoolsv.exe
23:19:43.0825 4344 Spooler - ok
23:19:43.0934 4344 [ 88E5162E58C8919CC873F5D8946197CF ] sptd C:\Windows\system32\Drivers\sptd.sys
23:19:43.0934 4344 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 88E5162E58C8919CC873F5D8946197CF
23:19:43.0949 4344 sptd ( LockedFile.Multi.Generic ) - warning
23:19:43.0949 4344 sptd - detected LockedFile.Multi.Generic (1)
23:19:44.0137 4344 [ 880A57FCCB571EBD063D4DD50E93E46D ] srv C:\Windows\system32\DRIVERS\srv.sys
23:19:44.0230 4344 srv - ok
23:19:44.0293 4344 [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:19:44.0324 4344 srv2 - ok
23:19:44.0355 4344 [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:19:44.0355 4344 srvnet - ok
23:19:44.0464 4344 [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:19:44.0464 4344 SSDPSRV - ok
23:19:44.0542 4344 [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:19:44.0558 4344 SstpSvc - ok
23:19:44.0729 4344 [ E82994866A370A480607637F28B82835 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
23:19:44.0729 4344 STacSV - ok
23:19:44.0963 4344 [ B1691AF4A072CB674D600DB16DD7308E ] StarWindServiceAE C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
23:19:45.0041 4344 StarWindServiceAE - ok
23:19:45.0151 4344 [ 3AD0ED8B19CD76D2254DE5FB298E3C26 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
23:19:45.0151 4344 STHDA - ok
23:19:45.0197 4344 [ 14B4DB4381E4A55F570D8BB699B791D6 ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
23:19:45.0197 4344 StillCam - ok
23:19:45.0307 4344 [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc C:\Windows\System32\wiaservc.dll
23:19:45.0431 4344 stisvc - ok
23:19:45.0447 4344 [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum C:\Windows\system32\DRIVERS\swenum.sys
23:19:45.0447 4344 swenum - ok
23:19:45.0712 4344 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv C:\Windows\System32\swprv.dll
23:19:45.0821 4344 swprv - ok
23:19:45.0837 4344 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
23:19:45.0837 4344 Symc8xx - ok
23:19:45.0868 4344 [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
23:19:45.0868 4344 Sym_hi - ok
23:19:45.0884 4344 [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
23:19:45.0884 4344 Sym_u3 - ok
23:19:46.0055 4344 [ AC3CC98B1BDB6540021D3FFB105AC2B9 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
23:19:46.0055 4344 SynTP - ok
23:19:46.0367 4344 [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain C:\Windows\system32\sysmain.dll
23:19:46.0399 4344 SysMain - ok
23:19:46.0648 4344 [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:19:46.0648 4344 TabletInputService - ok
23:19:46.0804 4344 [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv C:\Windows\System32\tapisrv.dll
23:19:46.0898 4344 TapiSrv - ok
23:19:46.0913 4344 [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS C:\Windows\System32\tbssvc.dll
23:19:46.0913 4344 TBS - ok
23:19:47.0303 4344 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:19:47.0319 4344 Tcpip - ok
23:19:47.0506 4344 [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
23:19:47.0522 4344 Tcpip6 - ok
23:19:47.0647 4344 [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:19:47.0647 4344 tcpipreg - ok
23:19:47.0678 4344 [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:19:47.0678 4344 TDPIPE - ok
23:19:47.0709 4344 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:19:47.0709 4344 TDTCP - ok
23:19:47.0803 4344 [ 458919C8C42E398DC4802178D5FFEE27 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:19:47.0803 4344 tdx - ok
23:19:47.0912 4344 [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
23:19:47.0912 4344 TermDD - ok
23:19:48.0068 4344 [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService C:\Windows\System32\termsrv.dll
23:19:48.0099 4344 TermService - ok
23:19:48.0130 4344 [ 56793271ECDEDD350C5ADD305603E963 ] Themes C:\Windows\system32\shsvcs.dll
23:19:48.0130 4344 Themes - ok
23:19:48.0177 4344 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER C:\Windows\system32\mmcss.dll
23:19:48.0177 4344 THREADORDER - ok
23:19:48.0193 4344 [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks C:\Windows\System32\trkwks.dll
23:19:48.0193 4344 TrkWks - ok
23:19:48.0333 4344 [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:19:48.0333 4344 TrustedInstaller - ok
23:19:48.0411 4344 [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:19:48.0411 4344 tssecsrv - ok
23:19:48.0458 4344 [ 89EC74A9E602D16A75A4170511029B3C ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
23:19:48.0458 4344 tunmp - ok
23:19:48.0551 4344 [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:19:48.0551 4344 tunnel - ok
23:19:48.0739 4344 [ 1C31169DDDC70C1605F703DA701EAEEA ] TVCapSvc C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
23:19:48.0739 4344 TVCapSvc - ok
23:19:48.0754 4344 [ 290B8C381DBC15D3DBCBD2BDB6B0BA12 ] TVSched C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
23:19:48.0754 4344 TVSched - ok
23:19:48.0817 4344 [ FEC266EF401966311744BD0F359F7F56 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
23:19:48.0817 4344 uagp35 - ok
23:19:49.0004 4344 [ FAF2640A2A76ED03D449E443194C4C34 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:19:49.0051 4344 udfs - ok
23:19:49.0082 4344 [ 060507C4113391394478F6953A79EEDC ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:19:49.0082 4344 UI0Detect - ok
23:19:49.0129 4344 [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:19:49.0129 4344 uliagpkx - ok
23:19:49.0331 4344 [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci C:\Windows\system32\drivers\uliahci.sys
23:19:49.0331 4344 uliahci - ok
23:19:49.0487 4344 [ 31707F09846056651EA2C37858F5DDB0 ] UlSata C:\Windows\system32\drivers\ulsata.sys
23:19:49.0487 4344 UlSata - ok
23:19:49.0519 4344 [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
23:19:49.0519 4344 ulsata2 - ok
23:19:49.0550 4344 [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:19:49.0550 4344 umbus - ok
23:19:49.0581 4344 [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost C:\Windows\System32\upnphost.dll
23:19:49.0597 4344 upnphost - ok
23:19:49.0675 4344 [ FBD861E69E1F583BEC906FCD04E4F84E ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
23:19:49.0675 4344 upperdev - ok
23:19:49.0768 4344 [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
23:19:49.0768 4344 USBAAPL64 - ok
23:19:49.0815 4344 [ 07E3498FC60834219D2356293DA0FECC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:19:49.0815 4344 usbccgp - ok
23:19:49.0831 4344 [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:19:49.0831 4344 usbcir - ok
23:19:49.0846 4344 [ 827E44DE934A736EA31E91D353EB126F ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
23:19:49.0862 4344 usbehci - ok
23:19:49.0909 4344 [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:19:49.0909 4344 usbhub - ok
23:19:49.0924 4344 [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci C:\Windows\system32\drivers\usbohci.sys
23:19:49.0924 4344 usbohci - ok
23:19:50.0002 4344 [ ACFEE697AF477021BB3EC78C5431FED2 ] usbprint C:\Windows\system32\drivers\usbprint.sys
23:19:50.0002 4344 usbprint - ok
23:19:50.0111 4344 [ F7386007FB19E7685FC7B298560AA81F ] usbser C:\Windows\system32\drivers\usbser.sys
23:19:50.0127 4344 usbser - ok
23:19:50.0267 4344 [ 0FBB0080B287BBCBF5C7076E3D74A35C ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
23:19:50.0267 4344 UsbserFilt - ok
23:19:50.0299 4344 [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:19:50.0299 4344 USBSTOR - ok
23:19:50.0377 4344 [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
23:19:50.0377 4344 usbuhci - ok
23:19:50.0423 4344 [ FC33099877790D51B0927B7039059855 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
23:19:50.0439 4344 usbvideo - ok
23:19:50.0564 4344 [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms C:\Windows\System32\uxsms.dll
23:19:50.0564 4344 UxSms - ok
23:19:50.0782 4344 [ 294945381DFA7CE58CECF0A9896AF327 ] vds C:\Windows\System32\vds.exe
23:19:50.0876 4344 vds - ok
23:19:50.0907 4344 [ 4B6F9959F8DF8FADC8170CD8A6BCE5C2 ] vfsFPService C:\Windows\system32\vfsFPService.exe
23:19:50.0938 4344 vfsFPService - ok
23:19:50.0969 4344 [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:19:50.0969 4344 vga - ok
23:19:50.0985 4344 [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave C:\Windows\System32\drivers\vga.sys
23:19:51.0001 4344 VgaSave - ok
23:19:51.0016 4344 [ 4F964E6828156F0EF3FA8D3A9A7895DE ] viaide C:\Windows\system32\drivers\viaide.sys
23:19:51.0016 4344 viaide - ok
23:19:51.0047 4344 [ 2B7E885ED951519A12C450D24535DFCA ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:19:51.0047 4344 volmgr - ok
23:19:51.0344 4344 [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:19:51.0344 4344 volmgrx - ok
23:19:51.0625 4344 [ 5280AADA24AB36B01A84A6424C475C8D ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:19:51.0625 4344 volsnap - ok
23:19:51.0656 4344 [ A68F455ED2673835209318DD61BFBB0E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
23:19:51.0656 4344 vsmraid - ok
23:19:51.0952 4344 [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS C:\Windows\system32\vssvc.exe
23:19:51.0999 4344 VSS - ok
23:19:52.0108 4344 [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time C:\Windows\system32\w32time.dll
23:19:52.0108 4344 W32Time - ok
23:19:52.0139 4344 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
23:19:52.0139 4344 WacomPen - ok
23:19:52.0233 4344 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
23:19:52.0233 4344 Wanarp - ok
23:19:52.0249 4344 [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:19:52.0249 4344 Wanarpv6 - ok
23:19:52.0358 4344 [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:19:52.0451 4344 wcncsvc - ok
23:19:52.0467 4344 [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:19:52.0483 4344 WcsPlugInService - ok
23:19:52.0498 4344 [ 0C17A0816F65B89E362E682AD5E7266E ] Wd C:\Windows\system32\drivers\wd.sys
23:19:52.0498 4344 Wd - ok
23:19:52.0701 4344 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:19:52.0748 4344 Wdf01000 - ok
23:19:52.0779 4344 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:19:52.0779 4344 WdiServiceHost - ok
23:19:52.0779 4344 [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:19:52.0795 4344 WdiSystemHost - ok
23:19:52.0919 4344 [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient C:\Windows\System32\webclnt.dll
23:19:52.0951 4344 WebClient - ok
23:19:53.0044 4344 [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:19:53.0060 4344 Wecsvc - ok
23:19:53.0107 4344 [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:19:53.0122 4344 wercplsupport - ok
23:19:53.0138 4344 [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc C:\Windows\System32\WerSvc.dll
23:19:53.0153 4344 WerSvc - ok
23:19:53.0231 4344 WinDefend - ok
23:19:53.0231 4344 WinHttpAutoProxySvc - ok
23:19:53.0528 4344 [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:19:53.0559 4344 Winmgmt - ok
23:19:54.0074 4344 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM C:\Windows\system32\WsmSvc.dll
23:19:54.0199 4344 WinRM - ok
23:19:54.0308 4344 [ 7F2F9E48566B2087F2AAAD258CB2A8D4 ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
23:19:54.0308 4344 WinUSB - ok
23:19:54.0495 4344 [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc C:\Windows\System32\wlansvc.dll
23:19:54.0526 4344 Wlansvc - ok
23:19:55.0088 4344 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:19:55.0103 4344 wlidsvc - ok
23:19:55.0150 4344 [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
23:19:55.0150 4344 WmiAcpi - ok
23:19:55.0275 4344 [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:19:55.0275 4344 wmiApSrv - ok
23:19:55.0306 4344 WMPNetworkSvc - ok
23:19:55.0337 4344 [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:19:55.0353 4344 WPCSvc - ok
23:19:55.0447 4344 [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:19:55.0447 4344 WPDBusEnum - ok
23:19:55.0556 4344 [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
23:19:55.0556 4344 WpdUsb - ok
23:19:56.0445 4344 [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
23:19:56.0476 4344 WPFFontCache_v0400 - ok
23:19:56.0539 4344 [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:19:56.0554 4344 ws2ifsl - ok
23:19:56.0695 4344 [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc C:\Windows\system32\wscsvc.dll
23:19:56.0710 4344 wscsvc - ok
23:19:56.0804 4344 [ DE5F5212AB34221DD1618B5FEFE8DB6C ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
23:19:56.0804 4344 WSDPrintDevice - ok
23:19:56.0804 4344 WSearch - ok
23:19:56.0897 4344 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:19:56.0897 4344 WudfPf - ok
23:19:57.0038 4344 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:19:57.0038 4344 WUDFRd - ok
23:19:57.0116 4344 [ 3DCC7BF5AFA921B479E622BD999121F3 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:19:57.0131 4344 wudfsvc - ok
23:19:57.0163 4344 [ 07F7285220307AAFB755D890295F0F9A ] yukonx64 C:\Windows\system32\DRIVERS\yk60x64.sys
23:19:57.0178 4344 yukonx64 - ok
23:19:57.0241 4344 [ 1CACFEF9E5DD866C5B79A135EE729E18 ] {55662437-DA8C-40c0-AADA-2C816A897A49} C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
23:19:57.0241 4344 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
23:19:57.0241 4344 ================ Scan global ===============================
23:19:57.0334 4344 [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
23:19:57.0631 4344 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
23:19:57.0693 4344 [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
23:19:57.0896 4344 [ E2D076F2C1239AA6C7412BA6B8B1DE4E ] C:\Windows\system32\services.exe
23:19:57.0989 4344 [Global] - ok
23:19:57.0989 4344 ================ Scan MBR ==================================
23:19:57.0989 4344 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
23:19:58.0052 4344 \Device\Harddisk1\DR1 - ok
23:19:58.0161 4344 [ 588AE8F0C685C02BA11F30D9CD7E61A0 ] \Device\Harddisk0\DR0
23:20:00.0329 4344 \Device\Harddisk0\DR0 - ok
23:20:00.0329 4344 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
23:20:00.0392 4344 \Device\Harddisk1\DR1 - ok
23:20:00.0392 4344 ================ Scan VBR ==================================
23:20:00.0392 4344 [ 7A7C830D035ABE192529056F6691F04D ] \Device\Harddisk1\DR1\Partition1
23:20:00.0392 4344 \Device\Harddisk1\DR1\Partition1 - ok
23:20:00.0485 4344 [ 0DBB67326A319635211B003B2C8AF8C1 ] \Device\Harddisk0\DR0\Partition1
23:20:00.0485 4344 \Device\Harddisk0\DR0\Partition1 - ok
23:20:00.0548 4344 [ B3722B9783C028D6BF347F8864CEEB92 ] \Device\Harddisk0\DR0\Partition2
23:20:00.0548 4344 \Device\Harddisk0\DR0\Partition2 - ok
23:20:00.0563 4344 [ 7A7C830D035ABE192529056F6691F04D ] \Device\Harddisk1\DR1\Partition1
23:20:00.0563 4344 \Device\Harddisk1\DR1\Partition1 - ok
23:20:00.0563 4344 ============================================================
23:20:00.0563 4344 Scan finished
23:20:00.0563 4344 ============================================================
23:20:00.0579 5056 Detected object count: 1
23:20:00.0579 5056 Actual detected object count: 1
23:20:02.0732 5056 sptd ( LockedFile.Multi.Generic ) - skipped by user
23:20:02.0732 5056 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
23:20:06.0741 4052 Deinitialize success


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 94 hostů