Prosím o kontrolu logu

ondrej.nosek · Příspěvekod **ondrej.nosek** » 31 črc 2013 14:21

Zdravím
Mám problém se svým notebookem. Pokaždé když se přihlásím (po zapnutí), tak mi vyskočí malé okno,které se tváří jako
Windows Script host. Je tak malé,že jediné co tam je je 'ok' a pak se to neukazuje. Včera dokonce,když jsem vypínal nb ,tak mi žlutě blikala obrazovka ,ale dnes už to tu není.
Zde je můj log :

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:17:03, on 31.7.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
Boot mode: Normal

Running processes:
C:\Users\Slender\AppData\Roaming\Search Protection\SearchProtection.exe
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\windows\inf\msodoy\msodoy.exe
C:\Users\Slender\Downloads\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [NtVdmSrv] C:\windows\inf\ntvdm.vbe
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [SearchProtection] "C:\Users\Slender\AppData\Roaming\Search Protection\SearchProtection.EXE" /autostart
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Ochrana HDD TOSHIBA (Thpsrv) - Unknown owner - C:\windows\system32\ThpSrv.exe (file missing)
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9175 bytes

Předem děkuji

Reklama

Příspěvekod **memphisto** » 31 črc 2013 16:33

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

ondrej.nosek · Příspěvekod **ondrej.nosek** » 31 črc 2013 17:21

Malwerebytes:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.07.31.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16635
Slender :: SLENDER-TOSH [administrátor]

31.7.2013 17:12:22
MBAM-log-2013-07-31 (17-18-33).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 235749
Uplynulý čas: 5 minut, 13 sekund

Nalezené procesy v paměti: 1
C:\Windows\inf\msodoy\msodoy.exe (BitcoinMiner) -> 4292 -> Nebyla provedena žádná instrukce.

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 1
C:\ProgramData\IBUpdaterService (PUP.InstallBrain) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 2
C:\Windows\inf\msodoy\msodoy.exe (BitcoinMiner) -> Nebyla provedena žádná instrukce.
C:\ProgramData\IBUpdaterService\repository.xml (PUP.InstallBrain) -> Nebyla provedena žádná instrukce.

(konec)

Adw: # AdwCleaner v2.306 - Log vytvooen 31/07/2013 v 17:19:47
# Aktualizováno 19/07/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Slender - SLENDER-TOSH
# Spuštin systém : Normální
# Spuštino z : C:\Users\Slender\Desktop\adwcleaner.exe
# Volba [Prohledat]

***** [Služby] *****

***** [Soubory / Složky] *****

Složka Nalezeno : C:\ProgramData\IBUpdaterService
Složka Nalezeno : C:\Users\Slender\AppData\LocalLow\Conduit
Složka Nalezeno : C:\Users\Slender\AppData\Roaming\PerformerSoft
Složka Nalezeno : C:\Users\Slender\AppData\Roaming\search protection

***** [Registry] *****

Klíe Nalezeno : HKCU\Software\AppDataLow\Software\Conduit
Klíe Nalezeno : HKCU\Software\AppDataLow\Software\SmartBar
Klíe Nalezeno : HKCU\Software\Conduit
Klíe Nalezeno : HKCU\Software\PrivitizeVPNInstallDates
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Klíe Nalezeno : HKLM\Software\Conduit

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v10.0.9200.16635

[OK] Registry jsou eisté.

-\\ Google Chrome v24.0.1312.57

Soubor : C:\Users\Slender\AppData\Local\Google\Chrome\User Data\Default\Preferences

Nalezeno [l.14] : urls_to_restore_on_startup = [ "hxxp://www.google.cz/", "hxxp://isearch.avg.com/?cid={6B6B1D94-9913-436F-B0D8-5F7ED8A71A4D}&mid=55a661f1563247d0997359e75bb01419-9007ea268aeb4e3ffefe41e1b89d552c847a001b&lang=cs&ds=AVG&pr=fr&d=2013-01-17 00:01:02&v=14.0.2.14&pid=avg&sg=&sap=hp", "hxxp://isearch.avg.com/?cid={6B6B1D94-9913-436F-B0D8-5F7ED8A71A4D}&mid=55a661f1563247d0997359e75bb01419-9007ea268aeb4e3ffefe41e1b89d552c847a001b&lang=cs&ds=AVG&pr=fr&d=2013-01-17 00:01:02&v=14.2.0.1&pid=avg&sg=&sap=hp" ]
Nalezeno [l.2727] : urls_to_restore_on_startup = [ "hxxp://www.google.cz/", "hxxp://isearch.avg.com/?cid={6B6B1D94-9913-436F-B0D8-5F7ED8A71A4D}&mid=55a661f1563247d0997359e75bb01419-9007ea268aeb4e3ffefe41e1b89d552c847a001b&lang=cs&ds=AVG&pr=fr&d=2013-01-17 00:01:02&v=14.0.2.14&pid=avg&sg=&sap=hp", "hxxp://isearch.avg.com/?cid={6B6B1D94-9913-436F-B0D8-5F7ED8A71A4D}&mid=55a661f1563247d0997359e75bb01419-9007ea268aeb4e3ffefe41e1b89d552c847a001b&lang=cs&ds=AVG&pr=fr&d=2013-01-17 00:01:02&v=14.2.0.1&pid=avg&sg=&sap=hp" ]

*************************

AdwCleaner[R6].txt - [2290 octets] - [31/07/2013 17:19:47]

########## EOF - C:\AdwCleaner[R6].txt - [2350 octets] ##########

Příspěvekod **jaro3** » 31 črc 2013 17:25

Znovu spusť MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Delete“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

ondrej.nosek · Příspěvekod **ondrej.nosek** » 31 črc 2013 18:10

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.07.31.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16635
Slender :: SLENDER-TOSH [administrátor]

31.7.2013 17:32:28
mbam-log-2013-07-31 (17-32-28).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 235748
Uplynulý čas: 3 minut, 13 sekund

Nalezené procesy v paměti: 1
C:\Windows\inf\msodoy\msodoy.exe (BitcoinMiner) -> 4292 -> Bude smazán při restartu.

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
C:\Windows\inf\msodoy\msodoy.exe (BitcoinMiner) -> Bude smazán při restartu.

(konec)

ještě druhý pokus (omylem sem vynechal dva nálezy)

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.07.31.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16635
Slender :: SLENDER-TOSH [administrátor]

31.7.2013 17:40:28
mbam-log-2013-07-31 (17-40-28).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 235728
Uplynulý čas: 5 minut, 42 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 1
C:\ProgramData\IBUpdaterService (PUP.InstallBrain) -> Přesun do karantény a smazání se zdařilo.

Nalezené soubory: 1
C:\ProgramData\IBUpdaterService\repository.xml (PUP.InstallBrain) -> Přesun do karantény a smazání se zdařilo.

(konec)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.2.9 (07.30.2013:1)
OS: Windows 7 Home Premium x64
Ran by Slender on st 31.07.2013 at 17:54:51,93
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\searchprotection

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\privitizevpn_1_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\privitizevpn_1_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\privitizevpn_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\privitizevpn_rasmancs
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{22076E16-CCDF-4823-9147-0C4383E04F1E}

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\Users\Slender\appdata\locallow\conduit"

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 31.07.2013 at 17:59:43,80
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v2.306 - Log vytvooen 31/07/2013 v 17:48:27
# Aktualizováno 19/07/2013 Xplode
# Operaení systém : Windows 7 Home Premium Service Pack 1 (64 bits)
# Uživatel : Slender - SLENDER-TOSH
# Spuštin systém : Normální
# Spuštino z : C:\Users\Slender\Desktop\adwcleaner.exe
# Volba [Vymazat]

***** [Služby] *****

***** [Soubory / Složky] *****

Složka Vymazáno : C:\Users\Slender\AppData\LocalLow\Conduit
Složka Vymazáno : C:\Users\Slender\AppData\Roaming\PerformerSoft
Složka Vymazáno : C:\Users\Slender\AppData\Roaming\search protection

***** [Registry] *****

Klíe Vymazáno : HKCU\Software\AppDataLow\Software\Conduit
Klíe Vymazáno : HKCU\Software\AppDataLow\Software\SmartBar
Klíe Vymazáno : HKCU\Software\Conduit
Klíe Vymazáno : HKCU\Software\PrivitizeVPNInstallDates
Klíe Vymazáno : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Klíe Vymazáno : HKLM\Software\Conduit

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v10.0.9200.16635

[OK] Registry jsou eisté.

-\\ Google Chrome v24.0.1312.57

Soubor : C:\Users\Slender\AppData\Local\Google\Chrome\User Data\Default\Preferences

Vymazáno [l.14] : urls_to_restore_on_startup = [ "hxxp://www.google.cz/", "hxxp://isearch.avg.com/?cid={6B6B[...]
Vymazáno [l.2727] : urls_to_restore_on_startup = [ "hxxp://www.google.cz/", "hxxp://isearch.avg.com/?cid={6B6B1D9[...]

*************************

AdwCleaner[R6].txt - [2419 octets] - [31/07/2013 17:19:47]
AdwCleaner[R7].txt - [2428 octets] - [31/07/2013 17:48:14]
AdwCleaner[S5].txt - [1552 octets] - [31/07/2013 17:48:27]

########## EOF - C:\AdwCleaner[S5].txt - [1612 octets] ##########

RogueKiller V8.6.4 _x64_ [Jul 29 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Slender [Práva správce]
Mód : Kontrola -- Datum : 07/31/2013 18:07:15
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS545050B9A300 +++++
--- User ---
[MBR] f82fbdc242d5b9f42a791ff94ae299f4
[BSP] 987d48efabc4559827ec92e830638bb8 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 466771 Mo
2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 959021056 | Size: 8668 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_07312013_180715.txt >>

Příspěvekod **memphisto** » 31 črc 2013 18:22

Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "

- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání- Finished "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

ondrej.nosek · Příspěvekod **ondrej.nosek** » 31 črc 2013 18:29

RogueKiller V8.6.4 _x64_ [Jul 29 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Slender [Práva správce]
Mód : Odebrat -- Datum : 07/31/2013 18:27:46
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> [0x2] Systém nemůže nalézt uvedený soubor.

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: Hitachi HTS545050B9A300 +++++
--- User ---
[MBR] f82fbdc242d5b9f42a791ff94ae299f4
[BSP] 987d48efabc4559827ec92e830638bb8 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 466771 Mo
2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 959021056 | Size: 8668 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_07312013_182746.txt >>
RKreport[0]_S_07312013_180715.txt;RKreport[0]_S_07312013_182743.txt

ondrej.nosek · Příspěvekod **ondrej.nosek** » 31 črc 2013 18:35

18:30:07.0241 4444 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:30:07.0428 4444 ============================================================
18:30:07.0428 4444 Current date / time: 2013/07/31 18:30:07.0428
18:30:07.0428 4444 SystemInfo:
18:30:07.0428 4444
18:30:07.0428 4444 OS Version: 6.1.7601 ServicePack: 1.0
18:30:07.0428 4444 Product type: Workstation
18:30:07.0428 4444 ComputerName: SLENDER-TOSH
18:30:07.0428 4444 UserName: Slender
18:30:07.0428 4444 Windows directory: C:\windows
18:30:07.0428 4444 System windows directory: C:\windows
18:30:07.0428 4444 Running under WOW64
18:30:07.0428 4444 Processor architecture: Intel x64
18:30:07.0428 4444 Number of processors: 4
18:30:07.0428 4444 Page size: 0x1000
18:30:07.0428 4444 Boot type: Normal boot
18:30:07.0428 4444 ============================================================
18:30:07.0991 4444 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:30:07.0996 4444 ============================================================
18:30:07.0996 4444 \Device\Harddisk0\DR0:
18:30:07.0996 4444 MBR partitions:
18:30:07.0996 4444 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38FA9800
18:30:07.0996 4444 ============================================================
18:30:08.0016 4444 C: <-> \Device\Harddisk0\DR0\Partition1
18:30:08.0016 4444 ============================================================
18:30:08.0016 4444 Initialize success
18:30:08.0016 4444 ============================================================
18:30:11.0282 0568 ============================================================
18:30:11.0282 0568 Scan started
18:30:11.0282 0568 Mode: Manual;
18:30:11.0282 0568 ============================================================
18:30:11.0420 0568 ================ Scan system memory ========================
18:30:11.0421 0568 System memory - ok
18:30:11.0421 0568 ================ Scan services =============================
18:30:11.0597 0568 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
18:30:11.0599 0568 1394ohci - ok
18:30:11.0629 0568 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
18:30:11.0631 0568 ACPI - ok
18:30:11.0670 0568 [ 12C5274CD87449A2A37A607CDB321922 ] acpials C:\windows\system32\DRIVERS\acpials.sys
18:30:11.0671 0568 acpials - ok
18:30:11.0689 0568 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
18:30:11.0690 0568 AcpiPmi - ok
18:30:11.0853 0568 [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:30:11.0855 0568 AdobeFlashPlayerUpdateSvc - ok
18:30:11.0918 0568 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
18:30:11.0921 0568 adp94xx - ok
18:30:11.0944 0568 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
18:30:11.0947 0568 adpahci - ok
18:30:11.0953 0568 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
18:30:11.0955 0568 adpu320 - ok
18:30:11.0985 0568 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
18:30:11.0986 0568 AeLookupSvc - ok
18:30:12.0016 0568 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
18:30:12.0019 0568 AFD - ok
18:30:12.0054 0568 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
18:30:12.0055 0568 agp440 - ok
18:30:12.0084 0568 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
18:30:12.0086 0568 ALG - ok
18:30:12.0104 0568 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
18:30:12.0105 0568 aliide - ok
18:30:12.0125 0568 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
18:30:12.0126 0568 amdide - ok
18:30:12.0150 0568 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
18:30:12.0151 0568 AmdK8 - ok
18:30:12.0170 0568 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
18:30:12.0171 0568 AmdPPM - ok
18:30:12.0220 0568 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
18:30:12.0221 0568 amdsata - ok
18:30:12.0254 0568 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
18:30:12.0256 0568 amdsbs - ok
18:30:12.0273 0568 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
18:30:12.0274 0568 amdxata - ok
18:30:12.0325 0568 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
18:30:12.0326 0568 AppID - ok
18:30:12.0360 0568 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
18:30:12.0361 0568 AppIDSvc - ok
18:30:12.0399 0568 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\windows\System32\appinfo.dll
18:30:12.0401 0568 Appinfo - ok
18:30:12.0426 0568 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys
18:30:12.0427 0568 arc - ok
18:30:12.0432 0568 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
18:30:12.0433 0568 arcsas - ok
18:30:12.0551 0568 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:30:12.0580 0568 aspnet_state - ok
18:30:12.0595 0568 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
18:30:12.0596 0568 AsyncMac - ok
18:30:12.0622 0568 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
18:30:12.0623 0568 atapi - ok
18:30:12.0683 0568 [ E857EEE6B92AAA473EBB3465ADD8F7E7 ] athr C:\windows\system32\DRIVERS\athrx.sys
18:30:12.0692 0568 athr - ok
18:30:12.0743 0568 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
18:30:12.0747 0568 AudioEndpointBuilder - ok
18:30:12.0756 0568 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
18:30:12.0761 0568 AudioSrv - ok
18:30:12.0943 0568 [ 4DB93F4DB7077801D2D82013506AC1D0 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
18:30:12.0968 0568 AVGIDSAgent - ok
18:30:13.0020 0568 [ 241C32E942869FD1351CC5864976C3AC ] AVGIDSDriver C:\windows\system32\DRIVERS\avgidsdrivera.sys
18:30:13.0022 0568 AVGIDSDriver - ok
18:30:13.0050 0568 [ C8D9EEACF266512C1FA52E2ECF5AD944 ] AVGIDSHA C:\windows\system32\DRIVERS\avgidsha.sys
18:30:13.0051 0568 AVGIDSHA - ok
18:30:13.0103 0568 [ FACD18A89FDEBC35C85CAF762B294BE2 ] Avgldx64 C:\windows\system32\DRIVERS\avgldx64.sys
18:30:13.0105 0568 Avgldx64 - ok
18:30:13.0170 0568 [ 29FCDEAC6086FB7E55344B51E35D99CE ] Avgloga C:\windows\system32\DRIVERS\avgloga.sys
18:30:13.0173 0568 Avgloga - ok
18:30:13.0224 0568 [ 85053293DCDE19829E8691A9E9E8A6FF ] Avgmfx64 C:\windows\system32\DRIVERS\avgmfx64.sys
18:30:13.0226 0568 Avgmfx64 - ok
18:30:13.0269 0568 [ 0638096A30B7081DAACB8DCC39BD16EF ] Avgrkx64 C:\windows\system32\DRIVERS\avgrkx64.sys
18:30:13.0269 0568 Avgrkx64 - ok
18:30:13.0308 0568 [ 69BD90E337625F96C718CACE7A9C9E29 ] Avgtdia C:\windows\system32\DRIVERS\avgtdia.sys
18:30:13.0310 0568 Avgtdia - ok
18:30:13.0361 0568 [ 48939D9F350AEF9370F03A1E49A49BE2 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
18:30:13.0363 0568 avgwd - ok
18:30:13.0406 0568 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
18:30:13.0408 0568 AxInstSV - ok
18:30:13.0448 0568 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
18:30:13.0452 0568 b06bdrv - ok
18:30:13.0481 0568 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
18:30:13.0483 0568 b57nd60a - ok
18:30:13.0521 0568 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
18:30:13.0522 0568 BDESVC - ok
18:30:13.0553 0568 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
18:30:13.0554 0568 Beep - ok
18:30:13.0613 0568 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
18:30:13.0621 0568 BFE - ok
18:30:13.0664 0568 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
18:30:13.0674 0568 BITS - ok
18:30:13.0703 0568 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
18:30:13.0703 0568 blbdrive - ok
18:30:13.0740 0568 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
18:30:13.0741 0568 bowser - ok
18:30:13.0755 0568 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
18:30:13.0756 0568 BrFiltLo - ok
18:30:13.0768 0568 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
18:30:13.0769 0568 BrFiltUp - ok
18:30:13.0809 0568 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
18:30:13.0810 0568 BridgeMP - ok
18:30:13.0841 0568 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
18:30:13.0842 0568 Browser - ok
18:30:13.0887 0568 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
18:30:13.0889 0568 Brserid - ok
18:30:13.0893 0568 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
18:30:13.0894 0568 BrSerWdm - ok
18:30:13.0898 0568 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
18:30:13.0899 0568 BrUsbMdm - ok
18:30:13.0903 0568 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
18:30:13.0904 0568 BrUsbSer - ok
18:30:13.0911 0568 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
18:30:13.0912 0568 BTHMODEM - ok
18:30:13.0949 0568 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
18:30:13.0950 0568 bthserv - ok
18:30:13.0956 0568 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
18:30:13.0957 0568 cdfs - ok
18:30:14.0009 0568 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
18:30:14.0010 0568 cdrom - ok
18:30:14.0039 0568 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
18:30:14.0041 0568 CertPropSvc - ok
18:30:14.0129 0568 [ 41E7C4FA6491747402CFCA77CC1C7AAB ] cfWiMAXService C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
18:30:14.0131 0568 cfWiMAXService - ok
18:30:14.0169 0568 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys
18:30:14.0169 0568 circlass - ok
18:30:14.0190 0568 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
18:30:14.0193 0568 CLFS - ok
18:30:14.0255 0568 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:30:14.0257 0568 clr_optimization_v2.0.50727_32 - ok
18:30:14.0295 0568 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:30:14.0297 0568 clr_optimization_v2.0.50727_64 - ok
18:30:14.0361 0568 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:30:14.0363 0568 clr_optimization_v4.0.30319_32 - ok
18:30:14.0381 0568 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:30:14.0383 0568 clr_optimization_v4.0.30319_64 - ok
18:30:14.0405 0568 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
18:30:14.0406 0568 CmBatt - ok
18:30:14.0427 0568 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
18:30:14.0428 0568 cmdide - ok
18:30:14.0463 0568 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\windows\system32\Drivers\cng.sys
18:30:14.0466 0568 CNG - ok
18:30:14.0496 0568 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
18:30:14.0497 0568 Compbatt - ok
18:30:14.0524 0568 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
18:30:14.0525 0568 CompositeBus - ok
18:30:14.0537 0568 COMSysApp - ok
18:30:14.0569 0568 [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] ConfigFree Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
18:30:14.0569 0568 ConfigFree Service - ok
18:30:14.0602 0568 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
18:30:14.0603 0568 crcdisk - ok
18:30:14.0667 0568 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\windows\system32\cryptsvc.dll
18:30:14.0669 0568 CryptSvc - ok
18:30:14.0707 0568 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
18:30:14.0711 0568 DcomLaunch - ok
18:30:14.0744 0568 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
18:30:14.0747 0568 defragsvc - ok
18:30:14.0773 0568 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
18:30:14.0774 0568 DfsC - ok
18:30:14.0811 0568 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
18:30:14.0813 0568 Dhcp - ok
18:30:14.0837 0568 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
18:30:14.0838 0568 discache - ok
18:30:14.0860 0568 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys
18:30:14.0861 0568 Disk - ok
18:30:14.0886 0568 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
18:30:14.0888 0568 Dnscache - ok
18:30:14.0923 0568 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
18:30:14.0928 0568 dot3svc - ok
18:30:14.0951 0568 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
18:30:14.0953 0568 DPS - ok
18:30:14.0975 0568 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
18:30:14.0976 0568 drmkaud - ok
18:30:15.0024 0568 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
18:30:15.0030 0568 DXGKrnl - ok
18:30:15.0065 0568 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
18:30:15.0066 0568 EapHost - ok
18:30:15.0142 0568 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
18:30:15.0160 0568 ebdrv - ok
18:30:15.0198 0568 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
18:30:15.0200 0568 EFS - ok
18:30:15.0274 0568 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
18:30:15.0281 0568 ehRecvr - ok
18:30:15.0302 0568 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
18:30:15.0304 0568 ehSched - ok
18:30:15.0339 0568 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
18:30:15.0343 0568 elxstor - ok
18:30:15.0373 0568 [ 524C79054636D2E5751169005006460B ] enecir C:\windows\system32\DRIVERS\enecir.sys
18:30:15.0374 0568 enecir - ok
18:30:15.0385 0568 [ E17EB95358F396E27D573A1B20F891F8 ] enecirhid C:\windows\system32\DRIVERS\enecirhid.sys
18:30:15.0386 0568 enecirhid - ok
18:30:15.0398 0568 [ 8492D808C79BD6FE439F77BE84956CDF ] enecirhidma C:\windows\system32\DRIVERS\enecirhidma.sys
18:30:15.0399 0568 enecirhidma - ok
18:30:15.0425 0568 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
18:30:15.0426 0568 ErrDev - ok
18:30:15.0467 0568 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
18:30:15.0470 0568 EventSystem - ok
18:30:15.0508 0568 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
18:30:15.0509 0568 exfat - ok
18:30:15.0548 0568 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
18:30:15.0550 0568 fastfat - ok
18:30:15.0601 0568 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
18:30:15.0609 0568 Fax - ok
18:30:15.0623 0568 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys
18:30:15.0624 0568 fdc - ok
18:30:15.0655 0568 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
18:30:15.0656 0568 fdPHost - ok
18:30:15.0673 0568 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
18:30:15.0674 0568 FDResPub - ok
18:30:15.0700 0568 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
18:30:15.0701 0568 FileInfo - ok
18:30:15.0709 0568 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
18:30:15.0709 0568 Filetrace - ok
18:30:15.0727 0568 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
18:30:15.0728 0568 flpydisk - ok
18:30:15.0763 0568 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
18:30:15.0765 0568 FltMgr - ok
18:30:15.0832 0568 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\windows\system32\FntCache.dll
18:30:15.0839 0568 FontCache - ok
18:30:15.0883 0568 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:30:15.0885 0568 FontCache3.0.0.0 - ok
18:30:15.0910 0568 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
18:30:15.0911 0568 FsDepends - ok
18:30:15.0931 0568 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
18:30:15.0932 0568 Fs_Rec - ok
18:30:15.0961 0568 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
18:30:15.0963 0568 fvevol - ok
18:30:15.0980 0568 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
18:30:15.0981 0568 gagp30kx - ok
18:30:16.0021 0568 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
18:30:16.0025 0568 gpsvc - ok
18:30:16.0072 0568 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\windows\system32\DRIVERS\hamachi.sys
18:30:16.0073 0568 hamachi - ok
18:30:16.0098 0568 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
18:30:16.0098 0568 hcw85cir - ok
18:30:16.0157 0568 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
18:30:16.0160 0568 HdAudAddService - ok
18:30:16.0184 0568 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
18:30:16.0185 0568 HDAudBus - ok
18:30:16.0220 0568 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\windows\system32\DRIVERS\HECIx64.sys
18:30:16.0220 0568 HECIx64 - ok
18:30:16.0243 0568 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
18:30:16.0244 0568 HidBatt - ok
18:30:16.0249 0568 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
18:30:16.0250 0568 HidBth - ok
18:30:16.0270 0568 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
18:30:16.0271 0568 HidIr - ok
18:30:16.0300 0568 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\System32\hidserv.dll
18:30:16.0301 0568 hidserv - ok
18:30:16.0349 0568 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
18:30:16.0350 0568 HidUsb - ok
18:30:16.0377 0568 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
18:30:16.0379 0568 hkmsvc - ok
18:30:16.0408 0568 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
18:30:16.0412 0568 HomeGroupListener - ok
18:30:16.0442 0568 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
18:30:16.0445 0568 HomeGroupProvider - ok
18:30:16.0479 0568 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
18:30:16.0480 0568 HpSAMD - ok
18:30:16.0529 0568 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
18:30:16.0534 0568 HTTP - ok
18:30:16.0567 0568 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
18:30:16.0567 0568 hwpolicy - ok
18:30:16.0595 0568 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
18:30:16.0597 0568 i8042prt - ok
18:30:16.0622 0568 [ 85977CD13FC16069CE0AF7943A811775 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
18:30:16.0625 0568 iaStor - ok
18:30:16.0661 0568 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
18:30:16.0663 0568 iaStorV - ok
18:30:16.0726 0568 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:30:16.0735 0568 idsvc - ok
18:30:16.0764 0568 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
18:30:16.0765 0568 iirsp - ok
18:30:16.0811 0568 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
18:30:16.0820 0568 IKEEXT - ok
18:30:16.0927 0568 [ CCEDD47ABD068C58C8513DEB785093BB ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
18:30:16.0946 0568 IntcAzAudAddService - ok
18:30:16.0990 0568 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
18:30:16.0990 0568 intelide - ok
18:30:17.0016 0568 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
18:30:17.0017 0568 intelppm - ok
18:30:17.0050 0568 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
18:30:17.0053 0568 IPBusEnum - ok
18:30:17.0090 0568 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
18:30:17.0091 0568 IpFilterDriver - ok
18:30:17.0130 0568 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
18:30:17.0135 0568 iphlpsvc - ok
18:30:17.0165 0568 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
18:30:17.0166 0568 IPMIDRV - ok
18:30:17.0199 0568 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
18:30:17.0200 0568 IPNAT - ok
18:30:17.0230 0568 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
18:30:17.0231 0568 IRENUM - ok
18:30:17.0251 0568 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
18:30:17.0252 0568 isapnp - ok
18:30:17.0300 0568 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
18:30:17.0303 0568 iScsiPrt - ok
18:30:17.0363 0568 [ 25D602AE635A0443458FBED1A8B6E4E9 ] JMCR C:\windows\system32\DRIVERS\jmcr.sys
18:30:17.0364 0568 JMCR - ok
18:30:17.0394 0568 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
18:30:17.0395 0568 kbdclass - ok
18:30:17.0412 0568 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
18:30:17.0413 0568 kbdhid - ok
18:30:17.0421 0568 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
18:30:17.0422 0568 KeyIso - ok
18:30:17.0445 0568 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
18:30:17.0446 0568 KSecDD - ok
18:30:17.0478 0568 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
18:30:17.0479 0568 KSecPkg - ok
18:30:17.0504 0568 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
18:30:17.0505 0568 ksthunk - ok
18:30:17.0534 0568 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
18:30:17.0549 0568 KtmRm - ok
18:30:17.0593 0568 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\System32\srvsvc.dll
18:30:17.0596 0568 LanmanServer - ok
18:30:17.0644 0568 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
18:30:17.0646 0568 LanmanWorkstation - ok
18:30:17.0668 0568 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
18:30:17.0669 0568 lltdio - ok
18:30:17.0703 0568 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
18:30:17.0713 0568 lltdsvc - ok
18:30:17.0734 0568 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
18:30:17.0736 0568 lmhosts - ok
18:30:17.0785 0568 [ 23DE5B62B0445A6F874BE633C95B483E ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:30:17.0787 0568 LMS - ok
18:30:17.0832 0568 [ 41E122F6D1448C94CC05196BC41D6BFB ] LPCFilter C:\windows\system32\DRIVERS\LPCFilter.sys
18:30:17.0833 0568 LPCFilter - ok
18:30:17.0858 0568 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
18:30:17.0859 0568 LSI_FC - ok
18:30:17.0900 0568 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
18:30:17.0901 0568 LSI_SAS - ok
18:30:17.0906 0568 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
18:30:17.0907 0568 LSI_SAS2 - ok
18:30:17.0921 0568 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
18:30:17.0922 0568 LSI_SCSI - ok
18:30:17.0936 0568 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
18:30:17.0937 0568 luafv - ok
18:30:17.0969 0568 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
18:30:17.0977 0568 Mcx2Svc - ok
18:30:17.0981 0568 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
18:30:17.0982 0568 megasas - ok
18:30:18.0000 0568 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
18:30:18.0002 0568 MegaSR - ok
18:30:18.0049 0568 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
18:30:18.0050 0568 MMCSS - ok
18:30:18.0069 0568 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
18:30:18.0070 0568 Modem - ok
18:30:18.0106 0568 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
18:30:18.0107 0568 monitor - ok
18:30:18.0121 0568 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\drivers\mouclass.sys
18:30:18.0122 0568 mouclass - ok
18:30:18.0145 0568 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
18:30:18.0146 0568 mouhid - ok
18:30:18.0170 0568 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
18:30:18.0171 0568 mountmgr - ok
18:30:18.0191 0568 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
18:30:18.0193 0568 mpio - ok
18:30:18.0214 0568 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
18:30:18.0215 0568 mpsdrv - ok
18:30:18.0256 0568 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
18:30:18.0261 0568 MpsSvc - ok
18:30:18.0286 0568 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
18:30:18.0288 0568 MRxDAV - ok
18:30:18.0315 0568 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
18:30:18.0316 0568 mrxsmb - ok
18:30:18.0334 0568 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
18:30:18.0337 0568 mrxsmb10 - ok
18:30:18.0348 0568 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
18:30:18.0349 0568 mrxsmb20 - ok
18:30:18.0372 0568 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
18:30:18.0373 0568 msahci - ok
18:30:18.0387 0568 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
18:30:18.0388 0568 msdsm - ok
18:30:18.0408 0568 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
18:30:18.0421 0568 MSDTC - ok
18:30:18.0461 0568 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
18:30:18.0462 0568 Msfs - ok
18:30:18.0491 0568 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
18:30:18.0492 0568 mshidkmdf - ok
18:30:18.0504 0568 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
18:30:18.0505 0568 msisadrv - ok
18:30:18.0546 0568 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
18:30:18.0549 0568 MSiSCSI - ok
18:30:18.0553 0568 msiserver - ok
18:30:18.0591 0568 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
18:30:18.0592 0568 MSKSSRV - ok
18:30:18.0614 0568 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
18:30:18.0615 0568 MSPCLOCK - ok
18:30:18.0624 0568 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
18:30:18.0625 0568 MSPQM - ok
18:30:18.0659 0568 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
18:30:18.0662 0568 MsRPC - ok
18:30:18.0680 0568 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
18:30:18.0681 0568 mssmbios - ok
18:30:18.0716 0568 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
18:30:18.0717 0568 MSTEE - ok
18:30:18.0731 0568 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
18:30:18.0732 0568 MTConfig - ok
18:30:18.0765 0568 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
18:30:18.0766 0568 Mup - ok
18:30:18.0806 0568 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
18:30:18.0809 0568 napagent - ok
18:30:18.0852 0568 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
18:30:18.0854 0568 NativeWifiP - ok
18:30:18.0900 0568 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
18:30:18.0906 0568 NDIS - ok
18:30:18.0951 0568 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
18:30:18.0952 0568 NdisCap - ok
18:30:18.0983 0568 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
18:30:18.0984 0568 NdisTapi - ok
18:30:19.0026 0568 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
18:30:19.0027 0568 Ndisuio - ok
18:30:19.0053 0568 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
18:30:19.0055 0568 NdisWan - ok
18:30:19.0095 0568 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
18:30:19.0096 0568 NDProxy - ok
18:30:19.0202 0568 [ 7D2633295EB6FF2B938185874884059D ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
18:30:19.0207 0568 Nero BackItUp Scheduler 4.0 - ok
18:30:19.0241 0568 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
18:30:19.0242 0568 NetBIOS - ok
18:30:19.0279 0568 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
18:30:19.0280 0568 NetBT - ok
18:30:19.0298 0568 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
18:30:19.0300 0568 Netlogon - ok
18:30:19.0332 0568 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
18:30:19.0336 0568 Netman - ok
18:30:19.0390 0568 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:30:19.0392 0568 NetMsmqActivator - ok
18:30:19.0404 0568 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:30:19.0405 0568 NetPipeActivator - ok
18:30:19.0443 0568 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
18:30:19.0447 0568 netprofm - ok
18:30:19.0455 0568 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:30:19.0456 0568 NetTcpActivator - ok
18:30:19.0461 0568 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:30:19.0463 0568 NetTcpPortSharing - ok
18:30:19.0503 0568 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
18:30:19.0504 0568 nfrd960 - ok
18:30:19.0540 0568 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll
18:30:19.0543 0568 NlaSvc - ok
18:30:19.0572 0568 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
18:30:19.0573 0568 Npfs - ok
18:30:19.0595 0568 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
18:30:19.0596 0568 nsi - ok
18:30:19.0605 0568 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
18:30:19.0606 0568 nsiproxy - ok
18:30:19.0692 0568 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
18:30:19.0701 0568 Ntfs - ok
18:30:19.0723 0568 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
18:30:19.0724 0568 Null - ok
18:30:19.0765 0568 [ 805F0C2B9C07E4C0F74D0EF70E9E827A ] NVHDA C:\windows\system32\drivers\nvhda64v.sys
18:30:19.0767 0568 NVHDA - ok
18:30:20.0005 0568 [ EE6B7B6A54BCAFF516E30B1C15467495 ] nvlddmkm C:\windows\system32\DRIVERS\nvlddmkm.sys
18:30:20.0064 0568 nvlddmkm - ok
18:30:20.0100 0568 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
18:30:20.0102 0568 nvraid - ok
18:30:20.0125 0568 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
18:30:20.0127 0568 nvstor - ok

ondrej.nosek · Příspěvekod **ondrej.nosek** » 31 črc 2013 18:36

18:30:20.0185 0568 [ 25626309AD2F81D47C829CCB5E46E478 ] nvsvc C:\windows\system32\nvvsvc.exe
18:30:20.0191 0568 nvsvc - ok
18:30:20.0231 0568 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
18:30:20.0232 0568 nv_agp - ok
18:30:20.0289 0568 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:30:20.0294 0568 odserv - ok
18:30:20.0324 0568 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
18:30:20.0325 0568 ohci1394 - ok
18:30:20.0391 0568 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:30:20.0393 0568 ose - ok
18:30:20.0429 0568 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
18:30:20.0433 0568 p2pimsvc - ok
18:30:20.0452 0568 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
18:30:20.0457 0568 p2psvc - ok
18:30:20.0479 0568 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
18:30:20.0480 0568 Parport - ok
18:30:20.0505 0568 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
18:30:20.0507 0568 partmgr - ok
18:30:20.0532 0568 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
18:30:20.0534 0568 PcaSvc - ok
18:30:20.0559 0568 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
18:30:20.0561 0568 pci - ok
18:30:20.0582 0568 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
18:30:20.0582 0568 pciide - ok
18:30:20.0615 0568 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
18:30:20.0616 0568 pcmcia - ok
18:30:20.0630 0568 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
18:30:20.0631 0568 pcw - ok
18:30:20.0659 0568 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
18:30:20.0663 0568 PEAUTH - ok
18:30:20.0730 0568 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
18:30:20.0732 0568 PerfHost - ok
18:30:20.0767 0568 [ 663962900E7FEA522126BA287715BB4A ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
18:30:20.0768 0568 PGEffect - ok
18:30:20.0819 0568 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
18:30:20.0836 0568 pla - ok
18:30:20.0877 0568 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
18:30:20.0880 0568 PlugPlay - ok
18:30:20.0919 0568 PnkBstrA - ok
18:30:20.0940 0568 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
18:30:20.0942 0568 PNRPAutoReg - ok
18:30:20.0962 0568 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
18:30:20.0965 0568 PNRPsvc - ok
18:30:21.0001 0568 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
18:30:21.0014 0568 PolicyAgent - ok
18:30:21.0039 0568 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
18:30:21.0041 0568 Power - ok
18:30:21.0072 0568 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
18:30:21.0073 0568 PptpMiniport - ok
18:30:21.0107 0568 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys
18:30:21.0108 0568 Processor - ok
18:30:21.0151 0568 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
18:30:21.0154 0568 ProfSvc - ok
18:30:21.0165 0568 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
18:30:21.0166 0568 ProtectedStorage - ok
18:30:21.0199 0568 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
18:30:21.0200 0568 Psched - ok
18:30:21.0240 0568 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
18:30:21.0249 0568 ql2300 - ok
18:30:21.0254 0568 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
18:30:21.0255 0568 ql40xx - ok
18:30:21.0282 0568 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
18:30:21.0285 0568 QWAVE - ok
18:30:21.0310 0568 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
18:30:21.0311 0568 QWAVEdrv - ok
18:30:21.0331 0568 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
18:30:21.0332 0568 RasAcd - ok
18:30:21.0374 0568 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
18:30:21.0375 0568 RasAgileVpn - ok
18:30:21.0390 0568 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
18:30:21.0392 0568 RasAuto - ok
18:30:21.0417 0568 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
18:30:21.0418 0568 Rasl2tp - ok
18:30:21.0445 0568 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
18:30:21.0448 0568 RasMan - ok
18:30:21.0475 0568 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
18:30:21.0476 0568 RasPppoe - ok
18:30:21.0502 0568 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
18:30:21.0504 0568 RasSstp - ok
18:30:21.0539 0568 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
18:30:21.0542 0568 rdbss - ok
18:30:21.0555 0568 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
18:30:21.0556 0568 rdpbus - ok
18:30:21.0570 0568 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
18:30:21.0571 0568 RDPCDD - ok
18:30:21.0601 0568 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
18:30:21.0602 0568 RDPENCDD - ok
18:30:21.0635 0568 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
18:30:21.0636 0568 RDPREFMP - ok
18:30:21.0703 0568 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
18:30:21.0704 0568 RdpVideoMiniport - ok
18:30:21.0736 0568 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
18:30:21.0738 0568 RDPWD - ok
18:30:21.0790 0568 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
18:30:21.0792 0568 rdyboost - ok
18:30:21.0815 0568 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
18:30:21.0817 0568 RemoteAccess - ok
18:30:21.0845 0568 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
18:30:21.0849 0568 RemoteRegistry - ok
18:30:21.0895 0568 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
18:30:21.0896 0568 RpcEptMapper - ok
18:30:21.0912 0568 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
18:30:21.0913 0568 RpcLocator - ok
18:30:21.0951 0568 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
18:30:21.0957 0568 RpcSs - ok
18:30:21.0989 0568 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
18:30:21.0990 0568 rspndr - ok
18:30:22.0048 0568 [ 3A50489C017292386C1C6CF6EB283F23 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
18:30:22.0050 0568 RtkAudioService - ok
18:30:22.0079 0568 [ 134DFDB9778A6BD1BBE7E8FE50D324C6 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
18:30:22.0081 0568 RTL8167 - ok
18:30:22.0136 0568 [ 7475548B0BA58EBA4D12414FC9E9DFE6 ] rtl8192se C:\windows\system32\DRIVERS\rtl8192se.sys
18:30:22.0143 0568 rtl8192se - ok
18:30:22.0154 0568 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
18:30:22.0155 0568 SamSs - ok
18:30:22.0185 0568 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
18:30:22.0187 0568 sbp2port - ok
18:30:22.0217 0568 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
18:30:22.0222 0568 SCardSvr - ok
18:30:22.0243 0568 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
18:30:22.0244 0568 scfilter - ok
18:30:22.0285 0568 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
18:30:22.0294 0568 Schedule - ok
18:30:22.0317 0568 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
18:30:22.0318 0568 SCPolicySvc - ok
18:30:22.0349 0568 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\windows\system32\drivers\sdbus.sys
18:30:22.0350 0568 sdbus - ok
18:30:22.0385 0568 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
18:30:22.0388 0568 SDRSVC - ok
18:30:22.0424 0568 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
18:30:22.0424 0568 secdrv - ok
18:30:22.0454 0568 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
18:30:22.0457 0568 seclogon - ok
18:30:22.0478 0568 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\system32\sens.dll
18:30:22.0480 0568 SENS - ok
18:30:22.0492 0568 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
18:30:22.0494 0568 SensrSvc - ok
18:30:22.0520 0568 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
18:30:22.0521 0568 Serenum - ok
18:30:22.0546 0568 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
18:30:22.0547 0568 Serial - ok
18:30:22.0574 0568 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
18:30:22.0575 0568 sermouse - ok
18:30:22.0614 0568 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
18:30:22.0617 0568 SessionEnv - ok
18:30:22.0650 0568 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
18:30:22.0650 0568 sffdisk - ok
18:30:22.0663 0568 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
18:30:22.0664 0568 sffp_mmc - ok
18:30:22.0672 0568 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
18:30:22.0673 0568 sffp_sd - ok
18:30:22.0691 0568 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
18:30:22.0692 0568 sfloppy - ok
18:30:22.0743 0568 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
18:30:22.0748 0568 SharedAccess - ok
18:30:22.0785 0568 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
18:30:22.0789 0568 ShellHWDetection - ok
18:30:22.0801 0568 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
18:30:22.0803 0568 SiSRaid2 - ok
18:30:22.0808 0568 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
18:30:22.0810 0568 SiSRaid4 - ok
18:30:22.0866 0568 [ 3E587DBBDFF938DDE5D4CE4047BE9041 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
18:30:22.0867 0568 SkypeUpdate - ok
18:30:22.0896 0568 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
18:30:22.0897 0568 Smb - ok
18:30:22.0954 0568 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
18:30:22.0956 0568 SNMPTRAP - ok
18:30:22.0972 0568 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
18:30:22.0973 0568 spldr - ok
18:30:23.0008 0568 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
18:30:23.0013 0568 Spooler - ok
18:30:23.0106 0568 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
18:30:23.0126 0568 sppsvc - ok
18:30:23.0145 0568 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
18:30:23.0148 0568 sppuinotify - ok
18:30:23.0171 0568 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
18:30:23.0174 0568 srv - ok
18:30:23.0194 0568 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
18:30:23.0197 0568 srv2 - ok
18:30:23.0208 0568 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
18:30:23.0210 0568 srvnet - ok
18:30:23.0244 0568 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
18:30:23.0248 0568 SSDPSRV - ok
18:30:23.0264 0568 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
18:30:23.0266 0568 SstpSvc - ok
18:30:23.0340 0568 [ 9E1380328C39D661E085B24D6A6E044E ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
18:30:23.0346 0568 Steam Client Service - ok
18:30:23.0376 0568 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
18:30:23.0376 0568 stexstor - ok
18:30:23.0420 0568 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
18:30:23.0425 0568 stisvc - ok
18:30:23.0444 0568 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys
18:30:23.0444 0568 swenum - ok
18:30:23.0482 0568 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
18:30:23.0489 0568 swprv - ok
18:30:23.0516 0568 [ 470C47DABA9CA3966F0AB3F835D7D135 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
18:30:23.0519 0568 SynTP - ok
18:30:23.0575 0568 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
18:30:23.0586 0568 SysMain - ok
18:30:23.0610 0568 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
18:30:23.0613 0568 TabletInputService - ok
18:30:23.0628 0568 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
18:30:23.0631 0568 TapiSrv - ok
18:30:23.0656 0568 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
18:30:23.0658 0568 TBS - ok
18:30:23.0726 0568 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\windows\system32\drivers\tcpip.sys
18:30:23.0737 0568 Tcpip - ok
18:30:23.0793 0568 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
18:30:23.0804 0568 TCPIP6 - ok
18:30:23.0829 0568 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
18:30:23.0830 0568 tcpipreg - ok
18:30:23.0848 0568 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
18:30:23.0849 0568 tdcmdpst - ok
18:30:23.0883 0568 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
18:30:23.0884 0568 TDPIPE - ok
18:30:23.0921 0568 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
18:30:23.0921 0568 TDTCP - ok
18:30:23.0966 0568 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
18:30:23.0967 0568 tdx - ok
18:30:23.0995 0568 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys
18:30:23.0996 0568 TermDD - ok
18:30:24.0020 0568 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
18:30:24.0029 0568 TermService - ok
18:30:24.0048 0568 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
18:30:24.0049 0568 Themes - ok
18:30:24.0101 0568 [ C013F6ACAA9761F571BD28DADA7C157D ] Thpdrv C:\windows\system32\DRIVERS\thpdrv.sys
18:30:24.0102 0568 Thpdrv - ok
18:30:24.0114 0568 [ B4E609047434ED948AF7BDEF2FA66E38 ] Thpevm C:\windows\system32\DRIVERS\Thpevm.SYS
18:30:24.0115 0568 Thpevm - ok
18:30:24.0149 0568 [ F6927BBA3B09AFF26A53A9191F7378F9 ] Thpsrv C:\windows\system32\ThpSrv.exe
18:30:24.0153 0568 Thpsrv - ok
18:30:24.0171 0568 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
18:30:24.0172 0568 THREADORDER - ok
18:30:24.0200 0568 [ ED32035BDFECED1AD66D459FD9CC1140 ] TODDSrv C:\windows\system32\TODDSrv.exe
18:30:24.0202 0568 TODDSrv - ok
18:30:24.0279 0568 [ 98C864481D62F86EC8AF65BE3419A95B ] TosCoSrv C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
18:30:24.0282 0568 TosCoSrv - ok
18:30:24.0322 0568 [ 74C2FA8C3765EE71A9C22182EC108457 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
18:30:24.0323 0568 TOSHIBA HDD SSD Alert Service - ok
18:30:24.0353 0568 [ 97687D094AA597DA366E1194B218CC6C ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
18:30:24.0358 0568 TPCHSrv - ok
18:30:24.0396 0568 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
18:30:24.0398 0568 TrkWks - ok
18:30:24.0442 0568 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
18:30:24.0445 0568 TrustedInstaller - ok
18:30:24.0470 0568 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
18:30:24.0471 0568 tssecsrv - ok
18:30:24.0505 0568 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
18:30:24.0506 0568 TsUsbFlt - ok
18:30:24.0545 0568 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
18:30:24.0547 0568 tunnel - ok
18:30:24.0579 0568 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
18:30:24.0580 0568 TVALZ - ok
18:30:24.0602 0568 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
18:30:24.0603 0568 TVALZFL - ok
18:30:24.0621 0568 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
18:30:24.0622 0568 uagp35 - ok
18:30:24.0662 0568 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
18:30:24.0664 0568 udfs - ok
18:30:24.0698 0568 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
18:30:24.0700 0568 UI0Detect - ok
18:30:24.0732 0568 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
18:30:24.0733 0568 uliagpkx - ok
18:30:24.0768 0568 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
18:30:24.0769 0568 umbus - ok
18:30:24.0786 0568 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
18:30:24.0786 0568 UmPass - ok
18:30:24.0875 0568 [ CC3775100ABA633984F73DFAE1F55CAE ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
18:30:24.0889 0568 UNS - ok
18:30:24.0930 0568 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
18:30:24.0934 0568 upnphost - ok
18:30:24.0963 0568 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
18:30:24.0964 0568 usbccgp - ok
18:30:24.0986 0568 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
18:30:24.0988 0568 usbcir - ok
18:30:25.0011 0568 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\drivers\usbehci.sys
18:30:25.0013 0568 usbehci - ok
18:30:25.0041 0568 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
18:30:25.0044 0568 usbhub - ok
18:30:25.0068 0568 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
18:30:25.0069 0568 usbohci - ok
18:30:25.0099 0568 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
18:30:25.0100 0568 usbprint - ok
18:30:25.0116 0568 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
18:30:25.0117 0568 USBSTOR - ok
18:30:25.0138 0568 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
18:30:25.0139 0568 usbuhci - ok
18:30:25.0172 0568 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
18:30:25.0174 0568 usbvideo - ok
18:30:25.0198 0568 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
18:30:25.0200 0568 UxSms - ok
18:30:25.0209 0568 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
18:30:25.0211 0568 VaultSvc - ok
18:30:25.0239 0568 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
18:30:25.0240 0568 vdrvroot - ok
18:30:25.0271 0568 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
18:30:25.0278 0568 vds - ok
18:30:25.0302 0568 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
18:30:25.0303 0568 vga - ok
18:30:25.0327 0568 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
18:30:25.0328 0568 VgaSave - ok
18:30:25.0365 0568 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
18:30:25.0366 0568 vhdmp - ok
18:30:25.0385 0568 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
18:30:25.0386 0568 viaide - ok
18:30:25.0409 0568 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
18:30:25.0410 0568 volmgr - ok
18:30:25.0445 0568 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
18:30:25.0448 0568 volmgrx - ok
18:30:25.0471 0568 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
18:30:25.0473 0568 volsnap - ok
18:30:25.0507 0568 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
18:30:25.0509 0568 vsmraid - ok
18:30:25.0566 0568 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
18:30:25.0583 0568 VSS - ok
18:30:25.0599 0568 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
18:30:25.0600 0568 vwifibus - ok
18:30:25.0636 0568 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
18:30:25.0637 0568 vwififlt - ok
18:30:25.0671 0568 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
18:30:25.0676 0568 W32Time - ok
18:30:25.0697 0568 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
18:30:25.0698 0568 WacomPen - ok
18:30:25.0733 0568 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
18:30:25.0735 0568 WANARP - ok
18:30:25.0739 0568 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
18:30:25.0741 0568 Wanarpv6 - ok
18:30:25.0815 0568 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
18:30:25.0829 0568 WatAdminSvc - ok
18:30:25.0891 0568 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
18:30:25.0907 0568 wbengine - ok
18:30:25.0931 0568 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
18:30:25.0936 0568 WbioSrvc - ok
18:30:25.0967 0568 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
18:30:25.0973 0568 wcncsvc - ok
18:30:26.0005 0568 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
18:30:26.0007 0568 WcsPlugInService - ok
18:30:26.0047 0568 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys
18:30:26.0047 0568 Wd - ok
18:30:26.0084 0568 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
18:30:26.0089 0568 Wdf01000 - ok
18:30:26.0106 0568 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
18:30:26.0109 0568 WdiServiceHost - ok
18:30:26.0112 0568 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
18:30:26.0115 0568 WdiSystemHost - ok
18:30:26.0137 0568 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
18:30:26.0141 0568 WebClient - ok
18:30:26.0164 0568 [ D5BA7D43FA2EF656BF7E98A188391E40 ] Wecsvc C:\windows\system32\wecsvc.dll
18:30:26.0168 0568 Wecsvc - ok
18:30:26.0182 0568 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
18:30:26.0184 0568 wercplsupport - ok
18:30:26.0214 0568 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
18:30:26.0216 0568 WerSvc - ok
18:30:26.0244 0568 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
18:30:26.0245 0568 WfpLwf - ok
18:30:26.0261 0568 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
18:30:26.0262 0568 WIMMount - ok
18:30:26.0288 0568 WinDefend - ok
18:30:26.0301 0568 WinHttpAutoProxySvc - ok
18:30:26.0361 0568 [ 136760C1E9697BAF4ECDEAE5590A0806 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
18:30:26.0363 0568 Winmgmt - ok
18:30:26.0457 0568 [ 0C0195C48B6B8582FA6F6373032118DA ] WinRing0_1_2_0 C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys
18:30:26.0459 0568 WinRing0_1_2_0 - ok
18:30:26.0537 0568 [ 3BB6B401A780BF434C8F58137DE10BF7 ] WinRM C:\windows\system32\WsmSvc.dll
18:30:26.0594 0568 WinRM - ok
18:30:26.0648 0568 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
18:30:26.0649 0568 WinUsb - ok
18:30:26.0689 0568 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
18:30:26.0696 0568 Wlansvc - ok
18:30:26.0792 0568 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:30:26.0805 0568 wlidsvc - ok
18:30:26.0823 0568 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
18:30:26.0824 0568 WmiAcpi - ok
18:30:26.0863 0568 [ 4DF841632B62A7CF19A79A05046A8AB1 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
18:30:26.0866 0568 wmiApSrv - ok
18:30:26.0897 0568 WMPNetworkSvc - ok
18:30:26.0919 0568 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
18:30:26.0921 0568 WPCSvc - ok
18:30:26.0937 0568 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
18:30:26.0940 0568 WPDBusEnum - ok
18:30:26.0964 0568 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
18:30:26.0965 0568 ws2ifsl - ok
18:30:26.0984 0568 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\system32\wscsvc.dll
18:30:26.0987 0568 wscsvc - ok
18:30:26.0991 0568 WSearch - ok
18:30:27.0056 0568 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
18:30:27.0081 0568 wuauserv - ok
18:30:27.0109 0568 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
18:30:27.0110 0568 WudfPf - ok
18:30:27.0134 0568 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
18:30:27.0137 0568 WUDFRd - ok
18:30:27.0170 0568 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
18:30:27.0174 0568 wudfsvc - ok
18:30:27.0204 0568 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\windows\System32\wwansvc.dll
18:30:27.0208 0568 WwanSvc - ok
18:30:27.0303 0568 X6va012 - ok
18:30:27.0323 0568 ================ Scan global ===============================
18:30:27.0345 0568 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
18:30:27.0376 0568 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll
18:30:27.0382 0568 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll
18:30:27.0404 0568 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
18:30:27.0436 0568 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
18:30:27.0439 0568 [Global] - ok
18:30:27.0439 0568 ================ Scan MBR ==================================
18:30:27.0448 0568 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
18:30:27.0603 0568 \Device\Harddisk0\DR0 - ok
18:30:27.0603 0568 ================ Scan VBR ==================================
18:30:27.0618 0568 [ CDBD583231A11B66126FF64C602B7797 ] \Device\Harddisk0\DR0\Partition1
18:30:27.0620 0568 \Device\Harddisk0\DR0\Partition1 - ok
18:30:27.0620 0568 ============================================================
18:30:27.0620 0568 Scan finished
18:30:27.0620 0568 ============================================================
18:30:27.0629 5860 Detected object count: 0
18:30:27.0629 5860 Actual detected object count: 0
18:31:09.0383 5820 Deinitialize success

Příspěvekod **memphisto** » 31 črc 2013 20:48

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.

ondrej.nosek · Příspěvekod **ondrej.nosek** » 31 črc 2013 21:45

ComboFix 13-07-31.02 - Slender 31.07.2013 21:36:00.4.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3955.2749 [GMT 2:00]
Spuštěný z: c:\users\Slender\Desktop\ComboFix.exe
AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\frapsvid.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-06-28 do 2013-07-31 )))))))))))))))))))))))))))))))
.
.
2013-07-31 19:42 . 2013-07-31 19:42 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-07-31 15:54 . 2013-07-31 15:54 -------- d-----w- c:\windows\ERUNT
2013-07-31 15:39 . 2013-07-31 15:39 -------- d-----w- c:\users\Slender\AppData\Local\Adobe
2013-07-31 15:11 . 2013-07-31 15:11 -------- d-----w- c:\users\Slender\AppData\Roaming\Malwarebytes
2013-07-31 15:11 . 2013-07-31 15:11 -------- d-----w- c:\programdata\Malwarebytes
2013-07-31 15:11 . 2013-07-31 15:11 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-07-31 15:11 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-07-30 12:29 . 2013-07-30 12:32 -------- d-----w- c:\program files (x86)\Minecraft 1.6.2 original
2013-07-29 19:59 . 2013-07-30 12:31 -------- d-----w- c:\users\Slender\AppData\Roaming\.minecraft
2013-07-19 23:51 . 2013-07-19 23:51 311608 ----a-w- c:\windows\system32\drivers\avgloga.sys
2013-07-19 23:50 . 2013-07-19 23:50 71480 ----a-w- c:\windows\system32\drivers\avgidsha.sys
2013-07-19 23:50 . 2013-07-19 23:50 246072 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
2013-07-19 23:50 . 2013-07-19 23:50 206648 ----a-w- c:\windows\system32\drivers\avgldx64.sys
2013-07-17 15:13 . 2013-07-17 15:13 -------- d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
2013-07-17 15:13 . 2013-07-17 15:13 -------- d-----w- c:\windows\SysWow64\xlive
2013-07-17 15:11 . 2008-07-12 06:18 540688 ----a-w- c:\windows\system32\d3dx10_39.dll
2013-07-17 15:11 . 2008-07-12 06:18 1942552 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2013-07-17 15:11 . 2008-07-12 06:18 4992520 ----a-w- c:\windows\system32\D3DX9_39.dll
2013-07-16 13:13 . 2013-07-16 13:13 -------- d-----w- c:\users\Slender\AppData\Local\CRE
2013-07-11 17:24 . 2013-07-11 17:24 -------- d-----w- c:\programdata\3DMGAME
2013-07-10 13:35 . 2013-07-10 13:37 -------- d-----w- c:\windows\system32\MRT
2013-07-10 11:24 . 2013-05-27 05:50 1011712 ----a-w- c:\program files\Windows Defender\MpSvc.dll
2013-07-10 11:24 . 2013-05-27 05:50 571904 ----a-w- c:\program files\Windows Defender\MpClient.dll
2013-07-10 11:24 . 2013-05-27 05:50 314880 ----a-w- c:\program files\Windows Defender\MpCommu.dll
2013-07-10 11:24 . 2013-05-27 04:57 4608 ----a-w- c:\program files (x86)\Windows Defender\MsMpLics.dll
2013-07-10 11:24 . 2013-05-27 04:57 54784 ----a-w- c:\program files (x86)\Windows Defender\MpOAV.dll
2013-07-10 11:24 . 2013-05-27 04:57 392704 ----a-w- c:\program files (x86)\Windows Defender\MpClient.dll
2013-07-10 11:24 . 2013-05-27 03:15 9216 ----a-w- c:\program files (x86)\Windows Defender\MpAsDesc.dll
2013-07-10 11:24 . 2013-06-04 06:00 624128 ----a-w- c:\windows\system32\qedit.dll
2013-07-10 11:24 . 2013-06-04 04:53 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2013-07-10 11:24 . 2013-05-06 06:03 1887744 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-10 11:24 . 2013-05-06 04:56 1620480 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-07-10 11:22 . 2013-04-10 05:48 1732608 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2013-07-10 11:22 . 2013-04-10 05:46 1393152 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2013-07-10 11:22 . 2013-04-10 05:46 1367040 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-10 11:22 . 2013-04-10 05:46 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2013-07-10 11:22 . 2013-04-10 05:03 936448 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-10 11:22 . 2013-06-05 03:34 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-07-10 11:22 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-07-10 11:22 . 2013-04-02 22:51 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-07-09 23:32 . 2013-07-09 23:32 45880 ----a-w- c:\windows\system32\drivers\avgrkx64.sys
2013-07-02 20:20 . 2013-07-02 20:20 -------- d-----w- c:\program files (x86)\AGEIA Technologies
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-31 15:40 . 2013-07-31 15:40 568334 ----a-w- c:\windows\inf\msodoy\msodoy.exe
2013-07-29 19:43 . 2012-12-04 17:13 283032 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-07-29 19:43 . 2012-12-04 16:28 283032 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-07-18 08:09 . 2013-03-16 11:25 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-18 08:09 . 2013-03-16 11:25 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-07-17 17:45 . 2009-08-18 10:49 564632 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2013-07-17 17:44 . 2009-08-18 09:24 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-06-30 23:45 . 2013-06-30 23:45 116536 ----a-w- c:\windows\system32\drivers\avgmfx64.sys
2013-06-26 11:59 . 2012-12-04 16:28 283032 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-06-25 17:09 . 2012-12-04 16:28 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-06-25 16:42 . 2013-06-25 16:51 3130440 ----a-w- c:\windows\SysWow64\pbsvc_blr.exe
2013-06-23 22:57 . 2012-11-21 19:06 78277128 ----a-w- c:\windows\system32\MRT.exe
2013-06-21 12:06 . 2013-02-20 00:45 15920536 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-06-21 12:06 . 2012-11-22 13:25 61216 ----a-w- c:\windows\system32\OpenCL.dll
2013-06-21 12:06 . 2012-11-22 13:25 53024 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-06-21 12:06 . 2010-05-05 18:24 2936208 ----a-w- c:\windows\system32\nvapi64.dll
2013-06-21 10:23 . 2010-05-05 08:45 6496544 ----a-w- c:\windows\system32\nvcpl.dll
2013-06-21 10:23 . 2010-05-05 08:45 3514656 ----a-w- c:\windows\system32\nvsvc64.dll
2013-06-21 10:23 . 2010-05-05 08:45 884512 ----a-w- c:\windows\system32\nvvsvc.exe
2013-06-21 10:23 . 2010-05-05 08:45 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-06-21 10:23 . 2010-05-05 08:45 2555680 ----a-w- c:\windows\system32\nvsvcr.dll
2013-06-21 10:23 . 2010-05-05 08:45 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-06-12 19:48 . 2012-11-22 07:33 867240 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2013-06-12 19:48 . 2012-11-22 07:33 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-06-12 19:47 . 2013-06-18 20:42 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-11 19:35 . 2013-06-11 18:35 9089416 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-06-07 11:45 . 2013-07-30 12:29 84992 --s-a-w- c:\windows\inf\msodoy\zlib1.dll
2013-06-07 11:45 . 2013-07-30 12:29 612352 --s-a-w- c:\windows\inf\msodoy\libcurl.dll
2013-06-07 11:45 . 2013-07-30 12:29 364544 --s-a-w- c:\windows\inf\msodoy\ssleay32.dll
2013-06-07 11:45 . 2013-07-30 12:29 279955 --s-a-w- c:\windows\inf\msodoy\libidn-11.dll
2013-06-07 11:45 . 2013-07-30 12:29 183382 --s-a-w- c:\windows\inf\msodoy\librtmp.dll
2013-06-07 11:45 . 2013-07-30 12:29 171008 --s-a-w- c:\windows\inf\msodoy\libssh2.dll
2013-06-07 11:45 . 2013-07-30 12:29 1704448 --s-a-w- c:\windows\inf\msodoy\libeay32.dll
2013-06-07 11:45 . 2013-07-30 12:29 110094 --s-a-w- c:\windows\inf\msodoy\libusb-1.0.dll
2013-05-13 05:51 . 2013-06-11 19:22 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-05-13 05:51 . 2013-06-11 19:22 1464320 ----a-w- c:\windows\system32\crypt32.dll
2013-05-13 05:51 . 2013-06-11 19:22 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-05-13 05:50 . 2013-06-11 19:22 52224 ----a-w- c:\windows\system32\certenc.dll
2013-05-13 04:45 . 2013-06-11 19:22 1160192 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-05-13 04:45 . 2013-06-11 19:22 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-05-13 04:45 . 2013-06-11 19:22 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-05-13 03:43 . 2013-06-11 19:22 1192448 ----a-w- c:\windows\system32\certutil.exe
2013-05-13 03:08 . 2013-06-11 19:22 903168 ----a-w- c:\windows\SysWow64\certutil.exe
2013-05-13 03:08 . 2013-06-11 19:22 43008 ----a-w- c:\windows\SysWow64\certenc.dll
2013-05-12 21:42 . 2013-05-23 20:55 1832224 ----a-w- c:\windows\system32\nvdispco6432018.dll
2013-05-12 21:42 . 2013-05-23 20:55 1511712 ----a-w- c:\windows\system32\nvdispgenco6432018.dll
2013-05-10 05:49 . 2013-06-11 19:22 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-05-10 03:20 . 2013-06-11 19:22 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2013-05-08 06:39 . 2013-06-11 19:22 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2012-11-22 3093624]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NBAgent"="c:\program files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe" [2010-03-08 1086760]
"SVPWUTIL"="c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" [2010-02-22 352256]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2010-03-04 423936]
"KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2009-12-25 34160]
"TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-02-24 2454840]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-06-30 4411440]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"NtVdmSrv"="c:\windows\inf\ntvdm.vbe" [2013-06-20 1219]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 acpials;Filtr zařízení ALS Sensor;c:\windows\system32\DRIVERS\acpials.sys;c:\windows\SYSNATIVE\DRIVERS\acpials.sys [x]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
R3 X6va012;X6va012;c:\windows\SysWOW64\Drivers\X6va012;c:\windows\SysWOW64\Drivers\X6va012 [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\DRIVERS\thpdrv.sys;c:\windows\SYSNATIVE\DRIVERS\thpdrv.sys [x]
S0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\DRIVERS\Thpevm.SYS;c:\windows\SYSNATIVE\DRIVERS\Thpevm.SYS [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [x]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [x]
S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [x]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys;c:\windows\SYSNATIVE\DRIVERS\enecir.sys [x]
S3 enecirhid;ENE CIR HID Receiver;c:\windows\system32\DRIVERS\enecirhid.sys;c:\windows\SYSNATIVE\DRIVERS\enecirhid.sys [x]
S3 enecirhidma;ENE CIR HIDmini Filter;c:\windows\system32\DRIVERS\enecirhidma.sys;c:\windows\SYSNATIVE\DRIVERS\enecirhidma.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192se.sys [x]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-01 17:23 1607120 ----a-w- c:\program files (x86)\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-07-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-16 08:09]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ThpSrv"="c:\windows\system32\thpsrv" [X]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-05 709976]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaReminder.exe" [2010-04-19 136136]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-03-29 13513288]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.100.252
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-HSON - c:\program files (x86)\TOSHIBA\TBS\HSON.exe
HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe
HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
HKLM-Run-SmartFaceVWatcher - c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_blr.exe
AddRemove-Search Protection - c:\users\Slender\AppData\Roaming\Search Protection\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va012]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va012"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
Celkový čas: 2013-07-31 21:44:55
ComboFix-quarantined-files.txt 2013-07-31 19:44
.
Před spuštěním: Volných bajtů: 272 296 574 976
Po spuštění: Volných bajtů: 272 223 567 872
.
- - End Of File - - FF5BF88A0FDB332C7569A686BD5D1256
D41D8CD98F00B204E9800998ECF8427E

Příspěvekod **jaro3** » 31 črc 2013 22:17

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
c:\windows\SysWOW64\Drivers\X6va012

Folder::
c:\program files (x86)\Skype\Updater

Driver::
SkypeUpdate
X6va012

Registry::
[-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va012]

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

RegLockDel::
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Prosím o kontrolu logu Vyřešeno

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Kdo je online