Prosím o kontrolu logu

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

petowl
nováček
Příspěvky: 9
Registrován: červenec 13
Pohlaví: Muž
Stav:
Offline

Prosím o kontrolu logu

Příspěvekod petowl » 22 srp 2013 22:01

Ahoj, prosím o překontrolování logu :)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:55:15, on 22.8.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files (x86)\Opera\15.0.1147.153\opera.exe
C:\Program Files (x86)\Opera\15.0.1147.153\opera_crashreporter.exe
C:\Program Files (x86)\Opera\15.0.1147.153\opera.exe
C:\Program Files (x86)\Opera\15.0.1147.153\opera.exe
C:\Program Files (x86)\Opera\15.0.1147.153\opera.exe
C:\Program Files (x86)\Opera\15.0.1147.153\opera.exe
C:\Program Files (x86)\Opera\15.0.1147.153\opera.exe
C:\Program Files (x86)\Opera\15.0.1147.153\opera.exe
C:\Program Files (x86)\Opera\15.0.1147.153\opera.exe
C:\Program Files (x86)\Opera\15.0.1147.153\opera.exe
C:\Program Files (x86)\Opera\15.0.1147.153\opera.exe
C:\Program Files (x86)\Opera\15.0.1147.153\opera.exe
C:\Program Files (x86)\Opera\15.0.1147.153\opera.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
O4 - HKLM\..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOSHIBA Online Product Information] C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ABBYY FineReader 11 CE Licensing Service (ABBYY.Licensing.FineReader.Corporate.11.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ArcGIS License Manager - Acresso Software Inc. - C:\PROGRA~2\ESRI\License\arcgis9x\lmgrd.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Gadget Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Soluto Launcher Service (SolutoLauncherService) - Soluto - C:\Program Files\Soluto\SolutoLauncherService.exe
O23 - Service: Soluto Remote Service (SolutoRemoteService) - Soluto - C:\Program Files\Soluto\SolutoRemoteService.exe
O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: Ochrana HDD TOSHIBA (Thpsrv) - Unknown owner - C:\Windows\system32\ThpSrv.exe (file missing)
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10552 bytes

Díky vám!

Reklama
Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod memphisto » 22 srp 2013 22:16

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji

petowl
nováček
Příspěvky: 9
Registrován: červenec 13
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod petowl » 23 srp 2013 08:57

Tak mbam nic:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.08.22.10

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514

23.8.2013 8:38:21
mbam-log-2013-08-23 (08-38-21).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 232149
Time elapsed: 5 minute(s), 53 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

a AdwCleaner:
# AdwCleaner v3.000 - Report created 23/08/2013 at 08:51:05
# Updated 20/08/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Running from : C:\Users\Petr\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Found C:\ProgramData\Partner

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_photofiltre_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_photofiltre_RASMANCS

***** [ Browsers ] *****

-\\ Internet Explorer v0.0.0.0


*************************

AdwCleaner[R0].txt - [1255 octets] - [23/08/2013 08:51:05]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1315 octets] ##########

Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod memphisto » 23 srp 2013 10:10

V adw nech vše smazat a dodej log po smazání

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit

-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji

petowl
nováček
Příspěvky: 9
Registrován: červenec 13
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod petowl » 23 srp 2013 10:57

Log AdwCleaneru po čištění:
# AdwCleaner v3.000 - Report created 23/08/2013 at 10:31:43
# Updated 20/08/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Running from : C:\Users\Petr\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Partner

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_photofiltre_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_photofiltre_RASMANCS
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\Conduit

***** [ Browsers ] *****

-\\ Internet Explorer v0.0.0.0


*************************

AdwCleaner[R0].txt - [1407 octets] - [23/08/2013 08:51:05]
AdwCleaner[R1].txt - [1467 octets] - [23/08/2013 10:30:24]
AdwCleaner[S0].txt - [1274 octets] - [23/08/2013 10:31:43]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1334 octets] ##########

Rogue:
RogueKiller V8.6.6 _x64_ [Aug 19 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Petr [Práva správce]
Mód : Kontrola -- Datum : 08/23/2013 10:40:05
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[PROXY IE] HKCU\[...]\Internet Settings : ProxyEnable (1) -> NALEZENO
[HJ SMENU] HKCU\[...]\Advanced : Start_TrackProgs (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 1 ¤¤¤
[V2][SUSP PATH] Google Updater and Installer : C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe - /c [x] -> NALEZENO

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK5055GSX +++++
--- User ---
[MBR] 6dadc571a5ea2387aafe280db32ea223
[BSP] 2114946adfdcb4405421254a902b5add : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 400 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 821248 | Size: 238470 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 489207808 | Size: 238069 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_08232013_104005.txt >>


JRT Log:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.4 (08.22.2013:1)
OS: Windows 7 Home Premium x64
Ran by Petr on p  23.08.2013 at 10:44:30,46
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASMANCS



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Petr\AppData\Roaming\goforfiles"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p  23.08.2013 at 10:50:47,61
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod memphisto » 23 srp 2013 13:55

Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání- Finished "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji

petowl
nováček
Příspěvky: 9
Registrován: červenec 13
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod petowl » 23 srp 2013 15:09

RogueKiller V8.6.6 _x64_ [Aug 19 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Petr [Práva správce]
Mód : Odebrat -- Datum : 08/23/2013 14:58:04
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 5 ¤¤¤
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ SMENU] HKCU\[...]\Advanced : Start_TrackProgs (0) -> NAHRAZENO (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 1 ¤¤¤
[V2][SUSP PATH] Google Updater and Installer : C:\Users\Petr\AppData\Local\Google\Update\GoogleUpdate.exe - /c [x] -> VYMAZÁNO

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK5055GSX +++++
--- User ---
[MBR] 6dadc571a5ea2387aafe280db32ea223
[BSP] 2114946adfdcb4405421254a902b5add : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 400 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 821248 | Size: 238470 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 489207808 | Size: 238069 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_08232013_145804.txt >>
RKreport[0]_S_08232013_104005.txt;RKreport[0]_S_08232013_145750.txt

petowl
nováček
Příspěvky: 9
Registrován: červenec 13
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod petowl » 23 srp 2013 15:11

První půlka logu z TDSS:

15:03:12.0895 4464 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:03:13.0769 4464 ============================================================
15:03:13.0769 4464 Current date / time: 2013/08/23 15:03:13.0769
15:03:13.0769 4464 SystemInfo:
15:03:13.0769 4464
15:03:13.0769 4464 OS Version: 6.1.7601 ServicePack: 1.0
15:03:13.0769 4464 Product type: Workstation
15:03:13.0769 4464 ComputerName: PETPAJ
15:03:13.0785 4464 UserName: Petr
15:03:13.0785 4464 Windows directory: C:\Windows
15:03:13.0785 4464 System windows directory: C:\Windows
15:03:13.0785 4464 Running under WOW64
15:03:13.0785 4464 Processor architecture: Intel x64
15:03:13.0785 4464 Number of processors: 2
15:03:13.0785 4464 Page size: 0x1000
15:03:13.0785 4464 Boot type: Normal boot
15:03:13.0785 4464 ============================================================
15:03:14.0393 4464 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:03:14.0409 4464 ============================================================
15:03:14.0409 4464 \Device\Harddisk0\DR0:
15:03:14.0409 4464 MBR partitions:
15:03:14.0409 4464 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xC8800, BlocksNum 0x1D1C3000
15:03:14.0409 4464 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D28B800, BlocksNum 0x1D0FA800
15:03:14.0409 4464 ============================================================
15:03:14.0424 4464 C: <-> \Device\Harddisk0\DR0\Partition1
15:03:14.0471 4464 D: <-> \Device\Harddisk0\DR0\Partition2
15:03:14.0471 4464 ============================================================
15:03:14.0471 4464 Initialize success
15:03:14.0471 4464 ============================================================
15:03:47.0309 4196 ============================================================
15:03:47.0309 4196 Scan started
15:03:47.0309 4196 Mode: Manual;
15:03:47.0309 4196 ============================================================
15:03:47.0543 4196 ================ Scan system memory ========================
15:03:47.0543 4196 System memory - ok
15:03:47.0543 4196 ================ Scan services =============================
15:03:47.0684 4196 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:03:47.0684 4196 1394ohci - ok
15:03:47.0746 4196 [ 7546427637E4BDFFF6F0E53C39DD844B ] ABBYY.Licensing.FineReader.Corporate.11.0 C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe
15:03:47.0746 4196 ABBYY.Licensing.FineReader.Corporate.11.0 - ok
15:03:47.0777 4196 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:03:47.0777 4196 ACPI - ok
15:03:47.0824 4196 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:03:47.0824 4196 AcpiPmi - ok
15:03:47.0855 4196 [ 2F0683FD2DF1D92E891CACA14B45A8C1 ] adfs C:\Windows\system32\drivers\adfs.sys
15:03:47.0855 4196 adfs - ok
15:03:47.0964 4196 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:03:47.0964 4196 AdobeARMservice - ok
15:03:48.0011 4196 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:03:48.0011 4196 adp94xx - ok
15:03:48.0027 4196 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:03:48.0027 4196 adpahci - ok
15:03:48.0058 4196 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:03:48.0058 4196 adpu320 - ok
15:03:48.0105 4196 [ 1FE2BA15E16FA1B9A33618B4FA105151 ] adusbser C:\Windows\system32\DRIVERS\adusbser.sys
15:03:48.0105 4196 adusbser - ok
15:03:48.0152 4196 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:03:48.0152 4196 AeLookupSvc - ok
15:03:48.0198 4196 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:03:48.0198 4196 AFD - ok
15:03:48.0245 4196 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:03:48.0261 4196 agp440 - ok
15:03:48.0292 4196 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:03:48.0292 4196 ALG - ok
15:03:48.0308 4196 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:03:48.0308 4196 aliide - ok
15:03:48.0308 4196 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:03:48.0323 4196 amdide - ok
15:03:48.0354 4196 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:03:48.0354 4196 AmdK8 - ok
15:03:48.0370 4196 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:03:48.0386 4196 AmdPPM - ok
15:03:48.0417 4196 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:03:48.0417 4196 amdsata - ok
15:03:48.0448 4196 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:03:48.0448 4196 amdsbs - ok
15:03:48.0464 4196 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:03:48.0464 4196 amdxata - ok
15:03:48.0495 4196 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:03:48.0510 4196 AppID - ok
15:03:48.0526 4196 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:03:48.0526 4196 AppIDSvc - ok
15:03:48.0573 4196 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
15:03:48.0573 4196 Appinfo - ok
15:03:48.0604 4196 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
15:03:48.0604 4196 arc - ok
15:03:48.0713 4196 [ 338DEABD788009F2D043D3080E29930D ] ArcGIS License Manager C:\PROGRA~2\ESRI\License\arcgis9x\lmgrd.exe
15:03:48.0729 4196 ArcGIS License Manager - ok
15:03:48.0744 4196 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:03:48.0744 4196 arcsas - ok
15:03:48.0854 4196 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:03:48.0900 4196 aspnet_state - ok
15:03:48.0932 4196 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:03:48.0932 4196 AsyncMac - ok
15:03:48.0963 4196 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:03:48.0994 4196 atapi - ok
15:03:49.0072 4196 [ DE9FB3DADE8FD39AE2C587DF22D36B8E ] athr C:\Windows\system32\DRIVERS\athrx.sys
15:03:49.0103 4196 athr - ok
15:03:49.0150 4196 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:03:49.0150 4196 AudioEndpointBuilder - ok
15:03:49.0166 4196 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:03:49.0166 4196 AudioSrv - ok
15:03:49.0212 4196 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:03:49.0212 4196 AxInstSV - ok
15:03:49.0244 4196 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
15:03:49.0244 4196 b06bdrv - ok
15:03:49.0275 4196 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:03:49.0290 4196 b57nd60a - ok
15:03:49.0306 4196 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:03:49.0306 4196 BDESVC - ok
15:03:49.0337 4196 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:03:49.0337 4196 Beep - ok
15:03:49.0384 4196 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
15:03:49.0400 4196 BFE - ok
15:03:49.0431 4196 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
15:03:49.0446 4196 BITS - ok
15:03:49.0462 4196 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:03:49.0462 4196 blbdrive - ok
15:03:49.0493 4196 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:03:49.0493 4196 bowser - ok
15:03:49.0524 4196 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:03:49.0524 4196 BrFiltLo - ok
15:03:49.0524 4196 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:03:49.0524 4196 BrFiltUp - ok
15:03:49.0571 4196 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:03:49.0571 4196 Browser - ok
15:03:49.0587 4196 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:03:49.0587 4196 Brserid - ok
15:03:49.0618 4196 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:03:49.0649 4196 BrSerWdm - ok
15:03:49.0665 4196 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:03:49.0665 4196 BrUsbMdm - ok
15:03:49.0665 4196 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:03:49.0665 4196 BrUsbSer - ok
15:03:49.0680 4196 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:03:49.0680 4196 BTHMODEM - ok
15:03:49.0712 4196 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:03:49.0712 4196 bthserv - ok
15:03:49.0743 4196 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:03:49.0743 4196 cdfs - ok
15:03:49.0774 4196 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:03:49.0790 4196 cdrom - ok
15:03:49.0805 4196 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:03:49.0821 4196 CertPropSvc - ok
15:03:49.0883 4196 [ 837FF2D497880198C918E6954DBD170C ] cfWiMAXService C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
15:03:49.0883 4196 cfWiMAXService - ok
15:03:49.0914 4196 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:03:49.0914 4196 circlass - ok
15:03:49.0946 4196 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:03:49.0977 4196 CLFS - ok
15:03:50.0024 4196 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:03:50.0039 4196 clr_optimization_v2.0.50727_32 - ok
15:03:50.0070 4196 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:03:50.0070 4196 clr_optimization_v2.0.50727_64 - ok
15:03:50.0148 4196 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:03:50.0211 4196 clr_optimization_v4.0.30319_32 - ok
15:03:50.0226 4196 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:03:50.0273 4196 clr_optimization_v4.0.30319_64 - ok
15:03:50.0304 4196 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:03:50.0320 4196 CmBatt - ok
15:03:50.0367 4196 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:03:50.0367 4196 cmdide - ok
15:03:50.0414 4196 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
15:03:50.0414 4196 CNG - ok
15:03:50.0445 4196 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:03:50.0445 4196 Compbatt - ok
15:03:50.0492 4196 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:03:50.0492 4196 CompositeBus - ok
15:03:50.0492 4196 COMSysApp - ok
15:03:50.0538 4196 [ D252C53BCDFC199BBA55EEB10CDB266E ] ConfigFree Gadget Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
15:03:50.0538 4196 ConfigFree Gadget Service - ok
15:03:50.0570 4196 [ CAB0EEAF5295FC96DDD3E19DCE27E131 ] ConfigFree Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
15:03:50.0570 4196 ConfigFree Service - ok
15:03:50.0601 4196 cpuz136 - ok
15:03:50.0632 4196 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:03:50.0632 4196 crcdisk - ok
15:03:50.0679 4196 [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:03:50.0679 4196 CryptSvc - ok
15:03:50.0726 4196 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:03:50.0741 4196 DcomLaunch - ok
15:03:50.0772 4196 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:03:50.0772 4196 defragsvc - ok
15:03:50.0819 4196 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:03:50.0819 4196 DfsC - ok
15:03:50.0850 4196 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:03:50.0866 4196 Dhcp - ok
15:03:50.0882 4196 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:03:50.0928 4196 discache - ok
15:03:50.0928 4196 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:03:50.0928 4196 Disk - ok
15:03:50.0975 4196 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:03:50.0975 4196 Dnscache - ok
15:03:51.0006 4196 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:03:51.0022 4196 dot3svc - ok
15:03:51.0069 4196 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:03:51.0069 4196 DPS - ok
15:03:51.0084 4196 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:03:51.0084 4196 drmkaud - ok
15:03:51.0147 4196 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:03:51.0147 4196 DXGKrnl - ok
15:03:51.0178 4196 [ 85E3ED13EC107A20D9B018328E0C9737 ] eamon C:\Windows\system32\DRIVERS\eamon.sys
15:03:51.0178 4196 eamon - ok
15:03:51.0209 4196 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:03:51.0209 4196 EapHost - ok
15:03:51.0303 4196 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
15:03:51.0318 4196 ebdrv - ok
15:03:51.0350 4196 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:03:51.0365 4196 EFS - ok
15:03:51.0396 4196 [ 518FB66D5E21B2C246F96C1D9153CADC ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
15:03:51.0396 4196 ehdrv - ok
15:03:51.0459 4196 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:03:51.0459 4196 ehRecvr - ok
15:03:51.0506 4196 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:03:51.0506 4196 ehSched - ok
15:03:51.0568 4196 [ 10511409572F32276688FAF184E78008 ] EhttpSrv C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
15:03:51.0568 4196 EhttpSrv - ok
15:03:51.0615 4196 [ 3543C6195D5ED4EDA0316D3E1BA0E6EE ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
15:03:51.0615 4196 ekrn - ok
15:03:51.0646 4196 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:03:51.0662 4196 elxstor - ok
15:03:51.0677 4196 [ 60643217107FD0DD2D11D0936F86506F ] epfwwfpr C:\Windows\system32\DRIVERS\epfwwfpr.sys
15:03:51.0677 4196 epfwwfpr - ok
15:03:51.0693 4196 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:03:51.0693 4196 ErrDev - ok
15:03:51.0755 4196 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:03:51.0755 4196 EventSystem - ok
15:03:51.0786 4196 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:03:51.0786 4196 exfat - ok
15:03:51.0818 4196 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:03:51.0849 4196 fastfat - ok
15:03:51.0896 4196 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:03:51.0896 4196 Fax - ok
15:03:51.0911 4196 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:03:51.0942 4196 fdc - ok
15:03:51.0989 4196 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:03:51.0989 4196 fdPHost - ok
15:03:51.0989 4196 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:03:51.0989 4196 FDResPub - ok
15:03:52.0005 4196 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:03:52.0005 4196 FileInfo - ok
15:03:52.0020 4196 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:03:52.0020 4196 Filetrace - ok
15:03:52.0098 4196 [ 64AB6F28047744B9B19C97459C2AB31B ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
15:03:52.0114 4196 FLEXnet Licensing Service 64 - ok
15:03:52.0145 4196 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:03:52.0145 4196 flpydisk - ok
15:03:52.0176 4196 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:03:52.0176 4196 FltMgr - ok
15:03:52.0270 4196 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
15:03:52.0286 4196 FontCache - ok
15:03:52.0348 4196 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:03:52.0348 4196 FontCache3.0.0.0 - ok
15:03:52.0379 4196 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:03:52.0379 4196 FsDepends - ok
15:03:52.0426 4196 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:03:52.0426 4196 Fs_Rec - ok
15:03:52.0457 4196 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:03:52.0457 4196 fvevol - ok
15:03:52.0473 4196 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:03:52.0473 4196 gagp30kx - ok
15:03:52.0488 4196 GGSAFERDriver - ok
15:03:52.0535 4196 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:03:52.0535 4196 gpsvc - ok
15:03:52.0613 4196 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:03:52.0613 4196 gupdate - ok
15:03:52.0629 4196 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:03:52.0629 4196 gupdatem - ok
15:03:52.0660 4196 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
15:03:52.0660 4196 hamachi - ok
15:03:52.0769 4196 [ 3832D6353272000BD48C4748B386A786 ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
15:03:52.0785 4196 Hamachi2Svc - ok
15:03:52.0816 4196 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:03:52.0816 4196 hcw85cir - ok
15:03:52.0863 4196 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:03:52.0863 4196 HdAudAddService - ok
15:03:52.0878 4196 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:03:52.0878 4196 HDAudBus - ok
15:03:52.0910 4196 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:03:52.0910 4196 HidBatt - ok
15:03:52.0925 4196 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:03:52.0925 4196 HidBth - ok
15:03:52.0956 4196 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:03:52.0956 4196 HidIr - ok
15:03:52.0988 4196 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
15:03:52.0988 4196 hidserv - ok
15:03:53.0019 4196 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:03:53.0019 4196 HidUsb - ok
15:03:53.0066 4196 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:03:53.0066 4196 hkmsvc - ok
15:03:53.0112 4196 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:03:53.0112 4196 HomeGroupListener - ok
15:03:53.0144 4196 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:03:53.0159 4196 HomeGroupProvider - ok
15:03:53.0190 4196 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:03:53.0190 4196 HpSAMD - ok
15:03:53.0253 4196 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:03:53.0268 4196 HTTP - ok
15:03:53.0315 4196 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:03:53.0315 4196 hwpolicy - ok
15:03:53.0346 4196 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:03:53.0346 4196 i8042prt - ok
15:03:53.0378 4196 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
15:03:53.0378 4196 iaStor - ok
15:03:53.0424 4196 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:03:53.0424 4196 iaStorV - ok
15:03:53.0502 4196 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:03:53.0502 4196 IDriverT - ok
15:03:53.0565 4196 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:03:53.0565 4196 idsvc - ok
15:03:53.0705 4196 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
15:03:53.0752 4196 igfx - ok
15:03:53.0768 4196 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:03:53.0768 4196 iirsp - ok
15:03:53.0814 4196 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:03:53.0830 4196 IKEEXT - ok
15:03:53.0892 4196 [ 0C3CF4B3BAE28E121A1689E3538F8712 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:03:53.0908 4196 IntcAzAudAddService - ok
15:03:53.0924 4196 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:03:53.0924 4196 intelide - ok
15:03:53.0939 4196 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:03:53.0939 4196 intelppm - ok
15:03:53.0970 4196 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:03:53.0970 4196 IPBusEnum - ok
15:03:54.0002 4196 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:03:54.0002 4196 IpFilterDriver - ok
15:03:54.0064 4196 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:03:54.0080 4196 iphlpsvc - ok
15:03:54.0111 4196 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:03:54.0111 4196 IPMIDRV - ok
15:03:54.0142 4196 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:03:54.0173 4196 IPNAT - ok
15:03:54.0189 4196 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:03:54.0189 4196 IRENUM - ok
15:03:54.0204 4196 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:03:54.0204 4196 isapnp - ok
15:03:54.0236 4196 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:03:54.0236 4196 iScsiPrt - ok
15:03:54.0282 4196 [ 25D602AE635A0443458FBED1A8B6E4E9 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
15:03:54.0282 4196 JMCR - ok
15:03:54.0298 4196 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:03:54.0298 4196 kbdclass - ok
15:03:54.0345 4196 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:03:54.0345 4196 kbdhid - ok
15:03:54.0360 4196 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:03:54.0376 4196 KeyIso - ok
15:03:54.0407 4196 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:03:54.0407 4196 KSecDD - ok
15:03:54.0454 4196 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:03:54.0454 4196 KSecPkg - ok
15:03:54.0485 4196 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:03:54.0485 4196 ksthunk - ok
15:03:54.0516 4196 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:03:54.0516 4196 KtmRm - ok
15:03:54.0563 4196 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:03:54.0563 4196 LanmanServer - ok
15:03:54.0626 4196 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:03:54.0626 4196 LanmanWorkstation - ok
15:03:54.0657 4196 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:03:54.0657 4196 lltdio - ok
15:03:54.0688 4196 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:03:54.0688 4196 lltdsvc - ok
15:03:54.0719 4196 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:03:54.0719 4196 lmhosts - ok
15:03:54.0735 4196 [ 41E122F6D1448C94CC05196BC41D6BFB ] LPCFilter C:\Windows\system32\DRIVERS\LPCFilter.sys
15:03:54.0735 4196 LPCFilter - ok
15:03:54.0766 4196 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:03:54.0766 4196 LSI_FC - ok
15:03:54.0782 4196 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:03:54.0782 4196 LSI_SAS - ok
15:03:54.0797 4196 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:03:54.0797 4196 LSI_SAS2 - ok
15:03:54.0813 4196 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:03:54.0828 4196 LSI_SCSI - ok
15:03:54.0860 4196 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:03:54.0860 4196 luafv - ok
15:03:54.0891 4196 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:03:54.0891 4196 Mcx2Svc - ok
15:03:54.0906 4196 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:03:54.0938 4196 megasas - ok
15:03:54.0969 4196 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:03:54.0969 4196 MegaSR - ok
15:03:55.0000 4196 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:03:55.0000 4196 MMCSS - ok
15:03:55.0016 4196 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:03:55.0016 4196 Modem - ok
15:03:55.0047 4196 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:03:55.0047 4196 monitor - ok
15:03:55.0094 4196 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:03:55.0094 4196 mouclass - ok
15:03:55.0125 4196 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:03:55.0125 4196 mouhid - ok
15:03:55.0172 4196 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:03:55.0172 4196 mountmgr - ok
15:03:55.0187 4196 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:03:55.0187 4196 mpio - ok
15:03:55.0203 4196 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:03:55.0203 4196 mpsdrv - ok
15:03:55.0281 4196 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:03:55.0296 4196 MpsSvc - ok
15:03:55.0328 4196 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:03:55.0343 4196 MRxDAV - ok
15:03:55.0374 4196 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:03:55.0374 4196 mrxsmb - ok
15:03:55.0406 4196 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:03:55.0406 4196 mrxsmb10 - ok
15:03:55.0406 4196 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:03:55.0406 4196 mrxsmb20 - ok
15:03:55.0421 4196 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:03:55.0421 4196 msahci - ok
15:03:55.0452 4196 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:03:55.0452 4196 msdsm - ok
15:03:55.0468 4196 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:03:55.0484 4196 MSDTC - ok
15:03:55.0515 4196 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:03:55.0515 4196 Msfs - ok
15:03:55.0530 4196 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:03:55.0530 4196 mshidkmdf - ok
15:03:55.0530 4196 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:03:55.0530 4196 msisadrv - ok
15:03:55.0562 4196 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:03:55.0562 4196 MSiSCSI - ok
15:03:55.0577 4196 msiserver - ok
15:03:55.0593 4196 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:03:55.0593 4196 MSKSSRV - ok
15:03:55.0608 4196 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:03:55.0608 4196 MSPCLOCK - ok
15:03:55.0624 4196 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:03:55.0624 4196 MSPQM - ok
15:03:55.0671 4196 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:03:55.0671 4196 MsRPC - ok
15:03:55.0718 4196 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:03:55.0718 4196 mssmbios - ok
15:03:55.0749 4196 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:03:55.0749 4196 MSTEE - ok
15:03:55.0764 4196 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:03:55.0764 4196 MTConfig - ok
15:03:55.0780 4196 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:03:55.0780 4196 Mup - ok
15:03:55.0842 4196 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:03:55.0842 4196 napagent - ok
15:03:55.0874 4196 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:03:55.0874 4196 NativeWifiP - ok
15:03:55.0936 4196 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:03:55.0952 4196 NDIS - ok
15:03:55.0983 4196 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:03:55.0983 4196 NdisCap - ok
15:03:55.0998 4196 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:03:55.0998 4196 NdisTapi - ok
15:03:56.0045 4196 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:03:56.0045 4196 Ndisuio - ok
15:03:56.0092 4196 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

petowl
nováček
Příspěvky: 9
Registrován: červenec 13
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod petowl » 23 srp 2013 15:11

Druhá půlka logu z TDSS:

15:03:56.0108 4196 NdisWan - ok
15:03:56.0154 4196 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:03:56.0154 4196 NDProxy - ok
15:03:56.0186 4196 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:03:56.0201 4196 NetBIOS - ok
15:03:56.0248 4196 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:03:56.0248 4196 NetBT - ok
15:03:56.0264 4196 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:03:56.0264 4196 Netlogon - ok
15:03:56.0310 4196 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:03:56.0326 4196 Netman - ok
15:03:56.0357 4196 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:03:56.0373 4196 NetMsmqActivator - ok
15:03:56.0373 4196 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:03:56.0373 4196 NetPipeActivator - ok
15:03:56.0404 4196 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:03:56.0404 4196 netprofm - ok
15:03:56.0420 4196 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:03:56.0420 4196 NetTcpActivator - ok
15:03:56.0420 4196 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:03:56.0420 4196 NetTcpPortSharing - ok
15:03:56.0451 4196 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:03:56.0451 4196 nfrd960 - ok
15:03:56.0482 4196 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:03:56.0482 4196 NlaSvc - ok
15:03:56.0513 4196 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:03:56.0529 4196 Npfs - ok
15:03:56.0560 4196 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:03:56.0560 4196 nsi - ok
15:03:56.0576 4196 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:03:56.0576 4196 nsiproxy - ok
15:03:56.0654 4196 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:03:56.0669 4196 Ntfs - ok
15:03:56.0685 4196 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:03:56.0700 4196 Null - ok
15:03:56.0747 4196 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
15:03:56.0747 4196 NVHDA - ok
15:03:57.0044 4196 [ 9C1996DD3C0469BC8933321F15709F5A ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:03:57.0122 4196 nvlddmkm - ok
15:03:57.0168 4196 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:03:57.0168 4196 nvraid - ok
15:03:57.0184 4196 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:03:57.0184 4196 nvstor - ok
15:03:57.0246 4196 [ 34E5498528BB3D5A951F889F8756AD26 ] nvsvc C:\Windows\system32\nvvsvc.exe
15:03:57.0246 4196 nvsvc - ok
15:03:57.0293 4196 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:03:57.0293 4196 nv_agp - ok
15:03:57.0371 4196 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:03:57.0371 4196 odserv - ok
15:03:57.0465 4196 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:03:57.0465 4196 ohci1394 - ok
15:03:57.0527 4196 [ EC322186D8FCE3D632F3F597D67747DD ] OpenVPNService C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
15:03:57.0527 4196 OpenVPNService - ok
15:03:57.0558 4196 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:03:57.0558 4196 ose - ok
15:03:57.0605 4196 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:03:57.0605 4196 p2pimsvc - ok
15:03:57.0621 4196 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:03:57.0621 4196 p2psvc - ok
15:03:57.0652 4196 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:03:57.0652 4196 Parport - ok
15:03:57.0699 4196 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:03:57.0699 4196 partmgr - ok
15:03:57.0730 4196 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:03:57.0730 4196 PcaSvc - ok
15:03:57.0761 4196 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:03:57.0777 4196 pci - ok
15:03:57.0777 4196 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:03:57.0777 4196 pciide - ok
15:03:57.0808 4196 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:03:57.0824 4196 pcmcia - ok
15:03:57.0824 4196 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:03:57.0839 4196 pcw - ok
15:03:57.0870 4196 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:03:57.0870 4196 PEAUTH - ok
15:03:57.0948 4196 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:03:57.0948 4196 PerfHost - ok
15:03:57.0995 4196 [ 663962900E7FEA522126BA287715BB4A ] PGEffect C:\Windows\system32\DRIVERS\pgeffect.sys
15:03:57.0995 4196 PGEffect - ok
15:03:58.0058 4196 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:03:58.0073 4196 pla - ok
15:03:58.0136 4196 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:03:58.0151 4196 PlugPlay - ok
15:03:58.0182 4196 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:03:58.0182 4196 PNRPAutoReg - ok
15:03:58.0214 4196 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:03:58.0214 4196 PNRPsvc - ok
15:03:58.0260 4196 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:03:58.0276 4196 PolicyAgent - ok
15:03:58.0292 4196 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:03:58.0307 4196 Power - ok
15:03:58.0354 4196 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:03:58.0354 4196 PptpMiniport - ok
15:03:58.0385 4196 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:03:58.0385 4196 Processor - ok
15:03:58.0416 4196 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:03:58.0432 4196 ProfSvc - ok
15:03:58.0448 4196 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:03:58.0448 4196 ProtectedStorage - ok
15:03:58.0479 4196 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:03:58.0510 4196 Psched - ok
15:03:58.0557 4196 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:03:58.0572 4196 ql2300 - ok
15:03:58.0588 4196 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:03:58.0604 4196 ql40xx - ok
15:03:58.0635 4196 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:03:58.0635 4196 QWAVE - ok
15:03:58.0650 4196 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:03:58.0666 4196 QWAVEdrv - ok
15:03:58.0682 4196 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:03:58.0697 4196 RasAcd - ok
15:03:58.0728 4196 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:03:58.0728 4196 RasAgileVpn - ok
15:03:58.0760 4196 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:03:58.0760 4196 RasAuto - ok
15:03:58.0806 4196 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:03:58.0806 4196 Rasl2tp - ok
15:03:58.0853 4196 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:03:58.0853 4196 RasMan - ok
15:03:58.0884 4196 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:03:58.0884 4196 RasPppoe - ok
15:03:58.0884 4196 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:03:58.0884 4196 RasSstp - ok
15:03:58.0931 4196 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:03:58.0931 4196 rdbss - ok
15:03:58.0947 4196 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:03:58.0947 4196 rdpbus - ok
15:03:58.0978 4196 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:03:58.0978 4196 RDPCDD - ok
15:03:58.0978 4196 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:03:58.0978 4196 RDPENCDD - ok
15:03:58.0994 4196 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:03:58.0994 4196 RDPREFMP - ok
15:03:59.0072 4196 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:03:59.0072 4196 RdpVideoMiniport - ok
15:03:59.0118 4196 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:03:59.0118 4196 RDPWD - ok
15:03:59.0165 4196 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:03:59.0165 4196 rdyboost - ok
15:03:59.0212 4196 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:03:59.0212 4196 RemoteAccess - ok
15:03:59.0243 4196 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:03:59.0243 4196 RemoteRegistry - ok
15:03:59.0290 4196 [ CAF88D6573D21CD2AA27001DDBFDC74D ] RMCAST C:\Windows\system32\DRIVERS\RMCAST.sys
15:03:59.0321 4196 RMCAST - ok
15:03:59.0368 4196 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
15:03:59.0368 4196 ROOTMODEM - ok
15:03:59.0399 4196 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:03:59.0399 4196 RpcEptMapper - ok
15:03:59.0446 4196 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:03:59.0446 4196 RpcLocator - ok
15:03:59.0493 4196 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:03:59.0493 4196 RpcSs - ok
15:03:59.0508 4196 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:03:59.0524 4196 rspndr - ok
15:03:59.0555 4196 [ B49DC435AE3695BAC5623DD94B05732D ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
15:03:59.0555 4196 RTL8167 - ok
15:03:59.0586 4196 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:03:59.0586 4196 SamSs - ok
15:03:59.0633 4196 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:03:59.0633 4196 sbp2port - ok
15:03:59.0680 4196 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:03:59.0680 4196 SCardSvr - ok
15:03:59.0711 4196 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:03:59.0727 4196 scfilter - ok
15:03:59.0789 4196 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:03:59.0805 4196 Schedule - ok
15:03:59.0852 4196 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:03:59.0852 4196 SCPolicySvc - ok
15:03:59.0898 4196 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
15:03:59.0898 4196 sdbus - ok
15:03:59.0945 4196 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:03:59.0945 4196 SDRSVC - ok
15:03:59.0961 4196 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:03:59.0976 4196 secdrv - ok
15:04:00.0008 4196 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:04:00.0008 4196 seclogon - ok
15:04:00.0039 4196 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
15:04:00.0039 4196 SENS - ok
15:04:00.0054 4196 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:04:00.0054 4196 SensrSvc - ok
15:04:00.0101 4196 [ 82215BBED5D37B0C354F0E83FD0C8423 ] Sentinel C:\Windows\System32\Drivers\SENTINEL64.SYS
15:04:00.0117 4196 Sentinel - ok
15:04:00.0148 4196 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:04:00.0148 4196 Serenum - ok
15:04:00.0164 4196 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:04:00.0164 4196 Serial - ok
15:04:00.0179 4196 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:04:00.0195 4196 sermouse - ok
15:04:00.0257 4196 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:04:00.0257 4196 SessionEnv - ok
15:04:00.0320 4196 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:04:00.0320 4196 sffdisk - ok
15:04:00.0335 4196 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:04:00.0335 4196 sffp_mmc - ok
15:04:00.0351 4196 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:04:00.0351 4196 sffp_sd - ok
15:04:00.0366 4196 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:04:00.0366 4196 sfloppy - ok
15:04:00.0398 4196 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:04:00.0413 4196 SharedAccess - ok
15:04:00.0476 4196 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:04:00.0476 4196 ShellHWDetection - ok
15:04:00.0491 4196 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:04:00.0491 4196 SiSRaid2 - ok
15:04:00.0522 4196 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:04:00.0554 4196 SiSRaid4 - ok
15:04:00.0632 4196 [ 3E587DBBDFF938DDE5D4CE4047BE9041 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:04:00.0632 4196 SkypeUpdate - ok
15:04:00.0663 4196 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:04:00.0663 4196 Smb - ok
15:04:00.0710 4196 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:04:00.0710 4196 SNMPTRAP - ok
15:04:00.0756 4196 [ F9369327409492097B0BB7CE86BD29DE ] Soluto C:\Windows\system32\DRIVERS\Soluto.sys
15:04:00.0756 4196 Soluto - ok
15:04:00.0834 4196 [ 6660A0BED94EC05C712EEF6C6B324789 ] SolutoLauncherService C:\Program Files\Soluto\SolutoLauncherService.exe
15:04:00.0834 4196 SolutoLauncherService - ok
15:04:00.0881 4196 [ BCA25A87AD78FEDAC5C5ABD92DB3BECD ] SolutoRemoteService C:\Program Files\Soluto\SolutoRemoteService.exe
15:04:00.0897 4196 SolutoRemoteService - ok
15:04:00.0944 4196 [ 34EB2B1D8BB151D10A3F189FE21C9A36 ] SolutoService C:\Program Files\Soluto\SolutoService.exe
15:04:00.0944 4196 SolutoService - ok
15:04:01.0022 4196 [ 5177D14A78E60FD61DCFC6B388E7E971 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
15:04:01.0022 4196 Sony PC Companion - ok
15:04:01.0053 4196 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:04:01.0068 4196 spldr - ok
15:04:01.0115 4196 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:04:01.0115 4196 Spooler - ok
15:04:01.0240 4196 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:04:01.0256 4196 sppsvc - ok
15:04:01.0287 4196 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:04:01.0287 4196 sppuinotify - ok
15:04:01.0334 4196 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\system32\Drivers\sptd.sys
15:04:01.0334 4196 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB
15:04:01.0334 4196 sptd ( LockedFile.Multi.Generic ) - warning
15:04:01.0334 4196 sptd - detected LockedFile.Multi.Generic (1)
15:04:01.0365 4196 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:04:01.0365 4196 srv - ok
15:04:01.0380 4196 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:04:01.0380 4196 srv2 - ok
15:04:01.0396 4196 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:04:01.0396 4196 srvnet - ok
15:04:01.0427 4196 [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
15:04:01.0427 4196 ssadbus - ok
15:04:01.0458 4196 [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
15:04:01.0458 4196 ssadmdfl - ok
15:04:01.0505 4196 [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
15:04:01.0505 4196 ssadmdm - ok
15:04:01.0552 4196 [ D33D1BD3EC0E766211A234F56A12726D ] ssadserd C:\Windows\system32\DRIVERS\ssadserd.sys
15:04:01.0552 4196 ssadserd - ok
15:04:01.0599 4196 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:04:01.0614 4196 SSDPSRV - ok
15:04:01.0630 4196 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:04:01.0630 4196 SstpSvc - ok
15:04:01.0708 4196 [ 9E1380328C39D661E085B24D6A6E044E ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
15:04:01.0708 4196 Steam Client Service - ok
15:04:01.0739 4196 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:04:01.0739 4196 stexstor - ok
15:04:01.0786 4196 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:04:01.0802 4196 stisvc - ok
15:04:01.0833 4196 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
15:04:01.0833 4196 swenum - ok
15:04:01.0864 4196 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:04:01.0880 4196 swprv - ok
15:04:01.0926 4196 [ 0FAA1933FBCF916C301FF94ACC623031 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
15:04:01.0926 4196 SynTP - ok
15:04:01.0989 4196 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:04:02.0020 4196 SysMain - ok
15:04:02.0051 4196 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:04:02.0067 4196 TabletInputService - ok
15:04:02.0114 4196 [ F9BE29D5E097F03F81D3CD12B794CB66 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
15:04:02.0114 4196 tap0901 - ok
15:04:02.0129 4196 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:04:02.0145 4196 TapiSrv - ok
15:04:02.0176 4196 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:04:02.0176 4196 TBS - ok
15:04:02.0254 4196 [ DB74544B75566C974815E79A62433F29 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:04:02.0270 4196 Tcpip - ok
15:04:02.0301 4196 [ DB74544B75566C974815E79A62433F29 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:04:02.0316 4196 TCPIP6 - ok
15:04:02.0363 4196 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:04:02.0363 4196 tcpipreg - ok
15:04:02.0394 4196 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys
15:04:02.0394 4196 tdcmdpst - ok
15:04:02.0426 4196 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:04:02.0426 4196 TDPIPE - ok
15:04:02.0457 4196 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:04:02.0457 4196 TDTCP - ok
15:04:02.0504 4196 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:04:02.0519 4196 tdx - ok
15:04:02.0566 4196 [ 40E154B3125E17CE6F2AFAD57AFCFEB2 ] TemproMonitoringService C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
15:04:02.0566 4196 TemproMonitoringService - ok
15:04:02.0613 4196 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:04:02.0613 4196 TermDD - ok
15:04:02.0660 4196 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:04:02.0660 4196 TermService - ok
15:04:02.0691 4196 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:04:02.0706 4196 Themes - ok
15:04:02.0753 4196 [ C013F6ACAA9761F571BD28DADA7C157D ] Thpdrv C:\Windows\system32\DRIVERS\thpdrv.sys
15:04:02.0753 4196 Thpdrv - ok
15:04:02.0753 4196 [ B4E609047434ED948AF7BDEF2FA66E38 ] Thpevm C:\Windows\system32\DRIVERS\Thpevm.SYS
15:04:02.0753 4196 Thpevm - ok
15:04:02.0800 4196 [ 6146EAC71AE3C9DA17B0E33632082B7B ] Thpsrv C:\Windows\system32\ThpSrv.exe
15:04:02.0800 4196 Thpsrv - ok
15:04:02.0831 4196 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:04:02.0831 4196 THREADORDER - ok
15:04:02.0909 4196 [ 32577B987AE5401038451BB392CB8D89 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
15:04:02.0909 4196 TMachInfo - ok
15:04:02.0925 4196 [ ED32035BDFECED1AD66D459FD9CC1140 ] TODDSrv C:\Windows\system32\TODDSrv.exe
15:04:02.0925 4196 TODDSrv - ok
15:04:03.0018 4196 [ 06C61275ADC64F1E36240A2287998A5E ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
15:04:03.0018 4196 TosCoSrv - ok
15:04:03.0096 4196 [ AB2D61A032A01BF9E84F03CAA9D22932 ] TOSHIBA Bluetooth Service C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
15:04:03.0096 4196 TOSHIBA Bluetooth Service - ok
15:04:03.0159 4196 [ 598F792718BC78C2B29B589F4B3898D1 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
15:04:03.0159 4196 TOSHIBA eco Utility Service - ok
15:04:03.0190 4196 [ 8021F63311797085949FA387F7C83583 ] tosporte C:\Windows\system32\DRIVERS\tosporte.sys
15:04:03.0190 4196 tosporte - ok
15:04:03.0206 4196 [ 71BB669BFCADE1580FDCE010ABC76310 ] tosrfbd C:\Windows\system32\DRIVERS\tosrfbd.sys
15:04:03.0221 4196 tosrfbd - ok
15:04:03.0237 4196 [ 62512B5277D88600F8BD4B7AEC43569D ] tosrfbnp C:\Windows\system32\Drivers\tosrfbnp.sys
15:04:03.0237 4196 tosrfbnp - ok
15:04:03.0268 4196 [ C523A9186C39D65CC9ADEBB2E1B93CCD ] Tosrfcom C:\Windows\system32\Drivers\tosrfcom.sys
15:04:03.0268 4196 Tosrfcom - ok
15:04:03.0315 4196 [ 11699D47B3491D86249C168496D55C92 ] tosrfec C:\Windows\system32\DRIVERS\tosrfec.sys
15:04:03.0315 4196 tosrfec - ok
15:04:03.0330 4196 [ 451B8C1815C6CC39650AF916C2A382CD ] Tosrfhid C:\Windows\system32\DRIVERS\Tosrfhid.sys
15:04:03.0330 4196 Tosrfhid - ok
15:04:03.0362 4196 [ B6FDC3C76FFE9C5171EEA9C37EA367C2 ] tosrfnds C:\Windows\system32\DRIVERS\tosrfnds.sys
15:04:03.0362 4196 tosrfnds - ok
15:04:03.0377 4196 [ E1E045240C1184FA6628F3C7E7FF85D8 ] TosRfSnd C:\Windows\system32\drivers\tosrfsnd.sys
15:04:03.0408 4196 TosRfSnd - ok
15:04:03.0408 4196 [ DA7AA562448E29CA895895920BFF8946 ] Tosrfusb C:\Windows\system32\DRIVERS\tosrfusb.sys
15:04:03.0408 4196 Tosrfusb - ok
15:04:03.0455 4196 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64 C:\Windows\system32\DRIVERS\tos_sps64.sys
15:04:03.0455 4196 tos_sps64 - ok
15:04:03.0518 4196 [ BDFEA7A014D8E4A29323EC6E32D30FCA ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
15:04:03.0533 4196 TPCHSrv - ok
15:04:03.0564 4196 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:04:03.0564 4196 TrkWks - ok
15:04:03.0627 4196 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:04:03.0642 4196 TrustedInstaller - ok
15:04:03.0689 4196 [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:04:03.0689 4196 tssecsrv - ok
15:04:03.0720 4196 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:04:03.0720 4196 TsUsbFlt - ok
15:04:03.0783 4196 [ B3F8EE730BAF495BDFA035C96D2C68FA ] TuneUp.Defrag C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
15:04:03.0783 4196 TuneUp.Defrag - ok
15:04:03.0845 4196 [ 87C0597B07D5884D1B88C0B7BB02E0DB ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
15:04:03.0845 4196 TuneUp.UtilitiesSvc - ok
15:04:03.0861 4196 [ DCC94C51D27C7EC0DADECA8F64C94FCF ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys
15:04:03.0861 4196 TuneUpUtilitiesDrv - ok
15:04:03.0923 4196 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:04:03.0939 4196 tunnel - ok
15:04:03.0970 4196 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
15:04:03.0970 4196 TVALZ - ok
15:04:04.0017 4196 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL C:\Windows\system32\DRIVERS\TVALZFL.sys
15:04:04.0017 4196 TVALZFL - ok
15:04:04.0048 4196 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:04:04.0048 4196 uagp35 - ok
15:04:04.0095 4196 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:04:04.0095 4196 udfs - ok
15:04:04.0126 4196 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:04:04.0142 4196 UI0Detect - ok
15:04:04.0173 4196 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:04:04.0188 4196 uliagpkx - ok
15:04:04.0220 4196 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
15:04:04.0220 4196 umbus - ok
15:04:04.0251 4196 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:04:04.0251 4196 UmPass - ok
15:04:04.0282 4196 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:04:04.0282 4196 upnphost - ok
15:04:04.0329 4196 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:04:04.0360 4196 usbccgp - ok
15:04:04.0391 4196 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:04:04.0391 4196 usbcir - ok
15:04:04.0422 4196 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:04:04.0422 4196 usbehci - ok
15:04:04.0454 4196 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:04:04.0454 4196 usbhub - ok
15:04:04.0500 4196 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
15:04:04.0500 4196 usbohci - ok
15:04:04.0500 4196 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:04:04.0500 4196 usbprint - ok
15:04:04.0547 4196 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:04:04.0547 4196 USBSTOR - ok
15:04:04.0563 4196 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
15:04:04.0563 4196 usbuhci - ok
15:04:04.0594 4196 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
15:04:04.0594 4196 usbvideo - ok
15:04:04.0641 4196 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:04:04.0641 4196 UxSms - ok
15:04:04.0688 4196 [ A9C97172F0F478092C227609384D19B4 ] UxTuneUp C:\Windows\System32\uxtuneup.dll
15:04:04.0688 4196 UxTuneUp - ok
15:04:04.0719 4196 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:04:04.0719 4196 VaultSvc - ok
15:04:04.0750 4196 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:04:04.0750 4196 vdrvroot - ok
15:04:04.0797 4196 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:04:04.0812 4196 vds - ok
15:04:04.0844 4196 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:04:04.0844 4196 vga - ok
15:04:04.0859 4196 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:04:04.0875 4196 VgaSave - ok
15:04:04.0922 4196 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:04:04.0922 4196 vhdmp - ok
15:04:04.0937 4196 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:04:04.0937 4196 viaide - ok
15:04:04.0953 4196 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:04:04.0984 4196 volmgr - ok
15:04:05.0015 4196 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:04:05.0015 4196 volmgrx - ok
15:04:05.0031 4196 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:04:05.0031 4196 volsnap - ok
15:04:05.0078 4196 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:04:05.0093 4196 vsmraid - ok
15:04:05.0156 4196 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:04:05.0187 4196 VSS - ok
15:04:05.0202 4196 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:04:05.0218 4196 vwifibus - ok
15:04:05.0249 4196 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:04:05.0249 4196 vwififlt - ok
15:04:05.0296 4196 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:04:05.0312 4196 W32Time - ok
15:04:05.0327 4196 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:04:05.0327 4196 WacomPen - ok
15:04:05.0374 4196 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:04:05.0390 4196 WANARP - ok
15:04:05.0390 4196 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:04:05.0390 4196 Wanarpv6 - ok
15:04:05.0452 4196 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:04:05.0468 4196 WatAdminSvc - ok
15:04:05.0530 4196 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:04:05.0546 4196 wbengine - ok
15:04:05.0577 4196 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:04:05.0592 4196 WbioSrvc - ok
15:04:05.0639 4196 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:04:05.0639 4196 wcncsvc - ok
15:04:05.0670 4196 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:04:05.0670 4196 WcsPlugInService - ok
15:04:05.0702 4196 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:04:05.0702 4196 Wd - ok
15:04:05.0748 4196 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:04:05.0764 4196 Wdf01000 - ok
15:04:05.0795 4196 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:04:05.0795 4196 WdiServiceHost - ok
15:04:05.0811 4196 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:04:05.0811 4196 WdiSystemHost - ok
15:04:05.0858 4196 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:04:05.0858 4196 WebClient - ok
15:04:05.0873 4196 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:04:05.0889 4196 Wecsvc - ok
15:04:05.0920 4196 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:04:05.0920 4196 wercplsupport - ok
15:04:05.0936 4196 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:04:05.0936 4196 WerSvc - ok
15:04:05.0967 4196 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:04:05.0967 4196 WfpLwf - ok
15:04:05.0998 4196 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:04:05.0998 4196 WIMMount - ok
15:04:06.0014 4196 WinDefend - ok
15:04:06.0045 4196 WinHttpAutoProxySvc - ok
15:04:06.0107 4196 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:04:06.0107 4196 Winmgmt - ok
15:04:06.0185 4196 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:04:06.0216 4196 WinRM - ok
15:04:06.0279 4196 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:04:06.0294 4196 WinUsb - ok
15:04:06.0341 4196 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:04:06.0357 4196 Wlansvc - ok
15:04:06.0419 4196 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:04:06.0419 4196 WmiAcpi - ok
15:04:06.0466 4196 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:04:06.0482 4196 wmiApSrv - ok
15:04:06.0513 4196 WMPNetworkSvc - ok
15:04:06.0544 4196 [ 92C6184E6F62D542B8DCDC93BD73CB7E ] wod0205 C:\Windows\system32\DRIVERS\wod0205.sys
15:04:06.0544 4196 wod0205 - ok
15:04:06.0591 4196 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:04:06.0591 4196 WPCSvc - ok
15:04:06.0622 4196 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:04:06.0638 4196 WPDBusEnum - ok
15:04:06.0669 4196 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:04:06.0684 4196 ws2ifsl - ok
15:04:06.0716 4196 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
15:04:06.0716 4196 wscsvc - ok
15:04:06.0731 4196 WSearch - ok
15:04:06.0825 4196 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:04:06.0856 4196 wuauserv - ok
15:04:06.0887 4196 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:04:06.0887 4196 WudfPf - ok
15:04:06.0934 4196 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:04:06.0934 4196 WUDFRd - ok
15:04:06.0965 4196 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:04:06.0981 4196 wudfsvc - ok
15:04:07.0012 4196 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
15:04:07.0012 4196 WwanSvc - ok
15:04:07.0059 4196 ================ Scan global ===============================
15:04:07.0121 4196 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:04:07.0152 4196 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:04:07.0168 4196 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:04:07.0199 4196 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:04:07.0230 4196 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:04:07.0246 4196 [Global] - ok
15:04:07.0246 4196 ================ Scan MBR ==================================
15:04:07.0262 4196 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:04:07.0433 4196 \Device\Harddisk0\DR0 - ok
15:04:07.0433 4196 ================ Scan VBR ==================================
15:04:07.0449 4196 [ 037683B9BE2E14AFE8FE622D2859B168 ] \Device\Harddisk0\DR0\Partition1
15:04:07.0449 4196 \Device\Harddisk0\DR0\Partition1 - ok
15:04:07.0480 4196 [ A3B26628DACA3817874A552B14EB65E2 ] \Device\Harddisk0\DR0\Partition2
15:04:07.0480 4196 \Device\Harddisk0\DR0\Partition2 - ok
15:04:07.0480 4196 ============================================================
15:04:07.0480 4196 Scan finished
15:04:07.0480 4196 ============================================================
15:04:07.0480 4964 Detected object count: 1
15:04:07.0480 4964 Actual detected object count: 1
15:04:46.0043 4964 sptd ( LockedFile.Multi.Generic ) - skipped by user
15:04:46.0043 4964 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod memphisto » 23 srp 2013 18:50

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji

petowl
nováček
Příspěvky: 9
Registrován: červenec 13
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod petowl » 25 srp 2013 21:40

ComboFix 13-08-25.01 - Petr 25.08.2013 21:27:08.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4061.2507 [GMT 2:00]
Spuštěný z: c:\users\Petr\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
SP: ESET NOD32 Antivirus 4.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SysWow64\regobj.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-07-25 do 2013-08-25 )))))))))))))))))))))))))))))))
.
.
2013-08-25 19:33 . 2013-08-25 19:33 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-25 11:25 . 2013-08-25 11:25 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A0CD24DF-A833-4350-BC3C-5436ECF6E231}\offreg.dll
2013-08-23 08:44 . 2013-08-23 08:44 -------- d-----w- c:\windows\ERUNT
2013-08-23 08:02 . 2013-08-06 08:58 9515512 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A0CD24DF-A833-4350-BC3C-5436ECF6E231}\mpengine.dll
2013-08-23 07:14 . 2013-08-23 07:14 -------- d-----w- c:\users\Petr\AppData\Local\Adobe
2013-08-23 06:50 . 2013-08-23 08:31 -------- d-----w- C:\AdwCleaner
2013-08-23 06:37 . 2013-08-23 06:37 -------- d-----w- c:\users\Petr\AppData\Roaming\Malwarebytes
2013-08-23 06:36 . 2013-08-23 06:36 -------- d-----w- c:\programdata\Malwarebytes
2013-08-23 06:36 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-08-23 06:36 . 2013-08-23 06:36 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-08-23 06:36 . 2013-08-23 06:36 -------- d-----w- c:\users\Petr\AppData\Local\Programs
2013-08-22 20:05 . 2013-08-22 20:05 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-22 20:05 . 2013-08-22 20:05 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-08-22 18:06 . 2013-08-22 18:06 388096 ----a-r- c:\users\Petr\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-08-22 18:06 . 2013-08-22 18:06 -------- d-----w- c:\program files (x86)\Trend Micro
2013-07-27 08:57 . 2013-07-27 08:57 -------- d-----w- c:\users\Petr\AppData\Local\Opera Software
2013-07-27 08:57 . 2013-07-27 08:57 -------- d-----w- c:\users\Petr\AppData\Roaming\Opera Software
2013-07-27 08:57 . 2013-08-22 17:44 -------- d-----w- c:\program files (x86)\Opera
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-22 17:42 . 2010-01-31 10:50 78161360 ----a-w- c:\windows\system32\MRT.exe
2013-07-09 04:45 . 2013-08-22 17:40 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-06-24 08:10 . 2013-06-24 08:10 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-24 08:10 . 2012-08-04 08:54 867240 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2013-06-24 08:10 . 2011-05-09 17:06 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-06-05 03:34 . 2013-07-10 08:39 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-06-04 06:00 . 2013-07-10 08:39 624128 ----a-w- c:\windows\system32\qedit.dll
2013-06-04 04:53 . 2013-07-10 08:39 509440 ----a-w- c:\windows\SysWow64\qedit.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 130736 ----a-w- c:\users\Petr\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 130736 ----a-w- c:\users\Petr\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 130736 ----a-w- c:\users\Petr\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SVPWUTIL"="c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" [2009-08-12 352256]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2009-06-02 423936]
"KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2009-01-13 34088]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOSHIBA Online Product Information"="c:\program files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe" [2009-08-12 6203296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
"TUSBSleepChargeSrv"=c:\program files (x86)\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Bonus.SSR.FR11"="c:\program files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" /autorun
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys;c:\windows\SYSNATIVE\DRIVERS\adusbser.sys [x]
R3 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [x]
R3 ConfigFree Gadget Service;ConfigFree Gadget Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [x]
R3 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x]
R3 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
R3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 SolutoRemoteService;Soluto Remote Service;c:\program files\Soluto\SolutoRemoteService.exe;c:\program files\Soluto\SolutoRemoteService.exe [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssadserd.sys [x]
R3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe;c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [x]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]
R3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 wod0205;WeOnlyDo Network Adapter 2.5;c:\windows\system32\DRIVERS\wod0205.sys;c:\windows\SYSNATIVE\DRIVERS\wod0205.sys [x]
S0 Soluto;Soluto;c:\windows\system32\DRIVERS\Soluto.sys;c:\windows\SYSNATIVE\DRIVERS\Soluto.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\DRIVERS\thpdrv.sys;c:\windows\SYSNATIVE\DRIVERS\thpdrv.sys [x]
S0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\DRIVERS\Thpevm.SYS;c:\windows\SYSNATIVE\DRIVERS\Thpevm.SYS [x]
S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys;c:\windows\SYSNATIVE\DRIVERS\tos_sps64.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S2 ArcGIS License Manager;ArcGIS License Manager;c:\progra~2\ESRI\License\arcgis9x\lmgrd.exe;c:\progra~2\ESRI\License\arcgis9x\lmgrd.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 SolutoLauncherService;Soluto Launcher Service;c:\program files\Soluto\SolutoLauncherService.exe;c:\program files\Soluto\SolutoLauncherService.exe [x]
S2 SolutoService;Soluto PCGenome Core Service;c:\program files\Soluto\SolutoService.exe;c:\program files\Soluto\SolutoService.exe [x]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe;c:\program files\TOSHIBA\TECO\TecoService.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [x]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]
S3 ABBYY.Licensing.FineReader.Corporate.11.0;ABBYY FineReader 11 CE Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe;c:\program files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe [x]
S3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 39402911
*Deregistered* - 39402911
.
Obsah adresáře 'Naplánované úlohy'
.
2013-07-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-24 18:59]
.
2013-08-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-10-24 18:59]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 164016 ----a-w- c:\users\Petr\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 164016 ----a-w- c:\users\Petr\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 164016 ----a-w- c:\users\Petr\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-04 22:12 164016 ----a-w- c:\users\Petr\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-06-27 14:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-27 14:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-27 14:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-06-27 14:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-06-27 14:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-06-27 14:11 778704 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ThpSrv"="c:\windows\system32\thpsrv" [X]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-08-03 7982112]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-11-16 2716216]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2009-08-05 909624]
"Soluto"="c:\program files\soluto\soluto.exe" [2013-01-10 1229296]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/ig/redirectdomain ... &bmod=TSEH
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-mcmscsvc
SafeBoot-MCODS
HKLM-Run-Teco - c:\program files (x86)\TOSHIBA\TECO\Teco.exe
AddRemove-PolarClock3 - c:\windows\system32\PolarClock3.scr
AddRemove-Verbatim GREEN BUTTON_is1 - i:\verbatim\GREEN BUTTON\unins000.exe
AddRemove-{B931FB80-537A-4600-00AD-AC5DEDB6C25B} - c:\program files (x86)\Electronic Arts\The Lord of the Rings
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-799259419-3588551148-2385700677-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:42,74,6a,d3,60,3b,b4,90,33,cd,3d,8d,03,9a,1d,f7,02,1e,51,d1,67,3b,7f,
38,84,f8,4a,b9,d8,08,a8,5e,7e,c2,0e,35,90,b6,1c,8a,95,fe,ab,84,7d,ff,2e,2d,\
"??"=hex:24,89,38,01,d6,ba,15,60,1d,fb,4d,05,86,f9,ed,9a
.
[HKEY_USERS\S-1-5-21-799259419-3588551148-2385700677-1000\Software\SecuROM\License information*]
"datasecu"=hex:ea,4b,1a,a6,3e,cc,dd,45,11,69,27,51,f3,b5,fc,c5,4d,9c,46,44,a6,
15,6f,90,5e,78,c6,55,7e,57,51,33,84,c0,43,16,b6,41,98,d2,38,3f,58,b6,bb,0f,\
"rkeysecu"=hex:70,94,3b,bf,b7,74,bd,14,6e,70,a4,0b,bf,1c,06,fa
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}]
@Denied: (A 2) (Everyone)
@="FlashProp Class"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.9"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-08-25 21:36:28
ComboFix-quarantined-files.txt 2013-08-25 19:36
.
Před spuštěním: Volných bajtů: 137 362 784 256
Po spuštění: Volných bajtů: 137 090 785 280
.
- - End Of File - - 8E56A6869FAED5D59912DCBCF3A59912
A36C5E4F47E84449FF07ED3517B43A31

Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod memphisto » 26 srp 2013 08:35

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::

Driver::
SkypeUpdate
cpuz136

Folder::
c:\program files (x86)\Skype\Updater

File::
c:\windows\TEMP\cpuz136\cpuz136_x64.sys
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

DDS::
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}]
@Denied: (A 2) (Everyone)
@="FlashProp Class"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.9"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upus.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího proces
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 70 hostů