Nejde spustit centrum zabezpečení

[Vitaaa]

Ahoj, zkoušel jsem všechno možný, např. Windows Fix It, Microsoft fix it windows firewall, pomocí příkazovýho řádku, ale bez úspěchu.
Díky za pomoc.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:49:27, on 16.9.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16686)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
C:\Program Files (x86)\HiHackThis\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [ioCentre] C:\Genius\ioCentre\gTaskBar.exe
O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Michal\AppData\Local\Google\Desktop\Install\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\???\???\???\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\GoogleUpdate.exe" >
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GeniusMouseService - Unknown owner - C:\Genius\ioCentre\GMouseService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9864 bytes

[Reklama]

[memphisto]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

[Vitaaa]

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.09.16.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16686


Ochrana: Povolena

16.9.2013 21:21:54
mbam-log-2013-09-16 (21-21-54).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 224139
Uplynulý čas: 3 minut, 6 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

----------------------------------------------------------------------------
# AdwCleaner v3.004 - Report created 16/09/2013 at 21:28:43
# Updated 15/09/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Running from : D:\Downloads\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Found : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\xc850cjk.default\user.js
File Found : C:\Windows\System32\roboot64.exe
Folder Found C:\ProgramData\boost_interprocess
Folder Found C:\Users\Michal\AppData\Local\PackageAware
Folder Found C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\xc850cjk.default\jetpack
Folder Found C:\Users\Michal\AppData\Roaming\Systweak

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AVG Secure Search
Key Found : HKCU\Software\IGearSettings
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKCU\Software\AVG Secure Search
Key Found : [x64] HKCU\Software\IGearSettings
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\Software\AVG Secure Search
Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Found : HKLM\Software\Iminent
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\tracing\askpartnercobrandingtool_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16686


-\\ Mozilla Firefox v23.0.1 (cs)

[ File : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\xc850cjk.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [3953 octets] - [16/09/2013 21:28:43]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [4013 octets] ##########

[memphisto]

V adw nech vše smazat a dodej log po smazání

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

[Vitaaa]

# AdwCleaner v3.004 - Report created 16/09/2013 at 23:03:43
# Updated 15/09/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Michal - MICHAL-PC
# Running from : D:\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\Users\Michal\AppData\Local\PackageAware
Folder Deleted : C:\Users\Michal\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\xc850cjk.default\jetpack
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\xc850cjk.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\tracing\askpartnercobrandingtool_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16686


-\\ Mozilla Firefox v23.0.1 (cs)

[ File : C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\xc850cjk.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [4121 octets] - [16/09/2013 21:28:43]
AdwCleaner[R1].txt - [4181 octets] - [16/09/2013 23:02:44]
AdwCleaner[S0].txt - [3848 octets] - [16/09/2013 23:03:43]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3908 octets] ##########


RogueKiller V8.6.11 _x64_ [Sep 11 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Michal [Práva správce]
Mód : Kontrola -- Datum : 09/16/2013 23:10:56
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[ZeroAccess][SERVICE] ???etadpug -- "C:\Program Files (x86)\Google\Desktop\Install\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\ \...\?????\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\GoogleUpdate.exe" < [x] -> ZASTAVENO

¤¤¤ ¤¤¤ Záznamy Registrů: : 8 ¤¤¤
[RUN][ZeroAccess] HKCU\[...]\Run : Google Update ("C:\Users\Michal\AppData\Local\Google\Desktop\Install\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\?????????\?????????\?????\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\GoogleUpdate.exe" >) -> NALEZENO
[RUN][ZeroAccess] HKUS\S-1-5-21-1613122033-87775165-548447065-1001\[...]\Run : Google Update ("C:\Users\Michal\AppData\Local\Google\Desktop\Install\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\?????????\?????????\?????\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\GoogleUpdate.exe" >) -> NALEZENO
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HID SVC][Skrytý od API] HKLM\[...]\CCSet\[...]\Services : . e () -> NALEZENO
[HID SVC][Skrytý od API] HKLM\[...]\CS001\[...]\Services : . e () -> NALEZENO
[HID SVC][Skrytý od API] HKLM\[...]\CS002\[...]\Services : . e () -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤
[ZeroAccess][soubor] Desktop.ini : C:\Windows\assembly\GAC_32\Desktop.ini [-] --> NALEZENO
[ZeroAccess][soubor] Desktop.ini : C:\Windows\assembly\GAC_64\Desktop.ini [-] --> NALEZENO
[ZeroAccess][křižovatka] cs-CZ : C:\Program Files\Windows Defender\cs-CZ >> \systemroot\system32\config [-] --> NALEZENO
[ZeroAccess][křižovatka] MpAsDesc.dll : C:\Program Files\Windows Defender\MpAsDesc.dll >> \systemroot\system32\config [-] --> NALEZENO
[ZeroAccess][křižovatka] MpClient.dll : C:\Program Files\Windows Defender\MpClient.dll >> \systemroot\system32\config [-] --> NALEZENO
[ZeroAccess][křižovatka] MpCmdRun.exe : C:\Program Files\Windows Defender\MpCmdRun.exe >> \systemroot\system32\config [-] --> NALEZENO
[ZeroAccess][křižovatka] MpCommu.dll : C:\Program Files\Windows Defender\MpCommu.dll >> \systemroot\system32\config [-] --> NALEZENO
[ZeroAccess][křižovatka] MpEvMsg.dll : C:\Program Files\Windows Defender\MpEvMsg.dll >> \systemroot\system32\config [-] --> NALEZENO
[ZeroAccess][křižovatka] MpOAV.dll : C:\Program Files\Windows Defender\MpOAV.dll >> \systemroot\system32\config [-] --> NALEZENO
[ZeroAccess][křižovatka] MpRTP.dll : C:\Program Files\Windows Defender\MpRTP.dll >> \systemroot\system32\config [-] --> NALEZENO
[ZeroAccess][křižovatka] MpSvc.dll : C:\Program Files\Windows Defender\MpSvc.dll >> \systemroot\system32\config [-] --> NALEZENO
[ZeroAccess][křižovatka] MSASCui.exe : C:\Program Files\Windows Defender\MSASCui.exe >> \systemroot\system32\config [-] --> NALEZENO
[ZeroAccess][křižovatka] MsMpCom.dll : C:\Program Files\Windows Defender\MsMpCom.dll >> \systemroot\system32\config [-] --> NALEZENO
[ZeroAccess][křižovatka] MsMpLics.dll : C:\Program Files\Windows Defender\MsMpLics.dll >> \systemroot\system32\config [-] --> NALEZENO
[ZeroAccess][křižovatka] MsMpRes.dll : C:\Program Files\Windows Defender\MsMpRes.dll >> \systemroot\system32\config [-] --> NALEZENO
[ZeroAccess][desky] Install : C:\Users\Michal\AppData\Local\Google\Desktop\Install [-] --> NALEZENO

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ZeroAccess ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD10EALS-00Z8A0 ATA Device +++++
--- User ---
[MBR] 69a3939fc6be691e01183f46eebfeaa4
[BSP] fe34f71e21a74af7159a54c89c0f14f6 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 153867 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 315121664 | Size: 799999 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_09162013_231056.txt >>
RKreport[0]_S_09162013_231003.txt


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.1 (09.15.2013:1)
OS: Windows 7 Professional x64
Ran by Michal on Łt 17.09.2013 at 9:15:34,51
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASMANCS



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Michal\appdata\local\{04DC7F50-F813-4AF1-AC1F-B660570488EF}
Successfully deleted: [Empty Folder] C:\Users\Michal\appdata\local\{0809D465-95A4-401A-B578-9FA3AF93E66E}
Successfully deleted: [Empty Folder] C:\Users\Michal\appdata\local\{0AE17D2E-46F2-45E9-B0D3-099B7F7442C3}
Successfully deleted: [Empty Folder] C:\Users\Michal\appdata\local\{29703B27-44CF-4BF1-93F9-E46B58246AE9}
Successfully deleted: [Empty Folder] C:\Users\Michal\appdata\local\{2A170826-CD8D-4474-87CF-2228DC7BE868}
Successfully deleted: [Empty Folder] C:\Users\Michal\appdata\local\{2ADACCC9-175C-49C7-AE40-8EE128236898}
Successfully deleted: [Empty Folder] C:\Users\Michal\appdata\local\{311FBE8A-4B76-4BC3-ACD1-EE7B86B19816}
Successfully deleted: [Empty Folder] C:\Users\Michal\appdata\local\{5497BD70-8B26-40EC-802B-FEE8E4D57970}
Successfully deleted: [Empty Folder] C:\Users\Michal\appdata\local\{9070661C-946A-43DF-977D-5091EF353C69}
Successfully deleted: [Empty Folder] C:\Users\Michal\appdata\local\{A11BA7D6-6B3C-4FE0-93C3-E10877CF0445}
Successfully deleted: [Empty Folder] C:\Users\Michal\appdata\local\{A4C9C140-6802-44EB-82AB-84703A6419B3}
Successfully deleted: [Empty Folder] C:\Users\Michal\appdata\local\{AD3A9D66-7B08-48BF-9EB0-CD781AAD8ED3}
Successfully deleted: [Empty Folder] C:\Users\Michal\appdata\local\{B625240D-2823-4A88-BF50-A2DEAF9E4846}
Successfully deleted: [Empty Folder] C:\Users\Michal\appdata\local\{C13718E7-6D15-42DD-A10E-68BCEC5485B1}
Successfully deleted: [Empty Folder] C:\Users\Michal\appdata\local\{E7332510-47BD-48A7-A796-D9C91E0789FC}
Successfully deleted: [Empty Folder] C:\Users\Michal\appdata\local\{FBDD26DE-0DB0-4422-BD8F-190B8C46E264}



~~~ FireFox

Emptied folder: C:\Users\Michal\AppData\Roaming\mozilla\firefox\profiles\xc850cjk.default\minidumps [93 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 17.09.2013 at 9:19:42,97
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[jaro3]

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.

Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "

- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[Vitaaa]

RogueKiller V8.6.11 _x64_ [Sep 11 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Michal [Práva správce]
Mód : Odebrat -- Datum : 09/17/2013 11:04:50
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[ZeroAccess][SERVICE] ???etadpug -- "C:\Program Files (x86)\Google\Desktop\Install\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\ \...\???ﯹ๛\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\GoogleUpdate.exe" < [x] -> ZASTAVENO

¤¤¤ ¤¤¤ Záznamy Registrů: : 10 ¤¤¤
[RUN][ZeroAccess] HKCU\[...]\Run : Google Update ("C:\Users\Michal\AppData\Local\Google\Desktop\Install\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\?��?��?��\?��?��?��\???ﯹ๛\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\GoogleUpdate.exe" >) -> VYMAZÁNO
[RUN][ZeroAccess] HKUS\S-1-5-21-1613122033-87775165-548447065-1001\[...]\Run : Google Update ("C:\Users\Michal\AppData\Local\Google\Desktop\Install\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\?��?��?��\?��?��?��\???ﯹ๛\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\GoogleUpdate.exe" >) -> [0xc0000034] Unknown error
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NAHRAZENO (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[HID SVC][Skrytý od API] HKLM\[...]\CCSet\[...]\Services : . e () -> [0x3] Systém nemůže nalézt uvedenou cestu.
[HID SVC][Skrytý od API] HKLM\[...]\CS001\[...]\Services : . e () -> [0x3] Systém nemůže nalézt uvedenou cestu.
[HID SVC][Skrytý od API] HKLM\[...]\CS002\[...]\Services : . e () -> [0x3] Systém nemůže nalézt uvedenou cestu.

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤
[ZeroAccess][soubor] Desktop.ini : C:\Windows\assembly\GAC_32\Desktop.ini [-] --> VYMAZÁNO
[ZeroAccess][soubor] Desktop.ini : C:\Windows\assembly\GAC_64\Desktop.ini [-] --> VYMAZÁNO
[ZeroAccess][křižovatka] cs-CZ : C:\Program Files\Windows Defender\cs-CZ >> \systemroot\system32\config [-] --> křižovatka VYMAZÁNO
[ZeroAccess][křižovatka] MpAsDesc.dll : C:\Program Files\Windows Defender\MpAsDesc.dll >> \systemroot\system32\config [-] --> křižovatka VYMAZÁNO
[ZeroAccess][křižovatka] MpClient.dll : C:\Program Files\Windows Defender\MpClient.dll >> \systemroot\system32\config [-] --> křižovatka VYMAZÁNO
[ZeroAccess][křižovatka] MpCmdRun.exe : C:\Program Files\Windows Defender\MpCmdRun.exe >> \systemroot\system32\config [-] --> křižovatka VYMAZÁNO
[ZeroAccess][křižovatka] MpCommu.dll : C:\Program Files\Windows Defender\MpCommu.dll >> \systemroot\system32\config [-] --> křižovatka VYMAZÁNO
[ZeroAccess][křižovatka] MpEvMsg.dll : C:\Program Files\Windows Defender\MpEvMsg.dll >> \systemroot\system32\config [-] --> křižovatka VYMAZÁNO
[ZeroAccess][křižovatka] MpOAV.dll : C:\Program Files\Windows Defender\MpOAV.dll >> \systemroot\system32\config [-] --> křižovatka VYMAZÁNO
[ZeroAccess][křižovatka] MpRTP.dll : C:\Program Files\Windows Defender\MpRTP.dll >> \systemroot\system32\config [-] --> křižovatka VYMAZÁNO
[ZeroAccess][křižovatka] MpSvc.dll : C:\Program Files\Windows Defender\MpSvc.dll >> \systemroot\system32\config [-] --> křižovatka VYMAZÁNO
[ZeroAccess][křižovatka] MSASCui.exe : C:\Program Files\Windows Defender\MSASCui.exe >> \systemroot\system32\config [-] --> křižovatka VYMAZÁNO
[ZeroAccess][křižovatka] MsMpCom.dll : C:\Program Files\Windows Defender\MsMpCom.dll >> \systemroot\system32\config [-] --> křižovatka VYMAZÁNO
[ZeroAccess][křižovatka] MsMpLics.dll : C:\Program Files\Windows Defender\MsMpLics.dll >> \systemroot\system32\config [-] --> křižovatka VYMAZÁNO
[ZeroAccess][křižovatka] MsMpRes.dll : C:\Program Files\Windows Defender\MsMpRes.dll >> \systemroot\system32\config [-] --> křižovatka VYMAZÁNO
[ZeroAccess][desky] Install : C:\Users\Michal\AppData\Local\Google\Desktop\Install [-] --> VYMAZÁNO
[ZeroAccess][soubor] @ : C:\Users\Michal\AppData\Local\Google\Desktop\Install\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\?��?��?��\?��?��?��\???ﯹ๛\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\@ [-] --> VYMAZÁNO
[ZeroAccess][soubor] 76603ac3 : C:\Users\Michal\AppData\Local\Google\Desktop\Install\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\?��?��?��\?��?��?��\???ﯹ๛\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\L\76603ac3 [-] --> VYMAZÁNO
[ZeroAccess][desky] L : C:\Users\Michal\AppData\Local\Google\Desktop\Install\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\?��?��?��\?��?��?��\???ﯹ๛\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\L [-] --> VYMAZÁNO
[ZeroAccess][soubor] 00000008.@ : C:\Users\Michal\AppData\Local\Google\Desktop\Install\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\?��?��?��\?��?��?��\???ﯹ๛\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\U\00000008.@ [-] --> VYMAZÁNO
[ZeroAccess][soubor] 80000000.@ : C:\Users\Michal\AppData\Local\Google\Desktop\Install\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\?��?��?��\?��?��?��\???ﯹ๛\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\U\80000000.@ [-] --> VYMAZÁNO
[ZeroAccess][soubor] 80000064.@ : C:\Users\Michal\AppData\Local\Google\Desktop\Install\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\?��?��?��\?��?��?��\???ﯹ๛\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\U\80000064.@ [-] --> VYMAZÁNO
[ZeroAccess][desky] U : C:\Users\Michal\AppData\Local\Google\Desktop\Install\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\?��?��?��\?��?��?��\???ﯹ๛\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\U [-] --> VYMAZÁNO
[ZeroAccess][desky] {e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a} : C:\Users\Michal\AppData\Local\Google\Desktop\Install\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\?��?��?��\?��?��?��\???ﯹ๛\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a} [-] --> VYMAZÁNO
[ZeroAccess][desky] ???ﯹ๛ : C:\Users\Michal\AppData\Local\Google\Desktop\Install\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\?��?��?��\?��?��?��\???ﯹ๛ [-] --> VYMAZÁNO
[ZeroAccess][desky] ?��?��?�� : C:\Users\Michal\AppData\Local\Google\Desktop\Install\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\?��?��?��\?��?��?�� [-] --> VYMAZÁNO
[ZeroAccess][desky] ?��?��?�� : C:\Users\Michal\AppData\Local\Google\Desktop\Install\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\?��?��?�� [-] --> VYMAZÁNO
[ZeroAccess][desky] {e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a} : C:\Users\Michal\AppData\Local\Google\Desktop\Install\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a} [-] --> VYMAZÁNO

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ZeroAccess ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD10EALS-00Z8A0 ATA Device +++++
--- User ---
[MBR] 69a3939fc6be691e01183f46eebfeaa4
[BSP] fe34f71e21a74af7159a54c89c0f14f6 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 153867 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 315121664 | Size: 799999 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_09172013_110450.txt >>
RKreport[0]_S_09172013_110428.txt

[Vitaaa]

11:06:30.0539 1592 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
11:06:30.0695 1592 ============================================================
11:06:30.0695 1592 Current date / time: 2013/09/17 11:06:30.0695
11:06:30.0695 1592 SystemInfo:
11:06:30.0695 1592
11:06:30.0695 1592 OS Version: 6.1.7601 ServicePack: 1.0
11:06:30.0695 1592 Product type: Workstation
11:06:30.0695 1592 ComputerName: MICHAL-PC
11:06:30.0695 1592 UserName: Michal
11:06:30.0695 1592 Windows directory: C:\Windows
11:06:30.0695 1592 System windows directory: C:\Windows
11:06:30.0695 1592 Running under WOW64
11:06:30.0695 1592 Processor architecture: Intel x64
11:06:30.0695 1592 Number of processors: 4
11:06:30.0695 1592 Page size: 0x1000
11:06:30.0695 1592 Boot type: Normal boot
11:06:30.0695 1592 ============================================================
11:06:31.0490 1592 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:06:31.0506 1592 ============================================================
11:06:31.0506 1592 \Device\Harddisk0\DR0:
11:06:31.0506 1592 MBR partitions:
11:06:31.0506 1592 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x12C85800
11:06:31.0506 1592 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x12C86000, BlocksNum 0x61A7F800
11:06:31.0506 1592 ============================================================
11:06:31.0506 1592 C: <-> \Device\Harddisk0\DR0\Partition1
11:06:31.0553 1592 D: <-> \Device\Harddisk0\DR0\Partition2
11:06:31.0553 1592 ============================================================
11:06:31.0553 1592 Initialize success
11:06:31.0553 1592 ============================================================
11:06:35.0344 0864 ============================================================
11:06:35.0344 0864 Scan started
11:06:35.0344 0864 Mode: Manual;
11:06:35.0344 0864 ============================================================
11:06:36.0170 0864 ================ Scan system memory ========================
11:06:36.0170 0864 System memory - ok
11:06:36.0170 0864 ================ Scan services =============================
11:06:36.0295 0864 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
11:06:36.0295 0864 1394ohci - ok
11:06:36.0358 0864 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:06:36.0358 0864 ACPI - ok
11:06:36.0358 0864 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:06:36.0358 0864 AcpiPmi - ok
11:06:36.0451 0864 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:06:36.0451 0864 AdobeARMservice - ok
11:06:36.0529 0864 [ 7BBAF543CABE8A8D275BC7F6C66C1959 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:06:36.0529 0864 AdobeFlashPlayerUpdateSvc - ok
11:06:36.0560 0864 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
11:06:36.0560 0864 adp94xx - ok
11:06:36.0560 0864 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
11:06:36.0560 0864 adpahci - ok
11:06:36.0576 0864 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
11:06:36.0576 0864 adpu320 - ok
11:06:36.0592 0864 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:06:36.0592 0864 AeLookupSvc - ok
11:06:36.0623 0864 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
11:06:36.0623 0864 AFD - ok
11:06:36.0638 0864 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:06:36.0638 0864 agp440 - ok
11:06:36.0638 0864 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
11:06:36.0654 0864 ALG - ok
11:06:36.0670 0864 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
11:06:36.0670 0864 aliide - ok
11:06:36.0685 0864 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
11:06:36.0685 0864 amdide - ok
11:06:36.0716 0864 [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
11:06:36.0716 0864 amdiox64 - ok
11:06:36.0732 0864 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
11:06:36.0732 0864 AmdK8 - ok
11:06:36.0748 0864 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
11:06:36.0748 0864 AmdPPM - ok
11:06:36.0763 0864 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:06:36.0763 0864 amdsata - ok
11:06:36.0779 0864 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
11:06:36.0779 0864 amdsbs - ok
11:06:36.0779 0864 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:06:36.0779 0864 amdxata - ok
11:06:36.0794 0864 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
11:06:36.0794 0864 AppID - ok
11:06:36.0810 0864 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:06:36.0810 0864 AppIDSvc - ok
11:06:36.0826 0864 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
11:06:36.0826 0864 Appinfo - ok
11:06:36.0888 0864 [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:06:36.0904 0864 Apple Mobile Device - ok
11:06:36.0935 0864 [ 301AA64F9643BC453D90A66C4C0E7204 ] AppleCharger C:\Windows\system32\DRIVERS\AppleCharger.sys
11:06:36.0935 0864 AppleCharger - ok
11:06:36.0935 0864 [ 95EF7247C50C7241FDAE39A9B3AFF4AE ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
11:06:36.0935 0864 AppleChargerSrv - ok
11:06:36.0997 0864 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
11:06:36.0997 0864 AppMgmt - ok
11:06:36.0997 0864 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
11:06:36.0997 0864 arc - ok
11:06:37.0013 0864 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
11:06:37.0013 0864 arcsas - ok
11:06:37.0028 0864 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
11:06:37.0028 0864 aswFsBlk - ok
11:06:37.0044 0864 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
11:06:37.0044 0864 aswMonFlt - ok
11:06:37.0091 0864 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
11:06:37.0091 0864 aswRdr - ok
11:06:37.0106 0864 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
11:06:37.0106 0864 aswSnx - ok
11:06:37.0153 0864 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
11:06:37.0153 0864 aswSP - ok
11:06:37.0169 0864 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
11:06:37.0169 0864 aswTdi - ok
11:06:37.0169 0864 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:06:37.0169 0864 AsyncMac - ok
11:06:37.0184 0864 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
11:06:37.0184 0864 atapi - ok
11:06:37.0216 0864 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:06:37.0216 0864 AudioEndpointBuilder - ok
11:06:37.0231 0864 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:06:37.0231 0864 AudioSrv - ok
11:06:37.0262 0864 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
11:06:37.0262 0864 avast! Antivirus - ok
11:06:37.0294 0864 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:06:37.0294 0864 AxInstSV - ok
11:06:37.0294 0864 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
11:06:37.0294 0864 b06bdrv - ok
11:06:37.0309 0864 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
11:06:37.0309 0864 b57nd60a - ok
11:06:37.0325 0864 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
11:06:37.0325 0864 BDESVC - ok
11:06:37.0340 0864 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
11:06:37.0340 0864 Beep - ok
11:06:37.0387 0864 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
11:06:37.0387 0864 BFE - ok
11:06:37.0387 0864 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:06:37.0387 0864 blbdrive - ok
11:06:37.0418 0864 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:06:37.0418 0864 Bonjour Service - ok
11:06:37.0434 0864 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:06:37.0434 0864 bowser - ok
11:06:37.0434 0864 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:06:37.0434 0864 BrFiltLo - ok
11:06:37.0450 0864 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:06:37.0450 0864 BrFiltUp - ok
11:06:37.0465 0864 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
11:06:37.0465 0864 Browser - ok
11:06:37.0481 0864 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:06:37.0481 0864 Brserid - ok
11:06:37.0481 0864 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:06:37.0481 0864 BrSerWdm - ok
11:06:37.0512 0864 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:06:37.0512 0864 BrUsbMdm - ok
11:06:37.0512 0864 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:06:37.0512 0864 BrUsbSer - ok
11:06:37.0512 0864 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
11:06:37.0512 0864 BTHMODEM - ok
11:06:37.0528 0864 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
11:06:37.0528 0864 bthserv - ok
11:06:37.0528 0864 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:06:37.0528 0864 cdfs - ok
11:06:37.0574 0864 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:06:37.0574 0864 cdrom - ok
11:06:37.0621 0864 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
11:06:37.0621 0864 CertPropSvc - ok
11:06:37.0621 0864 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
11:06:37.0621 0864 circlass - ok
11:06:37.0637 0864 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
11:06:37.0637 0864 CLFS - ok
11:06:37.0808 0864 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:06:37.0808 0864 clr_optimization_v2.0.50727_32 - ok
11:06:37.0840 0864 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:06:37.0840 0864 clr_optimization_v2.0.50727_64 - ok
11:06:37.0902 0864 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:06:37.0918 0864 clr_optimization_v4.0.30319_32 - ok
11:06:37.0949 0864 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:06:37.0949 0864 clr_optimization_v4.0.30319_64 - ok
11:06:37.0949 0864 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:06:37.0949 0864 CmBatt - ok
11:06:37.0964 0864 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:06:37.0964 0864 cmdide - ok
11:06:37.0980 0864 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
11:06:37.0980 0864 CNG - ok
11:06:37.0980 0864 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
11:06:37.0980 0864 Compbatt - ok
11:06:37.0996 0864 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
11:06:37.0996 0864 CompositeBus - ok
11:06:37.0996 0864 COMSysApp - ok
11:06:38.0027 0864 [ 17719A7F571D4CD08223F0B30F71B8B8 ] cpuz134 C:\Windows\system32\drivers\cpuz134_x64.sys
11:06:38.0027 0864 cpuz134 - ok
11:06:38.0058 0864 [ 76355D5EAFDFA3E9B7580B9153DE1F30 ] cpuz135 C:\Windows\system32\drivers\cpuz135_x64.sys
11:06:38.0058 0864 cpuz135 - ok
11:06:38.0074 0864 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
11:06:38.0074 0864 crcdisk - ok
11:06:38.0089 0864 [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:06:38.0089 0864 CryptSvc - ok
11:06:38.0105 0864 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
11:06:38.0105 0864 CSC - ok
11:06:38.0120 0864 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
11:06:38.0120 0864 CscService - ok
11:06:38.0152 0864 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:06:38.0167 0864 DcomLaunch - ok
11:06:38.0183 0864 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
11:06:38.0183 0864 defragsvc - ok
11:06:38.0198 0864 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:06:38.0198 0864 DfsC - ok
11:06:38.0198 0864 dgderdrv - ok
11:06:38.0230 0864 [ 421D371E96480DD3A14EA37D0D2757D1 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
11:06:38.0230 0864 dg_ssudbus - ok
11:06:38.0245 0864 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
11:06:38.0245 0864 Dhcp - ok
11:06:38.0245 0864 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
11:06:38.0245 0864 discache - ok
11:06:38.0245 0864 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
11:06:38.0245 0864 Disk - ok
11:06:38.0276 0864 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:06:38.0276 0864 Dnscache - ok
11:06:38.0292 0864 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
11:06:38.0292 0864 dot3svc - ok
11:06:38.0323 0864 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
11:06:38.0323 0864 Dot4 - ok
11:06:38.0323 0864 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
11:06:38.0323 0864 Dot4Print - ok
11:06:38.0339 0864 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
11:06:38.0339 0864 dot4usb - ok
11:06:38.0354 0864 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
11:06:38.0370 0864 DPS - ok
11:06:38.0386 0864 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:06:38.0386 0864 drmkaud - ok
11:06:38.0401 0864 [ 821BF177A24172F5F0EE9B322F58516C ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
11:06:38.0401 0864 dtsoftbus01 - ok
11:06:38.0432 0864 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:06:38.0448 0864 DXGKrnl - ok
11:06:38.0448 0864 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
11:06:38.0448 0864 EapHost - ok
11:06:38.0495 0864 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
11:06:38.0510 0864 ebdrv - ok
11:06:38.0542 0864 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
11:06:38.0542 0864 EFS - ok
11:06:38.0588 0864 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:06:38.0588 0864 ehRecvr - ok
11:06:38.0620 0864 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
11:06:38.0620 0864 ehSched - ok
11:06:38.0635 0864 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
11:06:38.0635 0864 elxstor - ok
11:06:38.0651 0864 [ 12C061D9F9621BE916D58191872EC281 ] ENTECH64 C:\Windows\system32\DRIVERS\ENTECH64.sys
11:06:38.0651 0864 ENTECH64 - ok
11:06:38.0666 0864 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:06:38.0666 0864 ErrDev - ok
11:06:38.0698 0864 [ 84486624268E078255BC7AA47F0960BC ] etdrv C:\Windows\etdrv.sys
11:06:38.0698 0864 etdrv - ok
11:06:38.0713 0864 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
11:06:38.0713 0864 EventSystem - ok
11:06:38.0713 0864 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
11:06:38.0713 0864 exfat - ok
11:06:38.0729 0864 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:06:38.0729 0864 fastfat - ok
11:06:38.0744 0864 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
11:06:38.0760 0864 Fax - ok
11:06:38.0760 0864 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:06:38.0760 0864 fdc - ok
11:06:38.0776 0864 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
11:06:38.0776 0864 fdPHost - ok
11:06:38.0776 0864 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
11:06:38.0776 0864 FDResPub - ok
11:06:38.0791 0864 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:06:38.0791 0864 FileInfo - ok
11:06:38.0791 0864 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:06:38.0791 0864 Filetrace - ok
11:06:38.0791 0864 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:06:38.0791 0864 flpydisk - ok
11:06:38.0807 0864 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:06:38.0807 0864 FltMgr - ok
11:06:38.0854 0864 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
11:06:38.0869 0864 FontCache - ok
11:06:38.0900 0864 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:06:38.0900 0864 FontCache3.0.0.0 - ok
11:06:38.0916 0864 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:06:38.0916 0864 FsDepends - ok
11:06:38.0978 0864 [ DDEE99DC54EFA20BD5A442CD733C4462 ] FsUsbExDisk C:\Windows\SysWOW64\FsUsbExDisk.SYS
11:06:38.0978 0864 FsUsbExDisk - ok
11:06:38.0994 0864 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:06:38.0994 0864 Fs_Rec - ok
11:06:39.0010 0864 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:06:39.0010 0864 fvevol - ok
11:06:39.0025 0864 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
11:06:39.0025 0864 gagp30kx - ok
11:06:39.0041 0864 [ 7907E14F9BCF3A4689C9A74A1A873CB6 ] gdrv C:\Windows\gdrv.sys
11:06:39.0041 0864 gdrv - ok
11:06:39.0072 0864 [ 294E57711DE7DBF1555E105F22708E9F ] GeniusMouseService C:\Genius\ioCentre\GMouseService.exe
11:06:39.0072 0864 GeniusMouseService - ok
11:06:39.0088 0864 [ 3DDE7C6713D699BFD78227DE882CE438 ] gHidPnp C:\Windows\system32\Drivers\gHidPnp.Sys
11:06:39.0088 0864 gHidPnp - ok
11:06:39.0103 0864 [ 86B350ECE3101D33680537A571FE3A83 ] gMouUsb C:\Windows\system32\DRIVERS\gMouUsb.sys
11:06:39.0103 0864 gMouUsb - ok
11:06:39.0134 0864 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
11:06:39.0134 0864 gpsvc - ok
11:06:39.0197 0864 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:06:39.0197 0864 gupdate - ok
11:06:39.0197 0864 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:06:39.0197 0864 gupdatem - ok
11:06:39.0212 0864 [ 8126331FBD4ED29EB3B356F9C905064D ] GVTDrv64 C:\Windows\GVTDrv64.sys
11:06:39.0212 0864 GVTDrv64 - ok
11:06:39.0228 0864 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:06:39.0228 0864 hcw85cir - ok
11:06:39.0244 0864 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:06:39.0244 0864 HdAudAddService - ok
11:06:39.0259 0864 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
11:06:39.0259 0864 HDAudBus - ok
11:06:39.0259 0864 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
11:06:39.0259 0864 HidBatt - ok
11:06:39.0259 0864 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
11:06:39.0259 0864 HidBth - ok
11:06:39.0259 0864 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
11:06:39.0259 0864 HidIr - ok
11:06:39.0275 0864 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
11:06:39.0275 0864 hidserv - ok
11:06:39.0290 0864 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:06:39.0290 0864 HidUsb - ok
11:06:39.0306 0864 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:06:39.0306 0864 hkmsvc - ok
11:06:39.0337 0864 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:06:39.0337 0864 HomeGroupListener - ok
11:06:39.0353 0864 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:06:39.0353 0864 HomeGroupProvider - ok
11:06:39.0384 0864 [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
11:06:39.0384 0864 hpqcxs08 - ok
11:06:39.0400 0864 [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
11:06:39.0400 0864 hpqddsvc - ok
11:06:39.0415 0864 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:06:39.0415 0864 HpSAMD - ok
11:06:39.0431 0864 [ D4F91CF4DE215D6F14A06087D46725E4 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
11:06:39.0446 0864 HPSLPSVC - ok
11:06:39.0462 0864 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:06:39.0478 0864 HTTP - ok
11:06:39.0493 0864 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:06:39.0493 0864 hwpolicy - ok
11:06:39.0509 0864 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
11:06:39.0509 0864 i8042prt - ok
11:06:39.0524 0864 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:06:39.0524 0864 iaStorV - ok
11:06:39.0649 0864 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
11:06:39.0696 0864 IDriverT - ok
11:06:39.0743 0864 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:06:39.0743 0864 idsvc - ok
11:06:39.0743 0864 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
11:06:39.0743 0864 iirsp - ok
11:06:39.0774 0864 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
11:06:39.0774 0864 IKEEXT - ok
11:06:39.0821 0864 [ 0ADF714079AE174A39D69036143E4C50 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:06:39.0821 0864 IntcAzAudAddService - ok
11:06:39.0852 0864 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
11:06:39.0852 0864 intelide - ok
11:06:39.0852 0864 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:06:39.0852 0864 intelppm - ok
11:06:39.0852 0864 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:06:39.0852 0864 IPBusEnum - ok
11:06:39.0868 0864 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:06:39.0868 0864 IpFilterDriver - ok
11:06:39.0883 0864 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:06:39.0883 0864 IPMIDRV - ok
11:06:39.0883 0864 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:06:39.0883 0864 IPNAT - ok
11:06:39.0883 0864 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:06:39.0883 0864 IRENUM - ok
11:06:39.0899 0864 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:06:39.0899 0864 isapnp - ok
11:06:39.0914 0864 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:06:39.0914 0864 iScsiPrt - ok
11:06:39.0930 0864 [ F3A41EC4C6506E76E07A219B3A1DF8D2 ] JMB36X C:\Windows\SysWOW64\XSrvSetup.exe
11:06:39.0930 0864 JMB36X - ok
11:06:39.0946 0864 [ 1C368C1A2733DCC5B8E15420AA2B0F6D ] JRAID C:\Windows\system32\DRIVERS\jraid.sys
11:06:39.0946 0864 JRAID - ok
11:06:39.0946 0864 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:06:39.0946 0864 kbdclass - ok
11:06:39.0961 0864 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:06:39.0961 0864 kbdhid - ok
11:06:39.0977 0864 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
11:06:39.0977 0864 KeyIso - ok
11:06:39.0992 0864 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:06:39.0992 0864 KSecDD - ok
11:06:40.0008 0864 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:06:40.0008 0864 KSecPkg - ok
11:06:40.0024 0864 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:06:40.0024 0864 ksthunk - ok
11:06:40.0039 0864 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
11:06:40.0055 0864 KtmRm - ok
11:06:40.0070 0864 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
11:06:40.0070 0864 LanmanServer - ok
11:06:40.0086 0864 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:06:40.0086 0864 LanmanWorkstation - ok
11:06:40.0117 0864 [ 4ADC135F525D38A498F83B089228CC2D ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
11:06:40.0133 0864 LBTServ - ok
11:06:40.0148 0864 [ 24E09882BA51B9830AE029888A3AAF18 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
11:06:40.0148 0864 LHidFilt - ok
11:06:40.0148 0864 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:06:40.0148 0864 lltdio - ok
11:06:40.0164 0864 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:06:40.0180 0864 lltdsvc - ok
11:06:40.0180 0864 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:06:40.0180 0864 lmhosts - ok
11:06:40.0195 0864 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
11:06:40.0195 0864 LSI_FC - ok
11:06:40.0211 0864 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
11:06:40.0211 0864 LSI_SAS - ok
11:06:40.0211 0864 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:06:40.0211 0864 LSI_SAS2 - ok
11:06:40.0211 0864 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:06:40.0211 0864 LSI_SCSI - ok
11:06:40.0226 0864 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
11:06:40.0226 0864 luafv - ok
11:06:40.0226 0864 [ B8BE35421B9E8DC1AB4B0CB7B9B0328B ] LUsbFilt C:\Windows\system32\Drivers\LUsbFilt.Sys
11:06:40.0226 0864 LUsbFilt - ok
11:06:40.0242 0864 [ 830708A5CC0A19196C1DC205BED5A3A8 ] massfilter C:\Windows\system32\drivers\massfilter.sys
11:06:40.0242 0864 massfilter - ok
11:06:40.0273 0864 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
11:06:40.0273 0864 MBAMProtector - ok
11:06:40.0320 0864 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
11:06:40.0320 0864 MBAMScheduler - ok
11:06:40.0336 0864 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
11:06:40.0336 0864 MBAMService - ok
11:06:40.0367 0864 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:06:40.0367 0864 Mcx2Svc - ok
11:06:40.0367 0864 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
11:06:40.0367 0864 megasas - ok
11:06:40.0367 0864 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
11:06:40.0367 0864 MegaSR - ok
11:06:40.0382 0864 Microsoft SharePoint Workspace Audit Service - ok
11:06:40.0398 0864 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
11:06:40.0398 0864 MMCSS - ok
11:06:40.0398 0864 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
11:06:40.0398 0864 Modem - ok
11:06:40.0414 0864 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:06:40.0414 0864 monitor - ok
11:06:40.0414 0864 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:06:40.0414 0864 mouclass - ok
11:06:40.0429 0864 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:06:40.0429 0864 mouhid - ok
11:06:40.0445 0864 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:06:40.0445 0864 mountmgr - ok
11:06:40.0492 0864 [ A35576A433F4AEB0D48976A004657CB6 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:06:40.0492 0864 MozillaMaintenance - ok
11:06:40.0507 0864 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
11:06:40.0507 0864 mpio - ok
11:06:40.0523 0864 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:06:40.0523 0864 mpsdrv - ok
11:06:40.0554 0864 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:06:40.0570 0864 MpsSvc - ok
11:06:40.0585 0864 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:06:40.0585 0864 MRxDAV - ok
11:06:40.0601 0864 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:06:40.0601 0864 mrxsmb - ok
11:06:40.0616 0864 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:06:40.0616 0864 mrxsmb10 - ok
11:06:40.0632 0864 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:06:40.0632 0864 mrxsmb20 - ok
11:06:40.0648 0864 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
11:06:40.0648 0864 msahci - ok
11:06:40.0663 0864 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:06:40.0663 0864 msdsm - ok
11:06:40.0679 0864 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
11:06:40.0679 0864 MSDTC - ok
11:06:40.0679 0864 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:06:40.0679 0864 Msfs - ok
11:06:40.0694 0864 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:06:40.0694 0864 mshidkmdf - ok
11:06:40.0694 0864 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:06:40.0694 0864 msisadrv - ok
11:06:40.0726 0864 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:06:40.0726 0864 MSiSCSI - ok
11:06:40.0726 0864 msiserver - ok
11:06:40.0741 0864 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:06:40.0741 0864 MSKSSRV - ok
11:06:40.0757 0864 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:06:40.0757 0864 MSPCLOCK - ok
11:06:40.0757 0864 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:06:40.0757 0864 MSPQM - ok
11:06:40.0788 0864 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:06:40.0788 0864 MsRPC - ok
11:06:40.0804 0864 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
11:06:40.0804 0864 mssmbios - ok
11:06:40.0804 0864 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:06:40.0804 0864 MSTEE - ok
11:06:40.0804 0864 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
11:06:40.0804 0864 MTConfig - ok
11:06:40.0819 0864 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
11:06:40.0819 0864 Mup - ok
11:06:40.0835 0864 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
11:06:40.0835 0864 napagent - ok
11:06:40.0850 0864 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:06:40.0850 0864 NativeWifiP - ok
11:06:40.0882 0864 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:06:40.0882 0864 NDIS - ok
11:06:40.0882 0864 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:06:40.0882 0864 NdisCap - ok
11:06:40.0897 0864 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:06:40.0897 0864 NdisTapi - ok
11:06:40.0913 0864 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:06:40.0913 0864 Ndisuio - ok
11:06:40.0913 0864 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:06:40.0913 0864 NdisWan - ok
11:06:40.0928 0864 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:06:40.0928 0864 NDProxy - ok
11:06:40.0960 0864 [ DC6530A291D4BDF6DF399F1F128E7F8F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
11:06:40.0960 0864 Net Driver HPZ12 - ok
11:06:40.0975 0864 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:06:40.0975 0864 NetBIOS - ok
11:06:40.0975 0864 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:06:40.0975 0864 NetBT - ok

[Vitaaa]

11:06:40.0991 0864 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
11:06:40.0991 0864 Netlogon - ok
11:06:41.0006 0864 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
11:06:41.0006 0864 Netman - ok
11:06:41.0022 0864 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
11:06:41.0022 0864 netprofm - ok
11:06:41.0038 0864 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:06:41.0053 0864 NetTcpPortSharing - ok
11:06:41.0053 0864 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
11:06:41.0053 0864 nfrd960 - ok
11:06:41.0084 0864 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:06:41.0084 0864 NlaSvc - ok
11:06:41.0084 0864 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:06:41.0084 0864 Npfs - ok
11:06:41.0100 0864 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
11:06:41.0100 0864 nsi - ok
11:06:41.0100 0864 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:06:41.0100 0864 nsiproxy - ok
11:06:41.0147 0864 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:06:41.0147 0864 Ntfs - ok
11:06:41.0162 0864 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
11:06:41.0162 0864 Null - ok
11:06:41.0178 0864 [ 785298579B5F9B4032152DFBB992FDB6 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
11:06:41.0178 0864 nusb3hub - ok
11:06:41.0194 0864 [ DF2750481B4964814467C974F2B0EEF1 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
11:06:41.0194 0864 nusb3xhc - ok
11:06:41.0209 0864 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
11:06:41.0225 0864 NVHDA - ok
11:06:41.0365 0864 [ FCBA1C22727939E7CFF9EB08FE9692AB ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:06:41.0412 0864 nvlddmkm - ok
11:06:41.0443 0864 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:06:41.0443 0864 nvraid - ok
11:06:41.0459 0864 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:06:41.0459 0864 nvstor - ok
11:06:41.0506 0864 [ 10C232F6CFFD51D2332898AE7AE0FF23 ] NVSvc C:\Windows\system32\nvvsvc.exe
11:06:41.0506 0864 NVSvc - ok
11:06:41.0552 0864 [ FB660F80BDC4F13D594996976AFAECD9 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
11:06:41.0552 0864 nvUpdatusService - ok
11:06:41.0584 0864 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:06:41.0584 0864 nv_agp - ok
11:06:41.0599 0864 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:06:41.0599 0864 ohci1394 - ok
11:06:41.0630 0864 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:06:41.0630 0864 ose64 - ok
11:06:41.0708 0864 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:06:41.0771 0864 osppsvc - ok
11:06:41.0802 0864 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:06:41.0802 0864 p2pimsvc - ok
11:06:41.0818 0864 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
11:06:41.0818 0864 p2psvc - ok
11:06:41.0833 0864 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
11:06:41.0833 0864 Parport - ok
11:06:41.0849 0864 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:06:41.0849 0864 partmgr - ok
11:06:41.0864 0864 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
11:06:41.0864 0864 pci - ok
11:06:41.0880 0864 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
11:06:41.0880 0864 pciide - ok
11:06:41.0896 0864 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
11:06:41.0896 0864 pcmcia - ok
11:06:41.0896 0864 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
11:06:41.0896 0864 pcw - ok
11:06:41.0911 0864 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:06:41.0911 0864 PEAUTH - ok
11:06:41.0942 0864 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
11:06:41.0942 0864 PeerDistSvc - ok
11:06:41.0958 0864 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:06:41.0958 0864 PerfHost - ok
11:06:42.0005 0864 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
11:06:42.0005 0864 pla - ok
11:06:42.0020 0864 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:06:42.0036 0864 PlugPlay - ok
11:06:42.0052 0864 [ 71F62C51DFDFBC04C83C5C64B2B8058E ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
11:06:42.0052 0864 Pml Driver HPZ12 - ok
11:06:42.0067 0864 PnkBstrA - ok
11:06:42.0067 0864 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:06:42.0067 0864 PNRPAutoReg - ok
11:06:42.0098 0864 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:06:42.0098 0864 PNRPsvc - ok
11:06:42.0114 0864 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
11:06:42.0114 0864 Power - ok
11:06:42.0130 0864 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:06:42.0130 0864 PptpMiniport - ok
11:06:42.0130 0864 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
11:06:42.0130 0864 Processor - ok
11:06:42.0145 0864 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
11:06:42.0145 0864 ProfSvc - ok
11:06:42.0145 0864 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:06:42.0145 0864 ProtectedStorage - ok
11:06:42.0176 0864 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:06:42.0176 0864 Psched - ok
11:06:42.0192 0864 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
11:06:42.0208 0864 ql2300 - ok
11:06:42.0208 0864 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
11:06:42.0208 0864 ql40xx - ok
11:06:42.0223 0864 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
11:06:42.0223 0864 QWAVE - ok
11:06:42.0239 0864 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:06:42.0239 0864 QWAVEdrv - ok
11:06:42.0239 0864 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:06:42.0239 0864 RasAcd - ok
11:06:42.0239 0864 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:06:42.0239 0864 RasAgileVpn - ok
11:06:42.0254 0864 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
11:06:42.0254 0864 RasAuto - ok
11:06:42.0254 0864 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:06:42.0254 0864 Rasl2tp - ok
11:06:42.0270 0864 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
11:06:42.0286 0864 RasMan - ok
11:06:42.0286 0864 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:06:42.0286 0864 RasPppoe - ok
11:06:42.0286 0864 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:06:42.0286 0864 RasSstp - ok
11:06:42.0301 0864 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:06:42.0301 0864 rdbss - ok
11:06:42.0301 0864 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
11:06:42.0301 0864 rdpbus - ok
11:06:42.0317 0864 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:06:42.0317 0864 RDPCDD - ok
11:06:42.0332 0864 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
11:06:42.0332 0864 RDPDR - ok
11:06:42.0348 0864 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:06:42.0348 0864 RDPENCDD - ok
11:06:42.0364 0864 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:06:42.0364 0864 RDPREFMP - ok
11:06:42.0410 0864 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:06:42.0410 0864 RdpVideoMiniport - ok
11:06:42.0442 0864 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:06:42.0442 0864 RDPWD - ok
11:06:42.0442 0864 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:06:42.0442 0864 rdyboost - ok
11:06:42.0457 0864 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:06:42.0457 0864 RemoteRegistry - ok
11:06:42.0473 0864 [ 9C3AC71A9934B884FAC567A8807E9C4D ] Revoflt C:\Windows\system32\DRIVERS\revoflt.sys
11:06:42.0473 0864 Revoflt - ok
11:06:42.0488 0864 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:06:42.0488 0864 RpcEptMapper - ok
11:06:42.0520 0864 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
11:06:42.0520 0864 RpcLocator - ok
11:06:42.0535 0864 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
11:06:42.0535 0864 RpcSs - ok
11:06:42.0551 0864 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:06:42.0551 0864 rspndr - ok
11:06:42.0582 0864 [ 4FBDA07EF0A3097CE14C5CABF723B278 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
11:06:42.0582 0864 RTL8167 - ok
11:06:42.0598 0864 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
11:06:42.0598 0864 s3cap - ok
11:06:42.0598 0864 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
11:06:42.0598 0864 SamSs - ok
11:06:42.0629 0864 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:06:42.0629 0864 sbp2port - ok
11:06:42.0629 0864 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:06:42.0644 0864 SCardSvr - ok
11:06:42.0660 0864 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:06:42.0660 0864 scfilter - ok
11:06:42.0691 0864 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
11:06:42.0707 0864 Schedule - ok
11:06:42.0707 0864 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
11:06:42.0707 0864 SCPolicySvc - ok
11:06:42.0722 0864 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:06:42.0722 0864 SDRSVC - ok
11:06:42.0738 0864 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:06:42.0738 0864 secdrv - ok
11:06:42.0754 0864 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
11:06:42.0754 0864 seclogon - ok
11:06:42.0769 0864 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
11:06:42.0769 0864 SENS - ok
11:06:42.0785 0864 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:06:42.0785 0864 SensrSvc - ok
11:06:42.0785 0864 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
11:06:42.0785 0864 Serenum - ok
11:06:42.0800 0864 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
11:06:42.0800 0864 Serial - ok
11:06:42.0816 0864 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
11:06:42.0816 0864 sermouse - ok
11:06:42.0832 0864 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
11:06:42.0832 0864 SessionEnv - ok
11:06:42.0847 0864 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
11:06:42.0847 0864 sffdisk - ok
11:06:42.0847 0864 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:06:42.0863 0864 sffp_mmc - ok
11:06:42.0863 0864 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
11:06:42.0863 0864 sffp_sd - ok
11:06:42.0878 0864 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
11:06:42.0878 0864 sfloppy - ok
11:06:42.0894 0864 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:06:42.0894 0864 ShellHWDetection - ok
11:06:42.0910 0864 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:06:42.0910 0864 SiSRaid2 - ok
11:06:42.0910 0864 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
11:06:42.0910 0864 SiSRaid4 - ok
11:06:42.0941 0864 [ C84A3DCE4D9D70A4D8FBFA4B7DD6FF0B ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
11:06:42.0941 0864 SkypeUpdate - ok
11:06:42.0956 0864 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:06:42.0956 0864 Smb - ok
11:06:42.0956 0864 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:06:42.0972 0864 SNMPTRAP - ok
11:06:42.0988 0864 [ 5F9785E7535F8F602CB294A54962C9E7 ] speedfan C:\Windows\syswow64\speedfan.sys
11:06:42.0988 0864 speedfan - ok
11:06:42.0988 0864 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
11:06:42.0988 0864 spldr - ok
11:06:43.0019 0864 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
11:06:43.0019 0864 Spooler - ok
11:06:43.0066 0864 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
11:06:43.0081 0864 sppsvc - ok
11:06:43.0097 0864 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:06:43.0097 0864 sppuinotify - ok
11:06:43.0128 0864 [ A6CFF1AF7664627A296B6A0A96CF876E ] sptd C:\Windows\System32\Drivers\sptd.sys
11:06:43.0128 0864 Suspicious file (NoAccess): C:\Windows\System32\Drivers\sptd.sys. md5: A6CFF1AF7664627A296B6A0A96CF876E
11:06:43.0128 0864 sptd ( LockedFile.Multi.Generic ) - warning
11:06:43.0128 0864 sptd - detected LockedFile.Multi.Generic (1)
11:06:43.0144 0864 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
11:06:43.0144 0864 srv - ok
11:06:43.0159 0864 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:06:43.0159 0864 srv2 - ok
11:06:43.0159 0864 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:06:43.0159 0864 srvnet - ok
11:06:43.0190 0864 [ FA03D4C16F2F7ACD43E6317767764E0C ] sscebus C:\Windows\system32\DRIVERS\sscebus.sys
11:06:43.0190 0864 sscebus - ok
11:06:43.0206 0864 [ 50C23ED603E5DF8A7CF1D56DDEF31A15 ] sscemdfl C:\Windows\system32\DRIVERS\sscemdfl.sys
11:06:43.0206 0864 sscemdfl - ok
11:06:43.0237 0864 [ 1F48814204F6B2C03687A1675772E899 ] sscemdm C:\Windows\system32\DRIVERS\sscemdm.sys
11:06:43.0237 0864 sscemdm - ok
11:06:43.0268 0864 [ EB5818115562D45A66E23C85C90E9442 ] ssceserd C:\Windows\system32\DRIVERS\ssceserd.sys
11:06:43.0268 0864 ssceserd - ok
11:06:43.0284 0864 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:06:43.0284 0864 SSDPSRV - ok
11:06:43.0300 0864 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:06:43.0300 0864 SstpSvc - ok
11:06:43.0331 0864 [ A97BFF59B3B983FDBDCD8AE6CF3C1E2D ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
11:06:43.0331 0864 ssudmdm - ok
11:06:43.0331 0864 StarOpen - ok
11:06:43.0378 0864 [ 5A19667A580B1CE886EAF968B9743F45 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
11:06:43.0378 0864 Stereo Service - ok
11:06:43.0378 0864 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
11:06:43.0378 0864 stexstor - ok
11:06:43.0409 0864 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
11:06:43.0409 0864 stisvc - ok
11:06:43.0424 0864 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
11:06:43.0424 0864 storflt - ok
11:06:43.0440 0864 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
11:06:43.0440 0864 StorSvc - ok
11:06:43.0456 0864 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
11:06:43.0456 0864 storvsc - ok
11:06:43.0471 0864 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
11:06:43.0471 0864 swenum - ok
11:06:43.0502 0864 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
11:06:43.0518 0864 SwitchBoard - ok
11:06:43.0518 0864 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
11:06:43.0534 0864 swprv - ok
11:06:43.0565 0864 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
11:06:43.0580 0864 SysMain - ok
11:06:43.0596 0864 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:06:43.0596 0864 TabletInputService - ok
11:06:43.0612 0864 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
11:06:43.0612 0864 TapiSrv - ok
11:06:43.0612 0864 TBPanel - ok
11:06:43.0643 0864 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
11:06:43.0643 0864 TBS - ok
11:06:43.0674 0864 [ DB74544B75566C974815E79A62433F29 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:06:43.0690 0864 Tcpip - ok
11:06:43.0721 0864 [ DB74544B75566C974815E79A62433F29 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:06:43.0736 0864 TCPIP6 - ok
11:06:43.0752 0864 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:06:43.0752 0864 tcpipreg - ok
11:06:43.0768 0864 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:06:43.0768 0864 TDPIPE - ok
11:06:43.0799 0864 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:06:43.0799 0864 TDTCP - ok
11:06:43.0814 0864 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:06:43.0814 0864 tdx - ok
11:06:43.0830 0864 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
11:06:43.0830 0864 TermDD - ok
11:06:43.0846 0864 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
11:06:43.0846 0864 TermService - ok
11:06:43.0877 0864 [ CE4B6956E4E12492715A53076E58761F ] TFsExDisk C:\Windows\System32\Drivers\TFsExDisk.sys
11:06:43.0877 0864 TFsExDisk - ok
11:06:43.0892 0864 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
11:06:43.0892 0864 Themes - ok
11:06:43.0908 0864 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
11:06:43.0908 0864 THREADORDER - ok
11:06:43.0908 0864 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
11:06:43.0924 0864 TrkWks - ok
11:06:43.0955 0864 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:06:43.0955 0864 TrustedInstaller - ok
11:06:43.0970 0864 [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:06:43.0970 0864 tssecsrv - ok
11:06:44.0002 0864 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:06:44.0002 0864 TsUsbFlt - ok
11:06:44.0033 0864 [ A25A3DE3974CF11ACC1707DBBB5F325C ] TuneUp.Defrag C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
11:06:44.0048 0864 TuneUp.Defrag - ok
11:06:44.0064 0864 [ 62E3CE3F49BE1E23A286AD78FCB05C6E ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
11:06:44.0064 0864 TuneUp.UtilitiesSvc - ok
11:06:44.0080 0864 [ DCC94C51D27C7EC0DADECA8F64C94FCF ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys
11:06:44.0080 0864 TuneUpUtilitiesDrv - ok
11:06:44.0111 0864 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:06:44.0111 0864 tunnel - ok
11:06:44.0111 0864 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
11:06:44.0111 0864 uagp35 - ok
11:06:44.0142 0864 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:06:44.0142 0864 udfs - ok
11:06:44.0158 0864 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:06:44.0158 0864 UI0Detect - ok
11:06:44.0173 0864 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:06:44.0173 0864 uliagpkx - ok
11:06:44.0204 0864 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
11:06:44.0204 0864 umbus - ok
11:06:44.0204 0864 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
11:06:44.0204 0864 UmPass - ok
11:06:44.0220 0864 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
11:06:44.0220 0864 UmRdpService - ok
11:06:44.0236 0864 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
11:06:44.0236 0864 upnphost - ok
11:06:44.0282 0864 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
11:06:44.0282 0864 USBAAPL64 - ok
11:06:44.0314 0864 [ C85B8247FADD432FA54FE11667C8D97D ] usbbus C:\Windows\system32\DRIVERS\lgx64bus.sys
11:06:44.0314 0864 usbbus - ok
11:06:44.0329 0864 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:06:44.0329 0864 usbccgp - ok
11:06:44.0345 0864 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:06:44.0345 0864 usbcir - ok
11:06:44.0360 0864 [ D8CDC12F5429878F23DDB3785A0FDF95 ] UsbDiag C:\Windows\system32\DRIVERS\lgx64diag.sys
11:06:44.0360 0864 UsbDiag - ok
11:06:44.0376 0864 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:06:44.0376 0864 usbehci - ok
11:06:44.0392 0864 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:06:44.0392 0864 usbhub - ok
11:06:44.0423 0864 [ 79FA7A22B0F6F0082F640CBC82A00FCE ] USBModem C:\Windows\system32\DRIVERS\lgx64modem.sys
11:06:44.0423 0864 USBModem - ok
11:06:44.0438 0864 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
11:06:44.0438 0864 usbohci - ok
11:06:44.0438 0864 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:06:44.0438 0864 usbprint - ok
11:06:44.0470 0864 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
11:06:44.0470 0864 usbscan - ok
11:06:44.0485 0864 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:06:44.0485 0864 USBSTOR - ok
11:06:44.0501 0864 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
11:06:44.0501 0864 usbuhci - ok
11:06:44.0516 0864 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
11:06:44.0516 0864 UxSms - ok
11:06:44.0532 0864 [ 4AB3FB5B25760008A1DA1A14EDE3F61D ] UxTuneUp C:\Windows\System32\uxtuneup.dll
11:06:44.0548 0864 UxTuneUp - ok
11:06:44.0548 0864 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
11:06:44.0548 0864 VaultSvc - ok
11:06:44.0563 0864 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:06:44.0563 0864 vdrvroot - ok
11:06:44.0563 0864 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
11:06:44.0579 0864 vds - ok
11:06:44.0579 0864 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:06:44.0579 0864 vga - ok
11:06:44.0594 0864 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
11:06:44.0594 0864 VgaSave - ok
11:06:44.0610 0864 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:06:44.0610 0864 vhdmp - ok
11:06:44.0626 0864 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
11:06:44.0626 0864 viaide - ok
11:06:44.0641 0864 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
11:06:44.0641 0864 vmbus - ok
11:06:44.0641 0864 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
11:06:44.0641 0864 VMBusHID - ok
11:06:44.0657 0864 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:06:44.0657 0864 volmgr - ok
11:06:44.0672 0864 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:06:44.0672 0864 volmgrx - ok
11:06:44.0688 0864 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:06:44.0688 0864 volsnap - ok
11:06:44.0704 0864 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
11:06:44.0704 0864 vsmraid - ok
11:06:44.0782 0864 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
11:06:44.0782 0864 VSS - ok
11:06:44.0797 0864 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
11:06:44.0797 0864 vwifibus - ok
11:06:44.0813 0864 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
11:06:44.0828 0864 W32Time - ok
11:06:44.0828 0864 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
11:06:44.0828 0864 WacomPen - ok
11:06:44.0860 0864 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:06:44.0860 0864 WANARP - ok
11:06:44.0875 0864 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:06:44.0875 0864 Wanarpv6 - ok
11:06:44.0922 0864 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
11:06:44.0922 0864 WatAdminSvc - ok
11:06:44.0953 0864 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
11:06:44.0969 0864 wbengine - ok
11:06:44.0984 0864 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:06:44.0984 0864 WbioSrvc - ok
11:06:45.0000 0864 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:06:45.0000 0864 wcncsvc - ok
11:06:45.0016 0864 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:06:45.0016 0864 WcsPlugInService - ok
11:06:45.0031 0864 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
11:06:45.0031 0864 Wd - ok
11:06:45.0047 0864 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:06:45.0062 0864 Wdf01000 - ok
11:06:45.0062 0864 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:06:45.0062 0864 WdiServiceHost - ok
11:06:45.0078 0864 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:06:45.0078 0864 WdiSystemHost - ok
11:06:45.0094 0864 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
11:06:45.0094 0864 WebClient - ok
11:06:45.0109 0864 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:06:45.0109 0864 Wecsvc - ok
11:06:45.0125 0864 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:06:45.0125 0864 wercplsupport - ok
11:06:45.0140 0864 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
11:06:45.0140 0864 WerSvc - ok
11:06:45.0140 0864 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:06:45.0140 0864 WfpLwf - ok
11:06:45.0156 0864 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:06:45.0156 0864 WIMMount - ok
11:06:45.0156 0864 WinHttpAutoProxySvc - ok
11:06:45.0187 0864 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:06:45.0187 0864 Winmgmt - ok
11:06:45.0234 0864 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
11:06:45.0250 0864 WinRM - ok
11:06:45.0265 0864 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
11:06:45.0265 0864 WinUsb - ok
11:06:45.0296 0864 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
11:06:45.0296 0864 Wlansvc - ok
11:06:45.0359 0864 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:06:45.0374 0864 wlidsvc - ok
11:06:45.0390 0864 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
11:06:45.0390 0864 WmiAcpi - ok
11:06:45.0406 0864 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:06:45.0406 0864 wmiApSrv - ok
11:06:45.0421 0864 WMPNetworkSvc - ok
11:06:45.0421 0864 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:06:45.0437 0864 WPCSvc - ok
11:06:45.0452 0864 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:06:45.0452 0864 WPDBusEnum - ok
11:06:45.0468 0864 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:06:45.0468 0864 ws2ifsl - ok
11:06:45.0468 0864 WSearch - ok
11:06:45.0484 0864 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:06:45.0484 0864 WudfPf - ok
11:06:45.0499 0864 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:06:45.0499 0864 WUDFRd - ok
11:06:45.0515 0864 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:06:45.0515 0864 wudfsvc - ok
11:06:45.0530 0864 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
11:06:45.0546 0864 WwanSvc - ok
11:06:45.0577 0864 [ D6959A4FC3B56AFD9E31B0E71377C05F ] ZTEusbmdm6k C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
11:06:45.0577 0864 ZTEusbmdm6k - ok
11:06:45.0593 0864 [ D6959A4FC3B56AFD9E31B0E71377C05F ] ZTEusbnmea C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
11:06:45.0593 0864 ZTEusbnmea - ok
11:06:45.0593 0864 [ D6959A4FC3B56AFD9E31B0E71377C05F ] ZTEusbser6k C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
11:06:45.0593 0864 ZTEusbser6k - ok
11:06:45.0640 0864 ‮etadpug - ok
11:06:45.0655 0864 ================ Scan global ===============================
11:06:45.0671 0864 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:06:45.0686 0864 [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
11:06:45.0702 0864 [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
11:06:45.0718 0864 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:06:45.0749 0864 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:06:45.0749 0864 [Global] - ok
11:06:45.0749 0864 ================ Scan MBR ==================================
11:06:45.0764 0864 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:06:45.0920 0864 \Device\Harddisk0\DR0 - ok
11:06:45.0920 0864 ================ Scan VBR ==================================
11:06:45.0920 0864 [ 29F63401BBE665511D16B1C1E787FCA5 ] \Device\Harddisk0\DR0\Partition1
11:06:45.0920 0864 \Device\Harddisk0\DR0\Partition1 - ok
11:06:45.0936 0864 [ 37E7A6DF9EDAB68CAE9A997CDC18E28B ] \Device\Harddisk0\DR0\Partition2
11:06:45.0936 0864 \Device\Harddisk0\DR0\Partition2 - ok
11:06:45.0936 0864 ============================================================
11:06:45.0936 0864 Scan finished
11:06:45.0936 0864 ============================================================
11:06:45.0952 3052 Detected object count: 1
11:06:45.0952 3052 Actual detected object count: 1
11:07:07.0994 3052 sptd ( LockedFile.Multi.Generic ) - skipped by user
11:07:07.0994 3052 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
11:07:16.0699 1384 Deinitialize success

[Vitaaa]

ComboFix 13-09-16.01 - Michal 17.09.2013 11:12:47.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.4093.2615 [GMT 2:00]
Spuštěný z: c:\users\Michal\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Google\Desktop\Install
c:\program files (x86)\Google\Desktop\Install\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\9519~1\A535~1\E628~1\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\@
c:\program files (x86)\Google\Desktop\Install\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\9519~1\A535~1\E628~1\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\L\00000004.@
c:\program files (x86)\Google\Desktop\Install\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\9519~1\A535~1\E628~1\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\L\76603ac3
c:\program files (x86)\Google\Desktop\Install\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\9519~1\A535~1\E628~1\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\U\00000008.@
c:\program files (x86)\Google\Desktop\Install\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\9519~1\A535~1\E628~1\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\U\80000000.@
c:\program files (x86)\Google\Desktop\Install\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\9519~1\A535~1\E628~1\{e97dc68e-f4e8-cacf-01a5-b5720c3b8e8a}\U\80000064.@
c:\windows\PFRO.log
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SysWow64\frapsvid.dll
c:\windows\SysWow64\System32\MASetupCleaner.exe
c:\windows\SysWow64\System32\muzapp.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Run
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-17 do 2013-09-17 )))))))))))))))))))))))))))))))
.
.
2013-09-17 09:17 . 2013-09-17 09:17 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-17 07:15 . 2013-09-17 07:15 -------- d-----w- c:\windows\ERUNT
2013-09-16 19:27 . 2013-09-16 21:03 -------- d-----w- C:\AdwCleaner
2013-09-16 19:19 . 2013-09-16 19:19 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-09-16 19:19 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-09-16 12:42 . 2013-09-16 12:42 388096 ----a-r- c:\users\Michal\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-09-16 12:42 . 2013-09-16 12:42 -------- d-----w- c:\program files (x86)\HiHackThis
2013-09-16 11:23 . 2013-09-16 11:23 -------- d-----w- c:\users\Michal\AppData\Roaming\Malwarebytes
2013-09-16 11:23 . 2013-09-16 11:23 -------- d-----w- c:\programdata\Malwarebytes
2013-09-11 16:08 . 2013-08-05 02:25 155584 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-09-05 14:04 . 2013-09-05 14:04 209272 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\nppdf32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-16 08:41 . 2012-04-02 19:28 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-16 08:41 . 2011-05-18 06:52 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-15 09:03 . 2011-02-05 19:31 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2013-09-11 20:32 . 2011-02-08 08:19 79143768 ----a-w- c:\windows\system32\MRT.exe
2013-08-02 01:48 . 2013-09-11 16:08 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-07-25 09:25 . 2013-08-14 06:57 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-25 08:57 . 2013-08-14 06:57 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-07-19 01:58 . 2013-08-14 06:57 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-19 01:41 . 2013-08-14 06:57 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-07-09 05:52 . 2013-08-14 06:57 224256 ----a-w- c:\windows\system32\wintrust.dll
2013-07-09 05:51 . 2013-08-14 06:57 1217024 ----a-w- c:\windows\system32\rpcrt4.dll
2013-07-09 05:46 . 2013-08-14 06:57 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-09 05:46 . 2013-08-14 06:57 1472512 ----a-w- c:\windows\system32\crypt32.dll
2013-07-09 05:46 . 2013-08-14 06:57 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-07-09 04:52 . 2013-08-14 06:56 663552 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-07-09 04:52 . 2013-08-14 06:57 175104 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-07-09 04:46 . 2013-08-14 06:57 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-07-09 04:46 . 2013-08-14 06:57 1166848 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-07-09 04:46 . 2013-08-14 06:57 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-07-06 06:03 . 2013-08-14 06:56 1910208 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-07-01 10:42 . 2013-07-01 10:42 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-01 10:42 . 2012-06-04 19:19 867240 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-07-01 10:42 . 2011-05-11 11:27 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-11-20 106496]
"ioCentre"="c:\genius\ioCentre\gTaskBar.exe" [2009-09-03 60928]
"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-10-30 4297136]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"3212083974"= 504b0304c239b7f8068374bfb511000000400000e269f63d73594f6202c9694280cc96a28bbd63516fe3c2d5f7a2ff87ac3a990c3ec3b2ed7b07716237a0dfb1dfb651f67e31cb2e7649f98d5e55e9b25b1a579794989b176c357bdcc11226bd6ecb7de8a63ea2165f6b31ead6b0a2a96a6e9d04b9b39f194ef52d48b088d4b6597f685a70ff6912914f86d8235681747da26cfd83223d3d248872c51095484634ebf976e4595f734bd35caf42b38dcf9e878af0be0a5e84b22940f721e8bbcdcbaa3e53607359252db16c0d6c38a142261bb4896d12a48c006cc3c21fdf717c155b2af0375d2545ee286c2aecb2955206ef25c82dc686f7eb83bb3072e94e1e59254b11a2e3628e1d98e177375b54e682a1c77f986e1907ffcb784accacb124189751d7ebbafc91d3a127f134a85e27f8c201d9082f621f5fffac09d2aab94a62f90bd74d6c96a8db6d42e4e98316449d202a4e24857673e2a50b7dfd9d5af72a21a19a922acc9675ba933a1c6ad4e0a11470fbb82eed7a79c5ca2dbb0bec5b2b43baa37373d3ef494726d7cf4a4aa8a3d6a5c206ced49148c0100bfa96b707be91b855151d8da8e0723dd1303325011b3951c9df7b10e9b153bced98376c4d7517f2e0e23a986914b2b0f978454441c47b5797d924ce9cd186d74d308099ee52f226e92de6b50e4a0691f75cfa9ce733494b8cafaeb4be4c65f6c9dffa34a3c2ed9d14f5844164be79b7a90495290350177b03aefa777ff519b624e3c75c219260ac447bba9a6db56f34b340a5f75837fab3c33831a3bc39c2914aeb87a39545bd7ed52450eb7e94d5380e2babce3f8ee6e3cdc9d4ed54d9889d9dbd0dc879caa2b121048a308a7f873252dad24ea8f8911ea0a3b202de930a9fc882cf1349ffe229016b2ebfd7821b8986d31deccbc296ba54fd6d864c915f1d77ac0734d96fe0ba43a669fab128026c7f90e9e1e0a7047f5a2378e4de0966eb6c217b3483194b2b21a3fa8a1cbef1d66a3fc8a5c863bcea6157981a11449bae3357f3287501cb9c24e0afb156f5ddfd6855cd8b7b43feabd9412c1c208b5de2330c469a59de5b490cc06bfd5a4900cb121eb967bc7185a9f00112a5b1e8d8028ca02b0f2b194af03cc1e172b70c9b88643e3c064b5406cf184ad9eba26736ef6feb30dac8ba400933a32a3c03230bd732fcbe16c4b3bdcc0b501616ce956d968b8da68b4a9a64238601e81e78095961580431361a4dd9fe963d3ceba5c21bba416c1cc9d94bb842c25b2fd12c8bf42c35948272965a3fecf6e9b92d32d7e84a402a0b6214a412a23427e4852ce607fd9f7ff8559bbb96a9ae577df0c19d108587d372470be0d3e27ed61feb442c2d65e55bac81c2786cf6b837eebc1b5af35634b29fd5d96347b5f9c747c8a9a83e7cb3c188d9042f08fbd4edeebd65de7c04b275b7fd74067a0ae3033752aa55a45a05355811416ea4a5101511e99305b700bd44742cbd6a9272b5cf4001505c4057866b57e4de5ef0ee9f88b41986a80119c962594972011fc0c39b4a74b74747f5116d896a0ebcbb4387685672899af54b80ae07008971ea1c997a898e33aab769e4e52fbbec97ebf199ce76454badbd4eab272f1d1caabb3b49b3aafc1e67d09ee8feb0580e414eb45f3f0c25fe88872312fec2341e7a6100b2e04ed25fce13a146098dce98446b2f3875ecb269a886795698619d337da612f19bf8d4fe3028e79a26548128d1595af0bf98ff320dc73d873f05ebd07c87cae28df067c00de3e53cc77e801e1304192ca7bf78ab28db40564328a108f9f0ddd8e1b0baeccf16bf1deb3cc5c4b5f5140f6b8a256e9128c203418aa3d93e3f08078977667dc02d830bb6869de92f29a65ac6d2689d0a5a90887a8643119dc9a68b5b00bd59d45da9d7ed5dae6ee6da6119243f77f51b263200f90abbb61cce9a951781ea2012a2c8d7200906439b08e7e76cf9c9536b2e6b560afd7cbaa5044791ee17ded45adfd9d359dac0a9f4ed15bf2cb2ea9b12b7cb11b597cf2e6e750a6c636fe2c4b144f6ff43ccffddae787be160b0a8b4282b35a6aeece165814e95ce7adbe416ef4e51860cb4f5d50af2a86aa4ee602a30aa54850e0cb4a38dc3a1c711b5d03b6a53ee102ac68e553d11e5fb3d0a8e0ef34266263ca4a3e0b76c55a92f75f921cd61a5363e5db7737874d57c653d63457260b67b1df330827b2921c29fda0045bbe7404e40985039f7db153f52b2c941a56e922dcfb60b89dbee327ed6f5c1e438270f766a6ed1730fc581a4aebcfe3b7726b27d6b092cf5a0b6954196cb4cc2788b8722338ee189d9e22692595f0d5b333b0f715cb8d94a08afb631dbb1be79a773e8f1a4eaf7220c24222dda431b91d9175dfa0c6ae81e8c4c879d64446cf56faefe1487ca6739a776aee42ef8be40a612f95cde3b1feeac1e1e41a24c92ed8b0152e247239e5a8bc903679ca8c7b94659ad5b1d10551f460d924fb60882fc90508c3723420f86f4cf100387e808133cc429883c0e3ace91651c075cd19d106e0b437b0363048ca1feaaf929b87aed90afde281edca0fa0cc7b5a7f03807fa5ac41b1ed73130eac1117c631c1818142f24d420f6776cb53d4d0326b9fc3008c3ca03fc649d87d37fa617b74f2865c75298bed54b7d8dc676e2210374d8bf194ae2feda62b4798933c764ccddf845330721fc21e68c0695ca73285103e22ae68da440326dfef9a80d17d0a7c3f920e7b0aa806ee9b7549ed9878b6cfb505ac69e8e8d3cfa718675764cfb03861d32afaae1d918be87f6a9ac0d815c57ad3e167d642f5fcddc25d4ba3ac3e67c26a4deaa17797b3c0654f271eaaa442a71cbe19372adcbde3df8b3fe491e5a76a79d1291a0de317ffbf927f42782fa48270f2c969563b183a4b0112f3497dd3c2a423ec83498bdbaac928910a9fb7fe5788e454c027a28f4a91af2bf09e261f85b0eee4f7929e63c4062496cb09534bb6d03ff69ed2915d0ea215b4fb3d1044e86eb87dfb4898bcbd50e5c4ddfbdb83b9410e1adf91446c43c959e0e341d67a5a7ef8712586de3b8b9c5b6f80f42f235bf68900ebfe6304bb0d9f67408b76201ec26180b4bd76500de4f0df86df4a063aececca69ddf8a162b67a4b9800fa7570d5b551ac2703adc0ffced00650a96cd81ec4187b90c6b2140ce99c1937c40587ea72899897e628115bcab73b3d9f425860b109a67347b8a121f65d0968d56a3dde6b8171cea61b08ae568b9d03c398977ce86f75055230ef370cabf67c9cf97c3223719555403f3e0bd2af0e1e8742decb05fadb0227f15d40ee2d6dc5a49fe1e6bc9e6cedde74294c3bb6fd5c5fedfad672df1dffd219bd8bc1ec39158eab507998755f553441d01cd26a5501f6fb2db4f3597510f85b93a542514c8013eedbbfc913dcce8b20a5759665bdfd9919eb22a89163d8656386d857c5bfc7c241c1d726cd94ab0f92d5b0fefcf1d4abdd26fbc6c17a4ccacf2d31e5e713059de93c59d3b8d3e8d03b5d663f9dfadb03e093cb84fcf500a1f0e2e5ba1c9d81db12cc799c6539af0cc35682d95cb789c745a452bd8b38e6cf08e0579da1ab43ad0858d0305f961b15a79c1090f4867040ea2bd36cf6512aab44ce5a1098efe039134f23bf057777fef3e68e45827b0487924cad4e5f0b1c3b4f5a0e3853b39640eb0782d78888fe92c3b68624e84ff6a5eded87be62d34ce858f34e5fffbba75f014df0f648988b51a72de1ff54d5c7a4b8ecb10c5e9ef51de98c01ef8c406f9824a0c15a29e16b5a53e3643b0065a4263ecae50d2cb976d3d2ea6255a65f1c6cc86167f1784a27b832037db4ce1e262475334f3b2430f86c7a24456eea82ab678aba91bb4c0cc82c877b80b6d3574007257272c3e126c17a8b36aa8aa9431ff01bf658f82d8153eddea6804cdc564a3f5e9967b08feeb823d3db9356a4acdd80e883ca58a1c661d01d145f80a3ab67e8036c0bae1bb7bc43204eb0cf38214bc74a9aef036a31d5a9c552d93a25c0e84057bce5437b1634680d04a77472d631432d2baa7a3acd64220efcf9e7848f8fd9801bef7561a470a1822032160eb59edc0f977882dce4fb2872d89d27ff076dba74a9672f86909956579c28853fa8de7002cc8458d09256d42a39f1a4bdb6b56d36d51488e7368686e54c1bbbfff48884e0d536be362e59bd7f18329a4b82aed396e4f92865f594d0da38f7cace7a4603af60c1a53bdfd19476094aac6e4a8f31fc1257d48d03bb0ef515d8460b9441532c8b5043d0531d5881adb6d997bb184fd8caf4d8e6c759c3f7143b9e32bc7a0ec6234b68adf4111ca1d136721438e5e6d7125d480ce982d84aea7703b4010cd27867d6ddc5e0c970385196f020e48eddb24c56972f9e61e6cc29c1712551583828f899534aacfffc66f99999ea2ba2731d52a7fd2fa262a22b075da52a5aa58f5b41aa9cdc9181406717f3f75e7c475090121966838125236e4dc6291ae3874968e8208b983aadb03ca60acd935e6da1b829407f70a77340e4439f22fdc2fc4218de0f25d2f886c0aaeb693c2b23db0eab9953bf806c2173e0bc9d0d7ef0e763775bc1432ff48d6035b1214294c81b71cd98c42831014090cd99cb74929ae853f88132e559104d4fea98ad40f17da4100a909a6981bad9efb240a79520927aa12232a56f4d8893bff92bfc2bd42cf3dc09bdc484dfdba3a10c609186104ce33e3024f44000be34814ff5dc9872d44b4157fb3a6655b985f6cc5ef4586f2abfee12dcbdb90181b396f95fe3213f094d1f3dd3d7fed800f4ed21290f613b62048e0fc1f1328d9f87a5653b489d36f727be9d755523def0472f1c1d5ac90ee665379ff39d06e863c244890f5333a0b89b92022c1a8198029fe5f8c203b3dd211d4398958ee190108dd50b7850e20d8abe2b927d53d28f3b8ca26be81bc6b83c0e2b3b1dda28066c63860cea89df82708ef21d4d36b84663e87b4385a3e37bd3ff1eb2bf64184c44723490669af4da092d45ba21a569a352e513d9a9b43e9cd4b812055822626efc55f950009232b8b3bb2d63d44a8b0bd9bd4e84c5a724496a2326f63c97dbcb235366ec0cf6096b5f4988d073c34bd3a084130cea8d6ee22e542b411c1e18599667b3fd6dde0669ad82c85a1c10ca5862213cb1bb277e6c4f6564f20a9bcea1b48170504c47235d78ed0a0441987c8c17d90d7b56cf487c46733ba4a6848fec42b97ce4048f3c6d9c493322f052ef93f02f142b3940a10921bd15c911e7a97aa4a20dc383c62cd288d252ba937b3f60761e6653568a01241bb573664de04811cf3f59b4c2d7e8a6c55da16f468383456aa751697697397c2a5e5abfa0f1099d80447d49da509aa1347f3943ee9baa1fdad2a0e69410b34253ad4991282d0e952260f52ab9f02a3d00b37098cf60354424f862066e45e92ac475c99a00e7380766e589abf66271619142795cf7a7fbd138a6cc5bd7e135122341d1f06eb5b436c59be0adedc71bc03d7c63c16751ad56c69e36decfe9e8214c719fcdf2e9fe2dc971f03c1c2ad6b6d368fe8b11d0389650c73d1c7e73708145fa05992a150e6a909656ea786e244bdf1cd71f4b0fd05b1335d703182ffa9d96c99108297b1fe327a83bf4f69d2a9c3d1eb73a9dd8cee2b3220904ac31011fd6407a5ba427facb46227fdedb13d1ca6443ded3dc3b6cf06a59dc9b9226fbf357334abf58412605fd206e7b6125fa19e5d68f75783fa08205b05c0a12d1830068317f6105958c4eb37bcb1beae6a401c267641aa58274a410d76b4d2a03e418020869b6886bb81964761b3fcd8ea68050ad6cff99649cde8fa53f04b0c96e271c0b092e24d81ea2d723775799e713ea9da6967ef57aaafe1c6732f2f047556027f021c65fc20c1c3bcb392acf8ff7a9e14d9728a5aaacd255fc3866b041e9c96dcf592083d78c9e405ddd7991d2e2536d2eb1ba0f0ece3dfb6a34c2665cfac2d1850fd478f617fdd4e9dd4492c553bd375cfd33f4744d642006f3a5216a1ff7d73643ed751caecdfdcb56247aa2f66fbcb8315daaa86006a99e0350a72d5d5260d6bb77ac53cdd7abacb859586c279b7facdf076c922ac27f3e907fb3b4ec977ca634a28df064162165222dcce674dab60a4e9d48e7fcea267abb1f8e0a2012aa6db532a4ce74fbaf583e2c292fa1b56be585d14ee073cdafe3fc0c19050e698ec41b9d27f5db41a779208118a5d3f8f74333b2ad2fe3cee273bbfea485ead817effedf1260c1a125070589b6f0f31984ed498cbd273e84a718f54c82cbc2747e678f8437dde23c9ea3c877823034b7c70731c2d01cc09d11d3364e7945b6480b9b416acb54cd1194b46c6d2e147619ac1c1fa915af80a5098647247ebcf0449634f69c96afc740bce61993228183d98d0f85406d8ffd934
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys;c:\windows\SYSNATIVE\drivers\dgderdrv.sys [x]
R3 ENTECH64;ENTECH64;c:\windows\system32\DRIVERS\ENTECH64.sys;c:\windows\SYSNATIVE\DRIVERS\ENTECH64.sys [x]
R3 etdrv;etdrv;c:\windows\etdrv.sys;c:\windows\etdrv.sys [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS;c:\windows\SysWOW64\FsUsbExDisk.SYS [x]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys;c:\windows\GVTDrv64.sys [x]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);c:\windows\system32\DRIVERS\sscebus.sys;c:\windows\SYSNATIVE\DRIVERS\sscebus.sys [x]
R3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;c:\windows\system32\DRIVERS\sscemdfl.sys;c:\windows\SYSNATIVE\DRIVERS\sscemdfl.sys [x]
R3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;c:\windows\system32\DRIVERS\sscemdm.sys;c:\windows\SYSNATIVE\DRIVERS\sscemdm.sys [x]
R3 ssceserd;SAMSUNG Mobile Modem Diagnostic Serial Port V2 (WDM);c:\windows\system32\DRIVERS\ssceserd.sys;c:\windows\SYSNATIVE\DRIVERS\ssceserd.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys;c:\windows\SYSNATIVE\Drivers\TFsExDisk.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 JMB36X;JMB36X;c:\windows\SysWOW64\XSrvSetup.exe;c:\windows\SysWOW64\XSrvSetup.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R4 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 cpuz134;cpuz134;c:\windows\system32\drivers\cpuz134_x64.sys;c:\windows\SYSNATIVE\drivers\cpuz134_x64.sys [x]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys;c:\windows\SYSNATIVE\drivers\cpuz135_x64.sys [x]
S2 GeniusMouseService;GeniusMouseService;c:\genius\ioCentre\GMouseService.exe;c:\genius\ioCentre\GMouseService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [x]
S3 gHidPnp;USB Device Enhanced Function Driver;c:\windows\system32\Drivers\gHidPnp.Sys;c:\windows\SYSNATIVE\Drivers\gHidPnp.Sys [x]
S3 gMouUsb;USB Mouse Device Drv;c:\windows\system32\DRIVERS\gMouUsb.sys;c:\windows\SYSNATIVE\DRIVERS\gMouUsb.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 08:41]
.
2013-07-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-03 07:34]
.
2013-07-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-03 07:34]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 133400 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-04-06 10144288]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-10-28 1680976]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\xc850cjk.default\
FF - prefs.js: browser.startup.homepage - www.seznam.cz
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: !HIDDEN! 2011-02-05 21:42; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_174_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_174_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_174_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_174_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Celkový čas: 2013-09-17 11:23:28 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-09-17 09:23
.
Před spuštěním: Volných bajtů: 29 656 694 784
Po spuštění: Volných bajtů: 29 068 165 120
.
- - End Of File - - B931D661A24AD7BBE94B835C917CB644
A36C5E4F47E84449FF07ED3517B43A31
----------------------------------------------------------------------------------------------------------------

Zabezpečení už funguje.

[jaro3]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
File::
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Folder::
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Google\Update

Driver::
SkypeUpdate


Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"3212083974"=-

DDS::
uInternet Settings,ProxyOverride = *.local

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_174_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_174_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_174_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_174_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.