log HJT

Fucza · Příspěvekod **Fucza** » 16 zář 2013 14:08

Prosím o kontrolu logu. Měl jsem ten policejní virus. Odkládal jsem aktualizaci javy a eset antiviru a chytil to celkem na nezávadných stránkách. Zkoušel jsem přes nouzový režim Rogue Killer, ale do nouzáku nešlo vlézt, po najetí a přihlášení na jediného uživatele se to hned restartovalo, zkoušel jsem i přes usb Kaspersky Rescue Disk, ale ten mi nic nenašel. Pomohlo obnovení systému do doby z před 2 dnů.
Nyní to chci zkontrolovat, neboť heslo Eset sice vezme a tváří se aktualizován, nechce se stáhnout virová databáze a jsou tam nějaké problémy s Windows aktualizacemi. Při této příležitosti bych rád odstranil nějaké soubory z plochy, které se kdysi asi někam přesunuly a nyní nejdou odstranit.
Taky mě trápí Excel. Pokud chci otevřit nějaký xls soubor. Musím otevřít nejdřív Excel, a pak otevřít v excelu. Přes soubor to nejde.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:59:24, on 16.9.2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.17267)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardTools.exe
C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe
C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
C:\Program Files (x86)\SMART Technologies\Education Software\Aware.exe
C:\Program Files (x86)\SMART Technologies\Education Software\Marker.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
C:\Programy\Trend Micro\HiJackThis\HiJackThis.exe
C:\windows\SysWOW64\DllHost.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll
O2 - BHO: SMART Notebook Download Utility - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies\Education Software\Win32\NotebookPlugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [DTRun] c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
O4 - HKLM\..\Run: [SMART Board Tools] "C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardTools.exe"
O4 - HKLM\..\Run: [SMART Board Service] "C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe"
O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Device Manager - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
O23 - Service: Bluetooth Media Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe
O23 - Service: DEBridge - McAfee, Inc. - c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software LLC - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\system\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13138 bytes

Moc díky.

Reklama

Příspěvekod **memphisto** » 16 zář 2013 17:11

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Fucza · Příspěvekod **Fucza** » 16 zář 2013 18:40

Díky. Zde to je:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.09.16.06

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Martin :: MARTIN-HP [administrátor]

16.9.2013 18:29:52
MBAM-log-2013-09-16 (18-36-26).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 233293
Uplynulý čas: 6 minut, 16 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 2
C:\ProgramData\2433f433 (Trojan.Agent.TPL) -> Nebyla provedena žádná instrukce.
C:\Users\Martin\AppData\Roaming\2433f433 (Trojan.Agent.TPL) -> Nebyla provedena žádná instrukce.

(konec)

# AdwCleaner v3.004 - Report created 16/09/2013 at 18:38:28
# Updated 15/09/2013 by Xplode
# Operating System : Windows 7 Home Premium (64 bits)
# Username : Martin - MARTIN-HP
# Running from : C:\Users\Martin\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\windows\System32\roboot64.exe
File Found : C:\windows\System32\Tasks\Scheduled Update for Ask Toolbar

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\APN PIP
Key Found : HKLM\Software\DeviceVM
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\tracing\askpartnercobrandingtool_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Found : HKLM\Software\PIP
Key Found : [x64] HKLM\SOFTWARE\DeviceVM

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7600.17267

-\\ Mozilla Firefox v23.0.1 (cs)

[ File : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\14ydu06m.default\prefs.js ]

*************************

AdwCleaner[R0].txt - [1433 octets] - [16/09/2013 18:38:28]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1493 octets] ##########

Příspěvekod **memphisto** » 16 zář 2013 19:58

V Mbam i adw nech vše smazat a dodej logy po smazání

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Fucza · Příspěvekod **Fucza** » 16 zář 2013 22:44

Tady to je:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.09.16.07

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Martin :: MARTIN-HP [administrátor]

16.9.2013 22:08:51
mbam-log-2013-09-16 (22-08-51).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 233585
Uplynulý čas: 8 minut, 14 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)
-----------------------------------------------------------------------------------------------------------------------------------------------------------------
# AdwCleaner v3.004 - Report created 16/09/2013 at 22:19:12
# Updated 15/09/2013 by Xplode
# Operating System : Windows 7 Home Premium (64 bits)
# Username : Martin - MARTIN-HP
# Running from : C:\Users\Martin\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7600.17267

-\\ Mozilla Firefox v23.0.1 (cs)

[ File : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\14ydu06m.default\prefs.js ]

*************************

AdwCleaner[R0].txt - [1581 octets] - [16/09/2013 18:38:28]
AdwCleaner[R1].txt - [1641 octets] - [16/09/2013 22:00:55]
AdwCleaner[R2].txt - [939 octets] - [16/09/2013 22:18:13]
AdwCleaner[S0].txt - [1687 octets] - [16/09/2013 22:01:42]
AdwCleaner[S1].txt - [861 octets] - [16/09/2013 22:19:12]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [920 octets] ##########
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
# AdwCleaner v3.004 - Report created 16/09/2013 at 22:18:13
# Updated 15/09/2013 by Xplode
# Operating System : Windows 7 Home Premium (64 bits)
# Username : Martin - MARTIN-HP
# Running from : C:\Users\Martin\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7600.17267

-\\ Mozilla Firefox v23.0.1 (cs)

[ File : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\14ydu06m.default\prefs.js ]

*************************

AdwCleaner[R0].txt - [1581 octets] - [16/09/2013 18:38:28]
AdwCleaner[R1].txt - [1641 octets] - [16/09/2013 22:00:55]
AdwCleaner[R2].txt - [741 octets] - [16/09/2013 22:18:13]
AdwCleaner[S0].txt - [1687 octets] - [16/09/2013 22:01:42]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [860 octets] ##########
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
RogueKiller V8.6.11 _x64_ [Sep 11 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7600 ) 64 bits version
Spuštěno v : Normální režim
Uživatel : Martin [Práva správce]
Mód : Kontrola -- Datum : 09/16/2013 22:29:19
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD5000BPVT-00HXZT1 +++++
--- User ---
[MBR] d40f084ed81a9db0854c5ab93bc73e08
[BSP] cd27ed3eb96aab5c994ff939e1f9cca6 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 300 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 616448 | Size: 459235 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 941129728 | Size: 15360 Mo
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 972587008 | Size: 2043 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_09162013_222919.txt >>

----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.1 (09.15.2013:1)
OS: Windows 7 Home Premium x64
Ran by Martin on po 16.09.2013 at 22:31:45,79
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9

~~~ Files

~~~ Folders

~~~ FireFox

Emptied folder: C:\Users\Martin\AppData\Roaming\mozilla\firefox\profiles\14ydu06m.default\minidumps [39 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 16.09.2013 at 22:38:38,90
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Díky.

Příspěvekod **jaro3** » 17 zář 2013 10:09

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Fucza · Příspěvekod **Fucza** » 17 zář 2013 12:37

12:10:56.0130 6180 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
12:10:57.0662 6180 ============================================================
12:10:57.0662 6180 Current date / time: 2013/09/17 12:10:57.0662
12:10:57.0662 6180 SystemInfo:
12:10:57.0662 6180
12:10:57.0662 6180 OS Version: 6.1.7600 ServicePack: 0.0
12:10:57.0662 6180 Product type: Workstation
12:10:57.0662 6180 ComputerName: MARTIN-HP
12:10:57.0662 6180 UserName: Martin
12:10:57.0662 6180 Windows directory: C:\windows
12:10:57.0662 6180 System windows directory: C:\windows
12:10:57.0662 6180 Running under WOW64
12:10:57.0662 6180 Processor architecture: Intel x64
12:10:57.0662 6180 Number of processors: 4
12:10:57.0662 6180 Page size: 0x1000
12:10:57.0663 6180 Boot type: Normal boot
12:10:57.0663 6180 ============================================================
12:10:58.0128 6180 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:10:58.0138 6180 ============================================================
12:10:58.0138 6180 \Device\Harddisk0\DR0:
12:10:58.0138 6180 MBR partitions:
12:10:58.0138 6180 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x96000
12:10:58.0139 6180 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x96800, BlocksNum 0x380F1800
12:10:58.0139 6180 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38188000, BlocksNum 0x1E00000
12:10:58.0139 6180 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x39F88000, BlocksNum 0x3FD800
12:10:58.0139 6180 ============================================================
12:10:58.0208 6180 C: <-> \Device\Harddisk0\DR0\Partition2
12:10:58.0240 6180 E: <-> \Device\Harddisk0\DR0\Partition4
12:10:58.0240 6180 ============================================================
12:10:58.0241 6180 Initialize success
12:10:58.0241 6180 ============================================================
12:11:17.0124 5640 ============================================================
12:11:17.0124 5640 Scan started
12:11:17.0124 5640 Mode: Manual;
12:11:17.0124 5640 ============================================================
12:11:17.0396 5640 ================ Scan system memory ========================
12:11:17.0396 5640 System memory - ok
12:11:17.0399 5640 ================ Scan services =============================
12:11:17.0687 5640 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\windows\system32\DRIVERS\1394ohci.sys
12:11:17.0692 5640 1394ohci - ok
12:11:17.0745 5640 [ 1CFFE9C06E66A57DAE1452E449A58240 ] Accelerometer C:\windows\system32\DRIVERS\Accelerometer.sys
12:11:17.0747 5640 Accelerometer - ok
12:11:17.0866 5640 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
12:11:17.0881 5640 ACDaemon - ok
12:11:17.0933 5640 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\windows\system32\DRIVERS\ACPI.sys
12:11:17.0939 5640 ACPI - ok
12:11:17.0978 5640 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\windows\system32\DRIVERS\acpipmi.sys
12:11:17.0980 5640 AcpiPmi - ok
12:11:18.0190 5640 [ 7BBAF543CABE8A8D275BC7F6C66C1959 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:11:18.0194 5640 AdobeFlashPlayerUpdateSvc - ok
12:11:18.0276 5640 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
12:11:18.0285 5640 adp94xx - ok
12:11:18.0333 5640 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
12:11:18.0340 5640 adpahci - ok
12:11:18.0369 5640 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
12:11:18.0373 5640 adpu320 - ok
12:11:18.0417 5640 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
12:11:18.0418 5640 AeLookupSvc - ok
12:11:18.0585 5640 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
12:11:18.0587 5640 AESTFilters - ok
12:11:18.0636 5640 [ 6CCD1135320109D6B219F1A6E04AD9F6 ] Afc C:\windows\syswow64\drivers\Afc.sys
12:11:18.0648 5640 Afc - ok
12:11:18.0735 5640 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\windows\system32\drivers\afd.sys
12:11:18.0743 5640 AFD - ok
12:11:18.0836 5640 [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem C:\windows\system32\DRIVERS\agrsm64.sys
12:11:18.0869 5640 AgereSoftModem - ok
12:11:18.0916 5640 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\DRIVERS\agp440.sys
12:11:18.0918 5640 agp440 - ok
12:11:18.0945 5640 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
12:11:18.0948 5640 ALG - ok
12:11:19.0001 5640 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\DRIVERS\aliide.sys
12:11:19.0003 5640 aliide - ok
12:11:19.0066 5640 [ 5A06AB7AB4D389DFE3C109599DF0BB65 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
12:11:19.0070 5640 AMD External Events Utility - ok
12:11:19.0083 5640 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\DRIVERS\amdide.sys
12:11:19.0085 5640 amdide - ok
12:11:19.0126 5640 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
12:11:19.0129 5640 AmdK8 - ok
12:11:19.0312 5640 [ 650DDCCD6657E20737433CB774521B81 ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
12:11:19.0470 5640 amdkmdag - ok
12:11:19.0497 5640 [ F51B013C55B30DBE3AD59A7FE197C5BA ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
12:11:19.0501 5640 amdkmdap - ok
12:11:19.0543 5640 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
12:11:19.0545 5640 AmdPPM - ok
12:11:19.0600 5640 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\windows\system32\drivers\amdsata.sys
12:11:19.0603 5640 amdsata - ok
12:11:19.0644 5640 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
12:11:19.0649 5640 amdsbs - ok
12:11:19.0671 5640 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\windows\system32\drivers\amdxata.sys
12:11:19.0672 5640 amdxata - ok
12:11:19.0715 5640 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\windows\system32\drivers\appid.sys
12:11:19.0718 5640 AppID - ok
12:11:19.0744 5640 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
12:11:19.0746 5640 AppIDSvc - ok
12:11:19.0768 5640 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\windows\System32\appinfo.dll
12:11:19.0771 5640 Appinfo - ok
12:11:19.0825 5640 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys
12:11:19.0828 5640 arc - ok
12:11:19.0840 5640 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
12:11:19.0843 5640 arcsas - ok
12:11:19.0900 5640 [ CE2168C926927BA926301BAF172BC693 ] ARCVCAM C:\windows\system32\DRIVERS\ArcSoftVCapture.sys
12:11:19.0902 5640 ARCVCAM - ok
12:11:20.0048 5640 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:11:20.0051 5640 aspnet_state - ok
12:11:20.0096 5640 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
12:11:20.0098 5640 AsyncMac - ok
12:11:20.0141 5640 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\DRIVERS\atapi.sys
12:11:20.0143 5640 atapi - ok
12:11:20.0246 5640 [ 2D648572BA9A610952FCAFBA1E119C2D ] AtiHdmiService C:\windows\system32\drivers\AtiHdmi.sys
12:11:20.0251 5640 AtiHdmiService - ok
12:11:20.0319 5640 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
12:11:20.0332 5640 AudioEndpointBuilder - ok
12:11:20.0348 5640 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\windows\System32\Audiosrv.dll
12:11:20.0355 5640 AudioSrv - ok
12:11:20.0413 5640 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\windows\System32\AxInstSV.dll
12:11:20.0416 5640 AxInstSV - ok
12:11:20.0473 5640 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
12:11:20.0481 5640 b06bdrv - ok
12:11:20.0562 5640 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
12:11:20.0569 5640 b57nd60a - ok
12:11:20.0603 5640 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
12:11:20.0606 5640 BDESVC - ok
12:11:20.0657 5640 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
12:11:20.0659 5640 Beep - ok
12:11:20.0743 5640 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\windows\System32\bfe.dll
12:11:20.0757 5640 BFE - ok
12:11:20.0801 5640 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\windows\System32\qmgr.dll
12:11:20.0835 5640 BITS - ok
12:11:20.0886 5640 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
12:11:20.0889 5640 blbdrive - ok
12:11:21.0079 5640 [ 2BBD2AB07D779278114BA6A694972F1A ] Bluetooth Device Manager C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
12:11:21.0178 5640 Bluetooth Device Manager - ok
12:11:21.0212 5640 [ 87D6A02028E47CA696C4294C658E3EE6 ] Bluetooth Media Service C:\Program Files\Motorola\Bluetooth\audiosrv.exe
12:11:21.0245 5640 Bluetooth Media Service - ok
12:11:21.0262 5640 [ 9AF4B2CF2F98CF6157CDFD917AE5785B ] Bluetooth OBEX Service C:\Program Files\Motorola\Bluetooth\obexsrv.exe
12:11:21.0273 5640 Bluetooth OBEX Service - ok
12:11:21.0334 5640 [ 19D20159708E152267E53B66677A4995 ] bowser C:\windows\system32\DRIVERS\bowser.sys
12:11:21.0335 5640 bowser - ok
12:11:21.0407 5640 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
12:11:21.0409 5640 BrFiltLo - ok
12:11:21.0422 5640 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
12:11:21.0424 5640 BrFiltUp - ok
12:11:21.0487 5640 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
12:11:21.0490 5640 BridgeMP - ok
12:11:21.0551 5640 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\windows\System32\browser.dll
12:11:21.0554 5640 Browser - ok
12:11:21.0575 5640 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
12:11:21.0581 5640 Brserid - ok
12:11:21.0598 5640 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
12:11:21.0601 5640 BrSerWdm - ok
12:11:21.0614 5640 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
12:11:21.0616 5640 BrUsbMdm - ok
12:11:21.0626 5640 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
12:11:21.0629 5640 BrUsbSer - ok
12:11:21.0680 5640 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
12:11:21.0683 5640 BthEnum - ok
12:11:21.0701 5640 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
12:11:21.0703 5640 BTHMODEM - ok
12:11:21.0736 5640 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
12:11:21.0739 5640 BthPan - ok
12:11:21.0774 5640 [ E10D1912634974EA273A1588C75CCB76 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
12:11:21.0784 5640 BTHPORT - ok
12:11:21.0815 5640 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
12:11:21.0818 5640 bthserv - ok
12:11:21.0848 5640 [ 19B784B6ECBB3ADBB2242700FEE90BEC ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
12:11:21.0851 5640 BTHUSB - ok
12:11:21.0908 5640 [ E588420B950DAC5AC397F76660BCE520 ] BTMCOM C:\windows\system32\Drivers\btmcom.sys
12:11:21.0910 5640 BTMCOM - ok
12:11:22.0036 5640 [ 4EEF6B894E05FC245640DCEE9190A053 ] BTMUSB C:\windows\system32\Drivers\btmusb.sys
12:11:22.0119 5640 BTMUSB - ok
12:11:22.0178 5640 catchme - ok
12:11:22.0211 5640 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
12:11:22.0214 5640 cdfs - ok
12:11:22.0292 5640 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
12:11:22.0295 5640 cdrom - ok
12:11:22.0361 5640 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\windows\System32\certprop.dll
12:11:22.0363 5640 CertPropSvc - ok
12:11:22.0403 5640 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys
12:11:22.0406 5640 circlass - ok
12:11:22.0461 5640 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
12:11:22.0468 5640 CLFS - ok
12:11:22.0535 5640 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:11:22.0538 5640 clr_optimization_v2.0.50727_32 - ok
12:11:22.0567 5640 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:11:22.0571 5640 clr_optimization_v2.0.50727_64 - ok
12:11:22.0663 5640 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:11:22.0666 5640 clr_optimization_v4.0.30319_32 - ok
12:11:22.0685 5640 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:11:22.0690 5640 clr_optimization_v4.0.30319_64 - ok
12:11:22.0748 5640 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
12:11:22.0751 5640 CmBatt - ok
12:11:22.0773 5640 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\DRIVERS\cmdide.sys
12:11:22.0775 5640 cmdide - ok
12:11:22.0840 5640 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\windows\system32\Drivers\cng.sys
12:11:22.0848 5640 CNG - ok
12:11:22.0885 5640 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
12:11:22.0887 5640 Compbatt - ok
12:11:22.0934 5640 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
12:11:22.0936 5640 CompositeBus - ok
12:11:22.0958 5640 COMSysApp - ok
12:11:22.0989 5640 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
12:11:22.0991 5640 crcdisk - ok
12:11:23.0051 5640 [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc C:\windows\system32\cryptsvc.dll
12:11:23.0056 5640 CryptSvc - ok
12:11:23.0091 5640 [ A8BA4DA23AC20BDA23CA15234D42A3FA ] DAMDrv C:\windows\system32\DRIVERS\DAMDrv64.sys
12:11:23.0093 5640 DAMDrv - ok
12:11:23.0145 5640 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\windows\system32\rpcss.dll
12:11:23.0156 5640 DcomLaunch - ok
12:11:23.0251 5640 [ 0FD1090009949C58C86B40DD705D0F5D ] DEBridge c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe
12:11:23.0262 5640 DEBridge - ok
12:11:23.0288 5640 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
12:11:23.0294 5640 defragsvc - ok
12:11:23.0348 5640 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\windows\system32\Drivers\dfsc.sys
12:11:23.0351 5640 DfsC - ok
12:11:23.0406 5640 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\windows\system32\dhcpcore.dll
12:11:23.0415 5640 Dhcp - ok
12:11:23.0463 5640 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
12:11:23.0464 5640 discache - ok
12:11:23.0527 5640 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys
12:11:23.0529 5640 Disk - ok
12:11:23.0567 5640 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\windows\System32\dnsrslvr.dll
12:11:23.0571 5640 Dnscache - ok
12:11:23.0612 5640 DolBoot - ok
12:11:23.0645 5640 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\windows\System32\dot3svc.dll
12:11:23.0651 5640 dot3svc - ok
12:11:23.0720 5640 [ EF8004B4A9552C77FD0E99AB08841D13 ] DpHost c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
12:11:23.0726 5640 DpHost - ok
12:11:23.0746 5640 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\windows\system32\dps.dll
12:11:23.0751 5640 DPS - ok
12:11:23.0807 5640 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
12:11:23.0808 5640 drmkaud - ok
12:11:23.0876 5640 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\windows\system32\DRIVERS\dtsoftbus01.sys
12:11:23.0882 5640 dtsoftbus01 - ok
12:11:23.0934 5640 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
12:11:23.0970 5640 DXGKrnl - ok
12:11:24.0043 5640 [ D00EAE9C735A7DEE8049E50D73D25434 ] eamonm C:\windows\system32\DRIVERS\eamonm.sys
12:11:24.0046 5640 eamonm - ok
12:11:24.0089 5640 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
12:11:24.0092 5640 EapHost - ok
12:11:24.0182 5640 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
12:11:24.0265 5640 ebdrv - ok
12:11:24.0305 5640 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\windows\System32\lsass.exe
12:11:24.0308 5640 EFS - ok
12:11:24.0371 5640 [ E5EDDE3C8158DD0CBC5812F201DCDED0 ] ehdrv C:\windows\system32\DRIVERS\ehdrv.sys
12:11:24.0375 5640 ehdrv - ok
12:11:24.0445 5640 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\windows\ehome\ehRecvr.exe
12:11:24.0457 5640 ehRecvr - ok
12:11:24.0499 5640 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
12:11:24.0503 5640 ehSched - ok
12:11:24.0606 5640 [ AD4FAADE819E0DA9933BEA7C01D2C763 ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
12:11:24.0626 5640 ekrn - ok
12:11:24.0657 5640 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
12:11:24.0666 5640 elxstor - ok
12:11:24.0716 5640 [ 3EBB7FD3C605262B942868A1D840F4F1 ] epfwwfpr C:\windows\system32\DRIVERS\epfwwfpr.sys
12:11:24.0732 5640 epfwwfpr - ok
12:11:24.0752 5640 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\DRIVERS\errdev.sys
12:11:24.0754 5640 ErrDev - ok
12:11:24.0830 5640 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
12:11:24.0838 5640 EventSystem - ok
12:11:24.0897 5640 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
12:11:24.0901 5640 exfat - ok
12:11:24.0930 5640 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
12:11:24.0934 5640 fastfat - ok
12:11:24.0991 5640 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\windows\system32\fxssvc.exe
12:11:25.0006 5640 Fax - ok
12:11:25.0026 5640 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys
12:11:25.0028 5640 fdc - ok
12:11:25.0071 5640 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
12:11:25.0074 5640 fdPHost - ok
12:11:25.0088 5640 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
12:11:25.0091 5640 FDResPub - ok
12:11:25.0109 5640 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
12:11:25.0111 5640 FileInfo - ok
12:11:25.0129 5640 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
12:11:25.0131 5640 Filetrace - ok
12:11:25.0244 5640 [ 7E728680AA428506A82351D859C32C95 ] FLCDLOCK c:\Windows\SysWOW64\flcdlock.exe
12:11:25.0252 5640 FLCDLOCK - ok
12:11:25.0408 5640 [ DFADECE1B66095F3F247ACC0EBDC5F8D ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:11:25.0443 5640 FLEXnet Licensing Service - ok
12:11:25.0510 5640 [ 52C0312AB35EB7187015FB6A99136BB5 ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
12:11:25.0547 5640 FLEXnet Licensing Service 64 - ok
12:11:25.0575 5640 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
12:11:25.0577 5640 flpydisk - ok
12:11:25.0601 5640 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
12:11:25.0606 5640 FltMgr - ok
12:11:25.0684 5640 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\windows\system32\FntCache.dll
12:11:25.0719 5640 FontCache - ok
12:11:25.0765 5640 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:11:25.0766 5640 FontCache3.0.0.0 - ok
12:11:25.0780 5640 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
12:11:25.0783 5640 FsDepends - ok
12:11:25.0844 5640 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
12:11:25.0846 5640 Fs_Rec - ok
12:11:25.0927 5640 [ 1F44F8559E61A8306ECC67BB1E168B7C ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
12:11:25.0931 5640 fvevol - ok
12:11:25.0947 5640 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
12:11:25.0950 5640 gagp30kx - ok
12:11:25.0997 5640 [ 16C2A6BCDDA8952C2035DEC861492A19 ] ggflt C:\windows\system32\DRIVERS\ggflt.sys
12:11:25.0999 5640 ggflt - ok
12:11:26.0052 5640 [ 6B503DF845EABF3457E49FBBDA26C10E ] ggsemc C:\windows\system32\DRIVERS\ggsemc.sys
12:11:26.0054 5640 ggsemc - ok
12:11:26.0134 5640 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\windows\System32\gpsvc.dll
12:11:26.0151 5640 gpsvc - ok
12:11:26.0165 5640 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
12:11:26.0168 5640 hcw85cir - ok
12:11:26.0225 5640 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
12:11:26.0232 5640 HdAudAddService - ok
12:11:26.0279 5640 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
12:11:26.0282 5640 HDAudBus - ok
12:11:26.0337 5640 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\windows\system32\DRIVERS\HECIx64.sys
12:11:26.0339 5640 HECIx64 - ok
12:11:26.0355 5640 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
12:11:26.0358 5640 HidBatt - ok
12:11:26.0386 5640 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
12:11:26.0389 5640 HidBth - ok
12:11:26.0440 5640 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
12:11:26.0443 5640 HidIr - ok
12:11:26.0476 5640 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\System32\hidserv.dll
12:11:26.0479 5640 hidserv - ok
12:11:26.0516 5640 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
12:11:26.0518 5640 HidUsb - ok
12:11:26.0585 5640 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\windows\system32\kmsvc.dll
12:11:26.0588 5640 hkmsvc - ok
12:11:26.0614 5640 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\windows\system32\ListSvc.dll
12:11:26.0620 5640 HomeGroupListener - ok
12:11:26.0647 5640 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\windows\system32\provsvc.dll
12:11:26.0652 5640 HomeGroupProvider - ok
12:11:26.0744 5640 [ 3F4ADD4196E2B860019539837BE305F9 ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
12:11:26.0746 5640 HP Health Check Service - ok
12:11:26.0797 5640 [ A094A4096AD7A90E2D790B590D3CBFD4 ] HP Power Assistant Service C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
12:11:26.0799 5640 HP Power Assistant Service - ok
12:11:26.0879 5640 [ AE2A8C80205F06BE5EDC63BE0AE9A756 ] HP ProtectTools Service c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
12:11:26.0887 5640 HP ProtectTools Service - ok
12:11:26.0941 5640 [ 58CC11D14D88EF70EF7ABBC75B5EEBD8 ] HP Wireless Assistant Service C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
12:11:26.0943 5640 HP Wireless Assistant Service - ok
12:11:26.0995 5640 [ 94C74D758E0F7B1D962DA452B4D28C91 ] HPDayStarterService c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
12:11:26.0998 5640 HPDayStarterService - ok
12:11:27.0052 5640 [ 881F74074963CDAD8C475D09DC3A0BB6 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
12:11:27.0055 5640 HPDrvMntSvc.exe - ok
12:11:27.0071 5640 [ 05712FDDBD45A5864EB326FAABC6A4E3 ] hpdskflt C:\windows\system32\DRIVERS\hpdskflt.sys
12:11:27.0072 5640 hpdskflt - ok
12:11:27.0140 5640 [ 393383FE7F577B4A111B44445716FCB3 ] HpFkCryptService c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
12:11:27.0144 5640 HpFkCryptService - ok
12:11:27.0202 5640 [ C9D858E20AE696E7A0D9A05B595F850A ] HPFSService C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
12:11:27.0206 5640 HPFSService - ok
12:11:27.0291 5640 [ 4D94F4D7782657E79EB1352570B563DB ] hpHotkeyMonitor C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
12:11:27.0296 5640 hpHotkeyMonitor - ok
12:11:27.0342 5640 [ B98EE5D4535A685634B90F7E04DE0DF7 ] HpqKbFiltr C:\windows\system32\DRIVERS\HpqKbFiltr.sys
12:11:27.0344 5640 HpqKbFiltr - ok
12:11:27.0389 5640 [ FE51B163A618B1CBF015485D21C1BC68 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
12:11:27.0399 5640 hpqwmiex - ok
12:11:27.0432 5640 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\windows\system32\DRIVERS\HpSAMD.sys
12:11:27.0435 5640 HpSAMD - ok
12:11:27.0486 5640 [ AA036CC5F5221D9B915F4D4DCE74BA9A ] hpsrv C:\windows\system32\Hpservice.exe
12:11:27.0489 5640 hpsrv - ok
12:11:27.0556 5640 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\windows\system32\drivers\HTTP.sys
12:11:27.0567 5640 HTTP - ok
12:11:27.0651 5640 [ F78FF50C486D530504B7D2BB36B1ED22 ] HWiNFO32 C:\Program Files (x86)\HWiNFO32\HWiNFO64A.SYS
12:11:27.0654 5640 HWiNFO32 - ok
12:11:27.0706 5640 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
12:11:27.0707 5640 hwpolicy - ok
12:11:27.0754 5640 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
12:11:27.0757 5640 i8042prt - ok
12:11:27.0795 5640 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
12:11:27.0801 5640 iaStor - ok
12:11:27.0905 5640 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
12:11:27.0907 5640 IAStorDataMgrSvc - ok
12:11:27.0961 5640 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\windows\system32\drivers\iaStorV.sys
12:11:27.0968 5640 iaStorV - ok
12:11:28.0032 5640 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:11:28.0054 5640 idsvc - ok
12:11:28.0086 5640 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
12:11:28.0088 5640 iirsp - ok
12:11:28.0128 5640 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\windows\System32\ikeext.dll
12:11:28.0150 5640 IKEEXT - ok
12:11:28.0216 5640 [ 4B6363CD4610BB848531BB260B15DFCC ] Impcd C:\windows\system32\DRIVERS\Impcd.sys
12:11:28.0220 5640 Impcd - ok
12:11:28.0294 5640 [ CAA8BC6737DFA3BF1A50175CFB226788 ] InputFilter_Hid_FlexDef2b C:\windows\system32\DRIVERS\InputFilter_FlexDef2b.sys
12:11:28.0296 5640 InputFilter_Hid_FlexDef2b - ok
12:11:28.0315 5640 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\DRIVERS\intelide.sys
12:11:28.0317 5640 intelide - ok
12:11:28.0371 5640 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
12:11:28.0373 5640 intelppm - ok
12:11:28.0426 5640 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
12:11:28.0430 5640 IPBusEnum - ok
12:11:28.0459 5640 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
12:11:28.0462 5640 IpFilterDriver - ok
12:11:28.0535 5640 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
12:11:28.0545 5640 iphlpsvc - ok
12:11:28.0569 5640 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\windows\system32\DRIVERS\IPMIDrv.sys
12:11:28.0572 5640 IPMIDRV - ok
12:11:28.0592 5640 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
12:11:28.0596 5640 IPNAT - ok
12:11:28.0640 5640 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
12:11:28.0642 5640 IRENUM - ok
12:11:28.0662 5640 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\DRIVERS\isapnp.sys
12:11:28.0665 5640 isapnp - ok
12:11:28.0689 5640 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\windows\system32\DRIVERS\msiscsi.sys
12:11:28.0694 5640 iScsiPrt - ok
12:11:28.0722 5640 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
12:11:28.0724 5640 kbdclass - ok
12:11:28.0768 5640 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
12:11:28.0771 5640 kbdhid - ok
12:11:28.0816 5640 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\windows\system32\lsass.exe
12:11:28.0818 5640 KeyIso - ok
12:11:28.0865 5640 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
12:11:28.0867 5640 KSecDD - ok
12:11:28.0882 5640 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
12:11:28.0885 5640 KSecPkg - ok
12:11:28.0904 5640 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
12:11:28.0907 5640 ksthunk - ok
12:11:28.0939 5640 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
12:11:28.0948 5640 KtmRm - ok
12:11:28.0989 5640 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\windows\System32\srvsvc.dll
12:11:28.0995 5640 LanmanServer - ok
12:11:29.0026 5640 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
12:11:29.0031 5640 LanmanWorkstation - ok
12:11:29.0116 5640 [ 83D8BE94E1CBCBE2EA8372DB1A95A159 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
12:11:29.0118 5640 LightScribeService - ok
12:11:29.0177 5640 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
12:11:29.0179 5640 lltdio - ok
12:11:29.0214 5640 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
12:11:29.0221 5640 lltdsvc - ok
12:11:29.0277 5640 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
12:11:29.0280 5640 lmhosts - ok
12:11:29.0363 5640 [ BB4E55778D8DE3885E1CDAC795DE7BCE ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:11:29.0368 5640 LMS - ok
12:11:29.0425 5640 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
12:11:29.0428 5640 LSI_FC - ok
12:11:29.0465 5640 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
12:11:29.0468 5640 LSI_SAS - ok
12:11:29.0481 5640 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
12:11:29.0484 5640 LSI_SAS2 - ok
12:11:29.0503 5640 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
12:11:29.0507 5640 LSI_SCSI - ok
12:11:29.0537 5640 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
12:11:29.0540 5640 luafv - ok
12:11:29.0599 5640 [ 024DA28053D57E9E32BEE52600576BBB ] MarvinBus C:\windows\system32\DRIVERS\MarvinBus64.sys
12:11:29.0604 5640 MarvinBus - ok
12:11:29.0671 5640 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\windows\system32\drivers\mbam.sys
12:11:29.0672 5640 MBAMProtector - ok
12:11:29.0787 5640 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
12:11:29.0794 5640 MBAMScheduler - ok
12:11:29.0868 5640 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
12:11:29.0885 5640 MBAMService - ok
12:11:29.0966 5640 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
12:11:29.0970 5640 Mcx2Svc - ok
12:11:29.0995 5640 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
12:11:29.0997 5640 megasas - ok
12:11:30.0017 5640 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
12:11:30.0025 5640 MegaSR - ok
12:11:30.0067 5640 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
12:11:30.0071 5640 MMCSS - ok
12:11:30.0096 5640 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
12:11:30.0099 5640 Modem - ok
12:11:30.0145 5640 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
12:11:30.0147 5640 monitor - ok
12:11:30.0197 5640 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
12:11:30.0199 5640 mouclass - ok
12:11:30.0242 5640 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
12:11:30.0245 5640 mouhid - ok
12:11:30.0292 5640 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\windows\system32\drivers\mountmgr.sys
12:11:30.0294 5640 mountmgr - ok
12:11:30.0359 5640 [ A35576A433F4AEB0D48976A004657CB6 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:11:30.0362 5640 MozillaMaintenance - ok
12:11:30.0382 5640 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\windows\system32\DRIVERS\mpio.sys
12:11:30.0387 5640 mpio - ok
12:11:30.0410 5640 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
12:11:30.0413 5640 mpsdrv - ok
12:11:30.0442 5640 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\windows\system32\mpssvc.dll
12:11:30.0457 5640 MpsSvc - ok
12:11:30.0485 5640 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
12:11:30.0489 5640 MRxDAV - ok
12:11:30.0527 5640 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
12:11:30.0530 5640 mrxsmb - ok
12:11:30.0551 5640 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
12:11:30.0557 5640 mrxsmb10 - ok
12:11:30.0570 5640 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
12:11:30.0573 5640 mrxsmb20 - ok
12:11:30.0589 5640 [ 5E939CF91EA4A841DBAFE4627E0292BB ] msahci C:\windows\system32\DRIVERS\msahci.sys
12:11:30.0591 5640 msahci - ok
12:11:30.0619 5640 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\windows\system32\DRIVERS\msdsm.sys
12:11:30.0623 5640 msdsm - ok
12:11:30.0648 5640 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
12:11:30.0653 5640 MSDTC - ok
12:11:30.0676 5640 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
12:11:30.0678 5640 Msfs - ok
12:11:30.0700 5640 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
12:11:30.0701 5640 mshidkmdf - ok
12:11:30.0707 5640 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\DRIVERS\msisadrv.sys
12:11:30.0708 5640 msisadrv - ok
12:11:30.0746 5640 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
12:11:30.0751 5640 MSiSCSI - ok
12:11:30.0756 5640 msiserver - ok
12:11:30.0815 5640 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
12:11:30.0817 5640 MSKSSRV - ok
12:11:30.0841 5640 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
12:11:30.0843 5640 MSPCLOCK - ok
12:11:30.0857 5640 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
12:11:30.0859 5640 MSPQM - ok
12:11:30.0881 5640 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
12:11:30.0888 5640 MsRPC - ok
12:11:30.0901 5640 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
12:11:30.0903 5640 mssmbios - ok
12:11:30.0925 5640 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
12:11:30.0927 5640 MSTEE - ok
12:11:30.0978 5640 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
12:11:30.0980 5640 MTConfig - ok
12:11:30.0997 5640 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
12:11:30.0998 5640 Mup - ok
12:11:31.0031 5640 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\windows\system32\qagentRT.dll
12:11:31.0041 5640 napagent - ok
12:11:31.0093 5640 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
12:11:31.0099 5640 NativeWifiP - ok
12:11:31.0167 5640 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\windows\system32\drivers\ndis.sys
12:11:31.0187 5640 NDIS - ok
12:11:31.0203 5640 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
12:11:31.0205 5640 NdisCap - ok
12:11:31.0256 5640 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
12:11:31.0258 5640 NdisTapi - ok
12:11:31.0324 5640 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
12:11:31.0326 5640 Ndisuio - ok
12:11:31.0349 5640 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
12:11:31.0353 5640 NdisWan - ok
12:11:31.0372 5640 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\windows\system32\drivers\NDProxy.sys
12:11:31.0375 5640 NDProxy - ok
12:11:31.0391 5640 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
12:11:31.0392 5640 NetBIOS - ok
12:11:31.0412 5640 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\windows\system32\DRIVERS\netbt.sys
12:11:31.0417 5640 NetBT - ok
12:11:31.0427 5640 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\windows\system32\lsass.exe
12:11:31.0429 5640 Netlogon - ok
12:11:31.0495 5640 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
12:11:31.0504 5640 Netman - ok
12:11:31.0600 5640 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:11:31.0604 5640 NetMsmqActivator - ok
12:11:31.0610 5640 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:11:31.0612 5640 NetPipeActivator - ok
12:11:31.0638 5640 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
12:11:31.0647 5640 netprofm - ok
12:11:31.0723 5640 [ B964D4C524A80ABA22DB16FC1EDED0A9 ] netr28x C:\windows\system32\DRIVERS\netr28x.sys
12:11:31.0755 5640 netr28x - ok
12:11:31.0784 5640 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:11:31.0786 5640 NetTcpActivator - ok
12:11:31.0793 5640 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:11:31.0795 5640 NetTcpPortSharing - ok
12:11:31.0851 5640 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
12:11:31.0853 5640 nfrd960 - ok
12:11:31.0914 5640 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\windows\System32\nlasvc.dll
12:11:31.0921 5640 NlaSvc - ok
12:11:31.0939 5640 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
12:11:31.0941 5640 Npfs - ok
12:11:31.0951 5640 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
12:11:31.0955 5640 nsi - ok

Fucza · Příspěvekod **Fucza** » 17 zář 2013 12:38

pokračování:
12:11:31.0967 5640 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
12:11:31.0968 5640 nsiproxy - ok
12:11:32.0056 5640 [ 9A6089B056EA1B83B36424FC9D0A300E ] Ntfs C:\windows\system32\drivers\Ntfs.sys
12:11:32.0104 5640 Ntfs - ok
12:11:32.0125 5640 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
12:11:32.0127 5640 Null - ok
12:11:32.0182 5640 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\windows\system32\drivers\nvraid.sys
12:11:32.0186 5640 nvraid - ok
12:11:32.0246 5640 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\windows\system32\drivers\nvstor.sys
12:11:32.0250 5640 nvstor - ok
12:11:32.0303 5640 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\DRIVERS\nv_agp.sys
12:11:32.0306 5640 nv_agp - ok
12:11:32.0437 5640 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:11:32.0446 5640 odserv - ok
12:11:32.0477 5640 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\DRIVERS\ohci1394.sys
12:11:32.0479 5640 ohci1394 - ok
12:11:32.0542 5640 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:11:32.0560 5640 ose - ok
12:11:32.0596 5640 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
12:11:32.0603 5640 p2pimsvc - ok
12:11:32.0629 5640 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
12:11:32.0639 5640 p2psvc - ok
12:11:32.0732 5640 [ 20BD38241EDD66D8FDC9E3496A1762A3 ] PanService C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
12:11:32.0741 5640 PanService - ok
12:11:32.0780 5640 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
12:11:32.0784 5640 Parport - ok
12:11:32.0821 5640 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\windows\system32\drivers\partmgr.sys
12:11:32.0823 5640 partmgr - ok
12:11:32.0836 5640 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
12:11:32.0842 5640 PcaSvc - ok
12:11:32.0861 5640 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\windows\system32\DRIVERS\pci.sys
12:11:32.0864 5640 pci - ok
12:11:32.0885 5640 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys
12:11:32.0887 5640 pciide - ok
12:11:32.0911 5640 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
12:11:32.0916 5640 pcmcia - ok
12:11:32.0940 5640 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
12:11:32.0941 5640 pcw - ok
12:11:32.0970 5640 pdfcDispatcher - ok
12:11:32.0992 5640 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
12:11:33.0002 5640 PEAUTH - ok
12:11:33.0110 5640 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
12:11:33.0114 5640 PerfHost - ok
12:11:33.0179 5640 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\windows\system32\pla.dll
12:11:33.0225 5640 pla - ok
12:11:33.0304 5640 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\windows\system32\umpnpmgr.dll
12:11:33.0310 5640 PlugPlay - ok
12:11:33.0326 5640 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
12:11:33.0328 5640 PNRPAutoReg - ok
12:11:33.0350 5640 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
12:11:33.0352 5640 PNRPsvc - ok
12:11:33.0385 5640 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
12:11:33.0391 5640 PolicyAgent - ok
12:11:33.0425 5640 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
12:11:33.0428 5640 Power - ok
12:11:33.0489 5640 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
12:11:33.0493 5640 PptpMiniport - ok
12:11:33.0522 5640 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys
12:11:33.0525 5640 Processor - ok
12:11:33.0569 5640 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\windows\system32\profsvc.dll
12:11:33.0575 5640 ProfSvc - ok
12:11:33.0593 5640 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\windows\system32\lsass.exe
12:11:33.0595 5640 ProtectedStorage - ok
12:11:33.0645 5640 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\windows\system32\DRIVERS\pacer.sys
12:11:33.0648 5640 Psched - ok
12:11:33.0710 5640 [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
12:11:33.0714 5640 PSI_SVC_2 - ok
12:11:33.0785 5640 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
12:11:33.0830 5640 ql2300 - ok
12:11:33.0854 5640 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
12:11:33.0858 5640 ql40xx - ok
12:11:33.0926 5640 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
12:11:33.0934 5640 QWAVE - ok
12:11:33.0953 5640 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
12:11:33.0956 5640 QWAVEdrv - ok
12:11:33.0966 5640 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
12:11:33.0969 5640 RasAcd - ok
12:11:34.0042 5640 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
12:11:34.0045 5640 RasAgileVpn - ok
12:11:34.0062 5640 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
12:11:34.0067 5640 RasAuto - ok
12:11:34.0083 5640 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
12:11:34.0087 5640 Rasl2tp - ok
12:11:34.0133 5640 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\windows\System32\rasmans.dll
12:11:34.0142 5640 RasMan - ok
12:11:34.0157 5640 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
12:11:34.0160 5640 RasPppoe - ok
12:11:34.0204 5640 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
12:11:34.0207 5640 RasSstp - ok
12:11:34.0233 5640 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
12:11:34.0239 5640 rdbss - ok
12:11:34.0266 5640 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
12:11:34.0268 5640 rdpbus - ok
12:11:34.0318 5640 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
12:11:34.0319 5640 RDPCDD - ok
12:11:34.0338 5640 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
12:11:34.0339 5640 RDPENCDD - ok
12:11:34.0355 5640 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
12:11:34.0356 5640 RDPREFMP - ok
12:11:34.0398 5640 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
12:11:34.0402 5640 RDPWD - ok
12:11:34.0426 5640 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\windows\system32\drivers\rdyboost.sys
12:11:34.0429 5640 rdyboost - ok
12:11:34.0459 5640 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
12:11:34.0463 5640 RemoteAccess - ok
12:11:34.0526 5640 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
12:11:34.0531 5640 RemoteRegistry - ok
12:11:34.0595 5640 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
12:11:34.0599 5640 RFCOMM - ok
12:11:34.0621 5640 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
12:11:34.0625 5640 RpcEptMapper - ok
12:11:34.0649 5640 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
12:11:34.0652 5640 RpcLocator - ok
12:11:34.0678 5640 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\windows\system32\rpcss.dll
12:11:34.0684 5640 RpcSs - ok
12:11:34.0745 5640 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
12:11:34.0748 5640 rspndr - ok
12:11:34.0822 5640 [ 30F463768D5143BFD7B2DF822B53CF4D ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
12:11:34.0827 5640 RSUSBSTOR - ok
12:11:34.0842 5640 [ ECBAB4CD65CBEDBE26EC6838E4FB7C1C ] RsvLock C:\windows\system32\drivers\RsvLock.sys
12:11:34.0845 5640 RsvLock - ok
12:11:34.0909 5640 [ FD978B2BF8A9B2390DCBEF435E9C1F9F ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
12:11:34.0913 5640 RTL8167 - ok
12:11:34.0956 5640 [ 317A99735C3A26C5CD60AB59E5E7E4E2 ] SafeBoot C:\windows\system32\drivers\SafeBoot.sys
12:11:34.0957 5640 Suspicious file (NoAccess): C:\windows\system32\drivers\SafeBoot.sys. md5: 317A99735C3A26C5CD60AB59E5E7E4E2
12:11:34.0958 5640 SafeBoot ( LockedFile.Multi.Generic ) - warning
12:11:34.0958 5640 SafeBoot - detected LockedFile.Multi.Generic (1)
12:11:34.0972 5640 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\windows\system32\lsass.exe
12:11:34.0974 5640 SamSs - ok
12:11:34.0992 5640 [ FD8714A36C4646DE22DDC7E36F6D09EF ] SbAlg C:\windows\system32\drivers\SbAlg.sys
12:11:34.0993 5640 SbAlg - ok
12:11:35.0002 5640 [ FCAA034231E58B0DE64D0A7904015535 ] SbFsLock C:\windows\system32\drivers\SbFsLock.sys
12:11:35.0004 5640 SbFsLock - ok
12:11:35.0026 5640 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\windows\system32\DRIVERS\sbp2port.sys
12:11:35.0029 5640 sbp2port - ok
12:11:35.0065 5640 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
12:11:35.0071 5640 SCardSvr - ok
12:11:35.0077 5640 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
12:11:35.0079 5640 scfilter - ok
12:11:35.0126 5640 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\windows\system32\schedsvc.dll
12:11:35.0172 5640 Schedule - ok
12:11:35.0205 5640 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\windows\System32\certprop.dll
12:11:35.0207 5640 SCPolicySvc - ok
12:11:35.0233 5640 [ 54E47AD086782D3AE9417C155CDCEB9B ] sdbus C:\windows\system32\DRIVERS\sdbus.sys
12:11:35.0237 5640 sdbus - ok
12:11:35.0264 5640 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\windows\System32\SDRSVC.dll
12:11:35.0270 5640 SDRSVC - ok
12:11:35.0293 5640 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
12:11:35.0296 5640 secdrv - ok
12:11:35.0308 5640 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\windows\system32\seclogon.dll
12:11:35.0312 5640 seclogon - ok
12:11:35.0357 5640 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\system32\sens.dll
12:11:35.0361 5640 SENS - ok
12:11:35.0368 5640 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
12:11:35.0372 5640 SensrSvc - ok
12:11:35.0393 5640 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
12:11:35.0395 5640 Serenum - ok
12:11:35.0424 5640 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
12:11:35.0427 5640 Serial - ok
12:11:35.0474 5640 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
12:11:35.0476 5640 sermouse - ok
12:11:35.0505 5640 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\windows\system32\sessenv.dll
12:11:35.0510 5640 SessionEnv - ok
12:11:35.0526 5640 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\DRIVERS\sffdisk.sys
12:11:35.0528 5640 sffdisk - ok
12:11:35.0541 5640 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\DRIVERS\sffp_mmc.sys
12:11:35.0543 5640 sffp_mmc - ok
12:11:35.0564 5640 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\windows\system32\DRIVERS\sffp_sd.sys
12:11:35.0566 5640 sffp_sd - ok
12:11:35.0580 5640 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
12:11:35.0582 5640 sfloppy - ok
12:11:35.0670 5640 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
12:11:35.0678 5640 SharedAccess - ok
12:11:35.0694 5640 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\windows\System32\shsvcs.dll
12:11:35.0703 5640 ShellHWDetection - ok
12:11:35.0721 5640 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
12:11:35.0724 5640 SiSRaid2 - ok
12:11:35.0745 5640 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
12:11:35.0748 5640 SiSRaid4 - ok
12:11:35.0860 5640 [ 4E8A4BB5B11D828FF986F6228B1CD3DF ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:11:35.0863 5640 SkypeUpdate - ok
12:11:35.0919 5640 [ D335450B591CA26F421D7F975399DDC3 ] SMARTMouseFilterx64 C:\windows\system32\DRIVERS\SMARTMouseFilterx64.sys
12:11:35.0921 5640 SMARTMouseFilterx64 - ok
12:11:35.0999 5640 [ CE70BFC09969B480627D0ED8DD7B3943 ] SMARTVHidMiniVistaAmd64 C:\windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys
12:11:36.0001 5640 SMARTVHidMiniVistaAmd64 - ok
12:11:36.0051 5640 [ 9EB228E604FA70636E5A3C7C2A2FE304 ] SMARTVTabletPCx64 C:\windows\system32\DRIVERS\SMARTVTabletPCx64.sys
12:11:36.0054 5640 SMARTVTabletPCx64 - ok
12:11:36.0111 5640 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
12:11:36.0114 5640 Smb - ok
12:11:36.0146 5640 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
12:11:36.0150 5640 SNMPTRAP - ok
12:11:36.0237 5640 [ 6FC63B4B19FB809336034D5C5C4D2BC0 ] SNP2UVC C:\windows\system32\DRIVERS\snp2uvc.sys
12:11:36.0282 5640 SNP2UVC - ok
12:11:36.0328 5640 [ 0FFE35F0B0CD5A324BBE22F02569AE3B ] speedfan C:\windows\syswow64\speedfan.sys
12:11:36.0332 5640 speedfan - ok
12:11:36.0350 5640 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
12:11:36.0352 5640 spldr - ok
12:11:36.0419 5640 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\windows\System32\spoolsv.exe
12:11:36.0431 5640 Spooler - ok
12:11:36.0515 5640 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\windows\system32\sppsvc.exe
12:11:36.0597 5640 sppsvc - ok
12:11:36.0620 5640 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
12:11:36.0625 5640 sppuinotify - ok
12:11:36.0649 5640 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\windows\system32\DRIVERS\srv.sys
12:11:36.0656 5640 srv - ok
12:11:36.0678 5640 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
12:11:36.0684 5640 srv2 - ok
12:11:36.0718 5640 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
12:11:36.0721 5640 srvnet - ok
12:11:36.0777 5640 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
12:11:36.0783 5640 SSDPSRV - ok
12:11:36.0805 5640 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
12:11:36.0809 5640 SstpSvc - ok
12:11:36.0925 5640 [ E455F5FE92EDC3CAD3F2963C5CCA47E6 ] STacSV C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe
12:11:36.0930 5640 STacSV - ok
12:11:36.0964 5640 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
12:11:36.0966 5640 stexstor - ok
12:11:37.0037 5640 [ 4A9D087C9A97071B9D06DB38567DA906 ] STHDA C:\windows\system32\DRIVERS\stwrt64.sys
12:11:37.0046 5640 STHDA - ok
12:11:37.0109 5640 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\windows\System32\wiaservc.dll
12:11:37.0121 5640 stisvc - ok
12:11:37.0131 5640 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
12:11:37.0134 5640 swenum - ok
12:11:37.0175 5640 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
12:11:37.0186 5640 swprv - ok
12:11:37.0287 5640 [ D268D2A0DB2A2BBE963E688D0B039267 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
12:11:37.0321 5640 SynTP - ok
12:11:37.0376 5640 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\windows\system32\sysmain.dll
12:11:37.0422 5640 SysMain - ok
12:11:37.0440 5640 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\windows\System32\TabSvc.dll
12:11:37.0445 5640 TabletInputService - ok
12:11:37.0462 5640 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\windows\System32\tapisrv.dll
12:11:37.0469 5640 TapiSrv - ok
12:11:37.0487 5640 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
12:11:37.0491 5640 TBS - ok
12:11:37.0571 5640 [ 5CFB7AB8F9524D1A1E14369DE63B83CC ] Tcpip C:\windows\system32\drivers\tcpip.sys
12:11:37.0640 5640 Tcpip - ok
12:11:37.0690 5640 [ 5CFB7AB8F9524D1A1E14369DE63B83CC ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
12:11:37.0705 5640 TCPIP6 - ok
12:11:37.0747 5640 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
12:11:37.0749 5640 tcpipreg - ok
12:11:37.0765 5640 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
12:11:37.0767 5640 TDPIPE - ok
12:11:37.0803 5640 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
12:11:37.0806 5640 TDTCP - ok
12:11:37.0823 5640 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\windows\system32\DRIVERS\tdx.sys
12:11:37.0827 5640 tdx - ok
12:11:38.0020 5640 [ 6B1B2F8D62D606B200C2072564090104 ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
12:11:38.0099 5640 TeamViewer8 - ok
12:11:38.0114 5640 [ C448651339196C0E869A355171875522 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
12:11:38.0117 5640 TermDD - ok
12:11:38.0149 5640 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\windows\System32\termsrv.dll
12:11:38.0164 5640 TermService - ok
12:11:38.0181 5640 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
12:11:38.0186 5640 Themes - ok
12:11:38.0223 5640 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
12:11:38.0225 5640 THREADORDER - ok
12:11:38.0255 5640 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\windows\system32\drivers\tpm.sys
12:11:38.0257 5640 TPM - ok
12:11:38.0276 5640 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
12:11:38.0282 5640 TrkWks - ok
12:11:38.0338 5640 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
12:11:38.0342 5640 TrustedInstaller - ok
12:11:38.0365 5640 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
12:11:38.0369 5640 tssecsrv - ok
12:11:38.0420 5640 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
12:11:38.0423 5640 tunnel - ok
12:11:38.0449 5640 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
12:11:38.0452 5640 uagp35 - ok
12:11:38.0488 5640 [ 9EEA84226ED2A028BC3FDFDDE03FE95C ] uArcCapture C:\windows\system\uArcCapture.exe
12:11:38.0495 5640 uArcCapture - ok
12:11:38.0524 5640 [ C06E6F4679CEB8F430B90A51D76D8D3C ] udfs C:\windows\system32\DRIVERS\udfs.sys
12:11:38.0532 5640 udfs - ok
12:11:38.0564 5640 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
12:11:38.0568 5640 UI0Detect - ok
12:11:38.0618 5640 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\DRIVERS\uliagpkx.sys
12:11:38.0621 5640 uliagpkx - ok
12:11:38.0666 5640 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\windows\system32\DRIVERS\umbus.sys
12:11:38.0668 5640 umbus - ok
12:11:38.0711 5640 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
12:11:38.0713 5640 UmPass - ok
12:11:38.0878 5640 [ 44AA8D5D3B3B5610FEF46CA8A9C52D8C ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
12:11:38.0947 5640 UNS - ok
12:11:38.0969 5640 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
12:11:38.0975 5640 upnphost - ok
12:11:39.0047 5640 [ 77B01BC848298223A95D4EC23E1785A1 ] usbaudio C:\windows\system32\drivers\usbaudio.sys
12:11:39.0050 5640 usbaudio - ok
12:11:39.0097 5640 [ 537A4E03D7103C12D42DFD8FFDB5BDC9 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
12:11:39.0100 5640 usbccgp - ok
12:11:39.0158 5640 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\DRIVERS\usbcir.sys
12:11:39.0161 5640 usbcir - ok
12:11:39.0180 5640 [ FBB21EBE49F6D560DB37AC25FBC68E66 ] usbehci C:\windows\system32\drivers\usbehci.sys
12:11:39.0183 5640 usbehci - ok
12:11:39.0223 5640 [ 6B7A8A99C4A459E73C286A6763EA24CC ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
12:11:39.0230 5640 usbhub - ok
12:11:39.0280 5640 [ 8C88AA7617B4CBC2E4BED61D26B33A27 ] usbohci C:\windows\system32\drivers\usbohci.sys
12:11:39.0283 5640 usbohci - ok
12:11:39.0310 5640 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
12:11:39.0313 5640 usbprint - ok
12:11:39.0359 5640 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
12:11:39.0361 5640 USBSTOR - ok
12:11:39.0384 5640 [ 0B5B3B2DF3FD1709618ACFA50B8392B0 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
12:11:39.0387 5640 usbuhci - ok
12:11:39.0430 5640 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
12:11:39.0434 5640 usbvideo - ok
12:11:39.0473 5640 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
12:11:39.0477 5640 UxSms - ok
12:11:39.0505 5640 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\windows\system32\lsass.exe
12:11:39.0507 5640 VaultSvc - ok
12:11:39.0580 5640 [ F81A2648BFF893C8EFD9897811B14263 ] vcsFPService C:\windows\system32\vcsFPService.exe
12:11:39.0639 5640 vcsFPService - ok
12:11:39.0697 5640 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\DRIVERS\vdrvroot.sys
12:11:39.0699 5640 vdrvroot - ok
12:11:39.0724 5640 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\windows\System32\vds.exe
12:11:39.0732 5640 vds - ok
12:11:39.0745 5640 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
12:11:39.0747 5640 vga - ok
12:11:39.0769 5640 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
12:11:39.0771 5640 VgaSave - ok
12:11:39.0793 5640 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\windows\system32\DRIVERS\vhdmp.sys
12:11:39.0798 5640 vhdmp - ok
12:11:39.0817 5640 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\DRIVERS\viaide.sys
12:11:39.0819 5640 viaide - ok
12:11:39.0841 5640 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\windows\system32\DRIVERS\volmgr.sys
12:11:39.0844 5640 volmgr - ok
12:11:39.0861 5640 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\windows\system32\drivers\volmgrx.sys
12:11:39.0867 5640 volmgrx - ok
12:11:39.0925 5640 [ 9E425AC5C9A5A973273D169F43B4F5E1 ] volsnap C:\windows\system32\drivers\volsnap.sys
12:11:39.0930 5640 volsnap - ok
12:11:39.0949 5640 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
12:11:39.0954 5640 vsmraid - ok
12:11:40.0018 5640 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\windows\system32\vssvc.exe
12:11:40.0064 5640 VSS - ok
12:11:40.0138 5640 [ E72B7F6AD60EC55B2BBEF6C6202CDE2A ] VSTWinDriver6 C:\windows\system32\drivers\VSTwindrvr6.sys
12:11:40.0144 5640 VSTWinDriver6 - ok
12:11:40.0162 5640 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
12:11:40.0164 5640 vwifibus - ok
12:11:40.0208 5640 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
12:11:40.0211 5640 vwififlt - ok
12:11:40.0219 5640 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
12:11:40.0221 5640 vwifimp - ok
12:11:40.0274 5640 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
12:11:40.0283 5640 W32Time - ok
12:11:40.0311 5640 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
12:11:40.0313 5640 WacomPen - ok
12:11:40.0386 5640 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
12:11:40.0389 5640 WANARP - ok
12:11:40.0420 5640 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
12:11:40.0421 5640 Wanarpv6 - ok
12:11:40.0502 5640 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
12:11:40.0533 5640 WatAdminSvc - ok
12:11:40.0594 5640 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\windows\system32\wbengine.exe
12:11:40.0640 5640 wbengine - ok
12:11:40.0665 5640 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
12:11:40.0672 5640 WbioSrvc - ok
12:11:40.0729 5640 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\windows\System32\wcncsvc.dll
12:11:40.0741 5640 wcncsvc - ok
12:11:40.0764 5640 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
12:11:40.0769 5640 WcsPlugInService - ok
12:11:40.0806 5640 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys
12:11:40.0809 5640 Wd - ok
12:11:40.0858 5640 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
12:11:40.0875 5640 Wdf01000 - ok
12:11:40.0889 5640 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
12:11:40.0893 5640 WdiServiceHost - ok
12:11:40.0899 5640 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
12:11:40.0903 5640 WdiSystemHost - ok
12:11:40.0943 5640 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\windows\System32\webclnt.dll
12:11:40.0950 5640 WebClient - ok
12:11:40.0972 5640 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
12:11:40.0979 5640 Wecsvc - ok
12:11:40.0995 5640 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
12:11:41.0001 5640 wercplsupport - ok
12:11:41.0012 5640 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
12:11:41.0017 5640 WerSvc - ok
12:11:41.0074 5640 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
12:11:41.0076 5640 WfpLwf - ok
12:11:41.0129 5640 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
12:11:41.0131 5640 WIMMount - ok
12:11:41.0158 5640 WinDefend - ok
12:11:41.0172 5640 WinHttpAutoProxySvc - ok
12:11:41.0252 5640 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
12:11:41.0258 5640 Winmgmt - ok
12:11:41.0321 5640 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\windows\system32\WsmSvc.dll
12:11:41.0379 5640 WinRM - ok
12:11:41.0455 5640 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
12:11:41.0458 5640 WinUsb - ok
12:11:41.0500 5640 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
12:11:41.0534 5640 Wlansvc - ok
12:11:41.0691 5640 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:11:41.0750 5640 wlidsvc - ok
12:11:41.0809 5640 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
12:11:41.0810 5640 WmiAcpi - ok
12:11:41.0842 5640 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
12:11:41.0847 5640 wmiApSrv - ok
12:11:41.0903 5640 WMPNetworkSvc - ok
12:11:41.0970 5640 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
12:11:41.0974 5640 WPCSvc - ok
12:11:41.0995 5640 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
12:11:42.0001 5640 WPDBusEnum - ok
12:11:42.0019 5640 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
12:11:42.0020 5640 ws2ifsl - ok
12:11:42.0048 5640 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\windows\system32\wscsvc.dll
12:11:42.0052 5640 wscsvc - ok
12:11:42.0057 5640 WSearch - ok
12:11:42.0143 5640 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
12:11:42.0194 5640 wuauserv - ok
12:11:42.0243 5640 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
12:11:42.0245 5640 WudfPf - ok
12:11:42.0302 5640 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
12:11:42.0306 5640 WUDFRd - ok
12:11:42.0353 5640 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
12:11:42.0358 5640 wudfsvc - ok
12:11:42.0391 5640 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
12:11:42.0398 5640 WwanSvc - ok
12:11:42.0431 5640 ================ Scan global ===============================
12:11:42.0469 5640 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
12:11:42.0525 5640 [ 3FB74FF230B5D240A57AE1C4A3D0459D ] C:\windows\system32\winsrv.dll
12:11:42.0538 5640 [ 3FB74FF230B5D240A57AE1C4A3D0459D ] C:\windows\system32\winsrv.dll
12:11:42.0585 5640 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
12:11:42.0621 5640 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
12:11:42.0628 5640 [Global] - ok
12:11:42.0628 5640 ================ Scan MBR ==================================
12:11:42.0638 5640 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:11:42.0954 5640 \Device\Harddisk0\DR0 - ok
12:11:42.0955 5640 ================ Scan VBR ==================================
12:11:42.0959 5640 [ FF6BE3BAF4E916BC3C0B45BE3137804C ] \Device\Harddisk0\DR0\Partition1
12:11:42.0961 5640 \Device\Harddisk0\DR0\Partition1 - ok
12:11:42.0978 5640 [ F48279816828875441023E35F9E4C801 ] \Device\Harddisk0\DR0\Partition2
12:11:42.0981 5640 \Device\Harddisk0\DR0\Partition2 - ok
12:11:43.0013 5640 [ 6EE6EA6814C12492CC2E2C0ADC462D81 ] \Device\Harddisk0\DR0\Partition3
12:11:43.0015 5640 \Device\Harddisk0\DR0\Partition3 - ok
12:11:43.0039 5640 [ 8E46F89E54B78165EA480068B7919E3D ] \Device\Harddisk0\DR0\Partition4
12:11:43.0040 5640 \Device\Harddisk0\DR0\Partition4 - ok
12:11:43.0041 5640 ============================================================
12:11:43.0041 5640 Scan finished
12:11:43.0041 5640 ============================================================
12:11:43.0056 6964 Detected object count: 1
12:11:43.0056 6964 Actual detected object count: 1
12:11:57.0583 6964 SafeBoot ( LockedFile.Multi.Generic ) - skipped by user
12:11:57.0583 6964 SafeBoot ( LockedFile.Multi.Generic ) - User select action: Skip
12:12:07.0285 1340 Deinitialize success

Fucza · Příspěvekod **Fucza** » 17 zář 2013 12:39

Combofix:
ComboFix 13-09-16.01 - Martin 17.09.2013 12:20:38.9.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.3951.2183 [GMT 2:00]
Spuštěný z: c:\users\Martin\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 5.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 5.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\93F5694F18.sys
c:\windows\PFRO.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-17 do 2013-09-17 )))))))))))))))))))))))))))))))
.
.
2013-09-17 10:28 . 2013-09-17 10:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-17 07:59 . 2013-09-05 05:32 9694160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{02680725-7E1E-4175-BCE8-1CCA504F4B97}\mpengine.dll
2013-09-16 20:31 . 2013-09-16 20:31 -------- d-----w- c:\windows\ERUNT
2013-09-16 20:08 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-09-16 20:08 . 2013-09-16 20:08 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-09-16 20:04 . 2013-09-16 20:04 -------- d-----w- c:\users\Martin\AppData\Local\ATI
2013-09-16 16:38 . 2013-09-16 20:19 -------- d-----w- C:\AdwCleaner
2013-09-16 10:45 . 2013-09-16 11:28 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-16 20:55 . 2012-05-23 15:44 79143768 ----a-w- c:\windows\system32\MRT.exe
2013-09-16 12:06 . 2012-05-15 20:28 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-16 12:06 . 2012-05-15 20:28 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-07 02:22 . 2012-05-18 09:03 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-07-20 16:19 . 2013-07-20 16:19 27760 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2013-07-20 16:19 . 2013-07-20 16:19 14448 ----a-w- c:\windows\system32\drivers\ggflt.sys
2013-07-15 14:18 . 2013-07-15 14:18 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-07-15 14:18 . 2013-07-15 14:18 312232 ----a-w- c:\windows\system32\javaws.exe
2013-07-15 14:18 . 2013-07-15 14:18 189352 ----a-w- c:\windows\system32\javaw.exe
2013-07-15 14:18 . 2013-07-15 14:18 188840 ----a-w- c:\windows\system32\java.exe
2013-07-15 14:18 . 2012-05-17 18:03 972712 ----a-w- c:\windows\system32\deployJava1.dll
2013-07-15 14:18 . 2012-05-17 18:03 1093032 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-07-10 06:53 . 2013-07-10 06:53 153 ----a-w- c:\programdata\n7RQvYV.reg
2012-07-25 14:49 . 2006-01-19 11:32 65024 ----a-w- c:\program files (x86)\ColorCop.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-09-29 1685048]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-06-17 2363392]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-03 19603048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2010-03-01 256056]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"File Sanitizer"="c:\program files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2009-12-12 11265536]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-08-05 98304]
"DTRun"="c:\program files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe" [2009-11-18 518656]
"SMART Board Tools"="c:\program files (x86)\SMART Technologies\Education Software\SMARTBoardTools.exe" [2011-06-23 9800560]
"SMART Board Service"="c:\program files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe" [2011-07-13 1761136]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys;c:\windows\SYSNATIVE\Drivers\btmcom.sys [x]
R3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys;c:\windows\SYSNATIVE\Drivers\btmusb.sys [x]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys;c:\windows\SYSNATIVE\DRIVERS\DAMDrv64.sys [x]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe;c:\windows\SysWOW64\flcdlock.exe [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 DolBoot;DolBoot;c:\windows\system32\dolboot.sys;c:\windows\SYSNATIVE\dolboot.sys [x]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\program files (x86)\HWiNFO32\HWiNFO64A.SYS;c:\program files (x86)\HWiNFO32\HWiNFO64A.SYS [x]
S1 RsvLock;RsvLock; [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\Motorola\Bluetooth\obexsrv.exe;c:\program files\Motorola\Bluetooth\obexsrv.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [x]
S2 HP ProtectTools Service;HP ProtectTools Service;c:\program files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe;c:\program files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [x]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
S2 HPDayStarterService;HP DayStarter Service;c:\program files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe;c:\program files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [x]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [x]
S2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 uArcCapture;ArcCapture;c:\windows\system\uArcCapture.exe;c:\windows\system\uArcCapture.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftVCapture.sys [x]
S3 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files\Motorola\Bluetooth\audiosrv.exe;c:\program files\Motorola\Bluetooth\audiosrv.exe [x]
S3 DEBridge;DEBridge;c:\program files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe;c:\program files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [x]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 InputFilter_Hid_FlexDef2b;Siliten HID Devices(FlexDef2b) Driver Service;c:\windows\system32\DRIVERS\InputFilter_FlexDef2b.sys;c:\windows\SYSNATIVE\DRIVERS\InputFilter_FlexDef2b.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
S3 SMARTMouseFilterx64;HID-compliant mouse;c:\windows\system32\DRIVERS\SMARTMouseFilterx64.sys;c:\windows\SYSNATIVE\DRIVERS\SMARTMouseFilterx64.sys [x]
S3 SMARTVHidMiniVistaAmd64;SMART HID Device;c:\windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys;c:\windows\SYSNATIVE\DRIVERS\SMARTVHidMiniVistaAmd64.sys [x]
S3 SMARTVTabletPCx64;SMART Virtual TabletPC;c:\windows\system32\DRIVERS\SMARTVTabletPCx64.sys;c:\windows\SYSNATIVE\DRIVERS\SMARTVTabletPCx64.sys [x]
S3 VSTWinDriver6;VSTWinDriver6;c:\windows\system32\drivers\VSTwindrvr6.sys;c:\windows\SYSNATIVE\drivers\VSTwindrvr6.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 19:11 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-15 12:06]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" [2010-06-18 1691192]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-04-05 8192]
"BTMTrayAgent"="c:\program files\Motorola\Bluetooth\btmshell.dll" [2010-06-10 24783624]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-17 487424]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2012-03-07 4081008]
.
------- Doplňkový sken -------
.
uLocal Page = %SystemRoot%\system32\blank.htm
mStart Page = hxxp://search.myheritage.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{bd707fe6-39f6-4bda-9265-86a76719bdc5} - c:\program files\Motorola\Bluetooth\btmiesend.htm
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //FWEvent.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www
TCP: DhcpNameServer = 81.91.208.2 10.0.0.138
FF - ProfilePath - c:\users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\14ydu06m.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-{FC17E0A7-EAA9-4902-92F8-C83B9FD02246} - c:\program files (x86)\InstallShield Installation Information\{FC17E0A7-EAA9-4902-92F8-C83B9FD02246}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_174_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_174_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_174_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_174_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Celkový čas: 2013-09-17 12:31:35
ComboFix-quarantined-files.txt 2013-09-17 10:31
.
Před spuštěním: Volných bajtů: 215 994 462 208
Po spuštění: Volných bajtů: 215 739 920 384
.
- - End Of File - - 2070D42DC31B08B0B5723C27EDEE90AB

Příspěvekod **jaro3** » 17 zář 2013 19:03

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
KillAll::

Collect::
c:\programdata\n7RQvYV.reg

Folder::
c:\program files (x86)\Skype\Updater

Driver::
SkypeUpdate

DDS::
Trusted Zone: //Exclude.htm/
Trusted Zone: //FWEvent.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_174_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_174_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_174_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_174_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_174.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

Fucza · Příspěvekod **Fucza** » 17 zář 2013 19:54

Ačkoliv mě to v prvním Combofixu psalo, že to odstraňuje ty 3 neodstranitelné soubory, tak tam stále zůstávají. (East Midlands Trains Class 222 5 car 02 XLS , Kostel_hrany, Státy a vlajky).

Nyní, když se restartoval PC po Combofixu, vyjela neobvyklá hláška. Screen přikládám. Děkuji.
PS: Můžu se zeptat, co tam je v lozích ta Motorola?

ComboFix 13-09-16.01 - Martin 17.09.2013 19:28:38.10.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.420.1029.18.3951.1998 [GMT 2:00]
Spuštěný z: c:\users\Martin\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Martin\Desktop\CFScript.txt
AV: ESET NOD32 Antivirus 5.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 5.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Skype\Updater
c:\program files (x86)\Skype\Updater\Updater.dll
c:\program files (x86)\Skype\Updater\Updater.exe
c:\programdata\n7RQvYV.reg
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-17 do 2013-09-17 )))))))))))))))))))))))))))))))
.
.
2013-09-17 17:35 . 2013-09-17 17:35 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-09-17 17:35 . 2013-09-17 17:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-17 17:35 . 2013-09-17 17:35 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2013-09-17 07:59 . 2013-09-05 05:32 9694160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{02680725-7E1E-4175-BCE8-1CCA504F4B97}\mpengine.dll
2013-09-16 20:31 . 2013-09-16 20:31 -------- d-----w- c:\windows\ERUNT
2013-09-16 20:08 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-09-16 20:08 . 2013-09-16 20:08 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-09-16 20:04 . 2013-09-16 20:04 -------- d-----w- c:\users\Martin\AppData\Local\ATI
2013-09-16 16:38 . 2013-09-16 20:19 -------- d-----w- C:\AdwCleaner
2013-09-16 10:45 . 2013-09-16 11:28 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-16 20:55 . 2012-05-23 15:44 79143768 ----a-w- c:\windows\system32\MRT.exe
2013-09-16 12:06 . 2012-05-15 20:28 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-16 12:06 . 2012-05-15 20:28 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-07 02:22 . 2012-05-18 09:03 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-07-20 16:19 . 2013-07-20 16:19 27760 ----a-w- c:\windows\system32\drivers\ggsemc.sys
2013-07-20 16:19 . 2013-07-20 16:19 14448 ----a-w- c:\windows\system32\drivers\ggflt.sys
2013-07-15 14:18 . 2013-07-15 14:18 108968 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-07-15 14:18 . 2013-07-15 14:18 312232 ----a-w- c:\windows\system32\javaws.exe
2013-07-15 14:18 . 2013-07-15 14:18 189352 ----a-w- c:\windows\system32\javaw.exe
2013-07-15 14:18 . 2013-07-15 14:18 188840 ----a-w- c:\windows\system32\java.exe
2013-07-15 14:18 . 2012-05-17 18:03 972712 ----a-w- c:\windows\system32\deployJava1.dll
2013-07-15 14:18 . 2012-05-17 18:03 1093032 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-07-25 14:49 . 2006-01-19 11:32 65024 ----a-w- c:\program files (x86)\ColorCop.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-09-29 1685048]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-06-17 2363392]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-06-03 19603048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" [2010-03-01 256056]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"File Sanitizer"="c:\program files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2009-12-12 11265536]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-08-05 98304]
"DTRun"="c:\program files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe" [2009-11-18 518656]
"SMART Board Tools"="c:\program files (x86)\SMART Technologies\Education Software\SMARTBoardTools.exe" [2011-06-23 9800560]
"SMART Board Service"="c:\program files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe" [2011-07-13 1761136]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [x]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
R2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys;c:\windows\SYSNATIVE\Drivers\btmcom.sys [x]
R3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys;c:\windows\SYSNATIVE\Drivers\btmusb.sys [x]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys;c:\windows\SYSNATIVE\DRIVERS\DAMDrv64.sys [x]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe;c:\windows\SysWOW64\flcdlock.exe [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 DolBoot;DolBoot;c:\windows\system32\dolboot.sys;c:\windows\SYSNATIVE\dolboot.sys [x]
S0 SafeBoot;SafeBoot; [x]
S0 SbAlg;SbAlg; [x]
S0 SbFsLock;SbFsLock; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\program files (x86)\HWiNFO32\HWiNFO64A.SYS;c:\program files (x86)\HWiNFO32\HWiNFO64A.SYS [x]
S1 RsvLock;RsvLock; [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\Motorola\Bluetooth\obexsrv.exe;c:\program files\Motorola\Bluetooth\obexsrv.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 HP ProtectTools Service;HP ProtectTools Service;c:\program files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe;c:\program files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [x]
S2 HPDayStarterService;HP DayStarter Service;c:\program files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe;c:\program files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 HpFkCryptService;Drive Encryption Service;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe;c:\program files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [x]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [x]
S2 hpHotkeyMonitor;HP Hotkey Monitor;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 PanService;PandoraService;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe;c:\program files (x86)\PANDORA.TV\PanService\PandoraService.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 uArcCapture;ArcCapture;c:\windows\system\uArcCapture.exe;c:\windows\system\uArcCapture.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftVCapture.sys [x]
S3 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files\Motorola\Bluetooth\audiosrv.exe;c:\program files\Motorola\Bluetooth\audiosrv.exe [x]
S3 DEBridge;DEBridge;c:\program files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe;c:\program files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [x]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 InputFilter_Hid_FlexDef2b;Siliten HID Devices(FlexDef2b) Driver Service;c:\windows\system32\DRIVERS\InputFilter_FlexDef2b.sys;c:\windows\SYSNATIVE\DRIVERS\InputFilter_FlexDef2b.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
S3 SMARTMouseFilterx64;HID-compliant mouse;c:\windows\system32\DRIVERS\SMARTMouseFilterx64.sys;c:\windows\SYSNATIVE\DRIVERS\SMARTMouseFilterx64.sys [x]
S3 SMARTVHidMiniVistaAmd64;SMART HID Device;c:\windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys;c:\windows\SYSNATIVE\DRIVERS\SMARTVHidMiniVistaAmd64.sys [x]
S3 SMARTVTabletPCx64;SMART Virtual TabletPC;c:\windows\system32\DRIVERS\SMARTVTabletPCx64.sys;c:\windows\SYSNATIVE\DRIVERS\SMARTVTabletPCx64.sys [x]
S3 VSTWinDriver6;VSTWinDriver6;c:\windows\system32\drivers\VSTwindrvr6.sys;c:\windows\SYSNATIVE\drivers\VSTwindrvr6.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 19:11 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-09-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-15 12:06]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" [2010-06-18 1691192]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-04-05 8192]
"BTMTrayAgent"="c:\program files\Motorola\Bluetooth\btmshell.dll" [2010-06-10 24783624]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-17 487424]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2012-03-07 4081008]
.
------- Doplňkový sken -------
.
uLocal Page = %SystemRoot%\system32\blank.htm
mStart Page = hxxp://search.myheritage.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{bd707fe6-39f6-4bda-9265-86a76719bdc5} - c:\program files\Motorola\Bluetooth\btmiesend.htm
Trusted Zone: //about.htm/
Trusted Zone: //Exclude.htm/
Trusted Zone: //FWEvent.htm/
Trusted Zone: //LanguageSelection.htm/
Trusted Zone: //Message.htm/
Trusted Zone: //MyAgttryCmd.htm/
Trusted Zone: //MyAgttryNag.htm/
Trusted Zone: //MyNotification.htm/
Trusted Zone: //NOCLessUpdate.htm/
Trusted Zone: //quarantine.htm/
Trusted Zone: //ScanNow.htm/
Trusted Zone: //strings.vbs/
Trusted Zone: //Template.htm/
Trusted Zone: //Update.htm/
Trusted Zone: //VirFound.htm/
Trusted Zone: mcafeeasap.com\betavscan
Trusted Zone: mcafeeasap.com\vs
Trusted Zone: mcafeeasap.com\www
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
FF - ProfilePath - c:\users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\14ydu06m.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-{FC17E0A7-EAA9-4902-92F8-C83B9FD02246} - c:\program files (x86)\InstallShield Installation Information\{FC17E0A7-EAA9-4902-92F8-C83B9FD02246}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_174_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_174_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
c:\program files (x86)\SMART Technologies\Education Software\Aware.exe
c:\program files (x86)\SMART Technologies\Education Software\Marker.exe
c:\program files\Motorola\Bluetooth\btplayerctrl.exe
.
**************************************************************************
.
Celkový čas: 2013-09-17 19:42:44 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-09-17 17:42
ComboFix2.txt 2013-09-17 10:31
.
Před spuštěním: Volných bajtů: 214 614 601 728
Po spuštění: Volných bajtů: 215 263 002 624
.
- - End Of File - - 02960410B5BEFD7DCCB3B7566F6CCF0A
Nahr nˇ probŘhlo ŁspŘçnŘ

Fucza · Příspěvekod **Fucza** » 17 zář 2013 19:56

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:55:35, on 17.9.2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.17267)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardTools.exe
C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe
C:\Program Files (x86)\SMART Technologies\Education Software\Aware.exe
C:\Program Files (x86)\SMART Technologies\Education Software\Marker.exe
C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
C:\Programy\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll
O2 - BHO: SMART Notebook Download Utility - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies\Education Software\Win32\NotebookPlugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [DTRun] c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
O4 - HKLM\..\Run: [SMART Board Tools] "C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardTools.exe"
O4 - HKLM\..\Run: [SMART Board Service] "C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe"
O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Device Manager - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
O23 - Service: Bluetooth Media Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe
O23 - Service: DEBridge - McAfee, Inc. - c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software LLC - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b20011ea53a6b83e\STacSV64.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\system\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12968 bytes

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-09-17 19:46:46
-----------------------------
19:46:46.340 OS Version: Windows x64 6.1.7600
19:46:46.341 Number of processors: 4 586 0x2505
19:46:46.342 ComputerName: MARTIN-HP UserName: Martin
19:46:50.415 Initialize success
19:47:06.333 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
19:47:06.335 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3
19:47:06.546 Disk 0 MBR read successfully
19:47:06.548 Disk 0 MBR scan
19:47:06.549 Disk 0 Windows 7 default MBR code
19:47:06.555 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 300 MB offset 2048
19:47:06.564 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 459235 MB offset 616448
19:47:06.598 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 15360 MB offset 941129728
19:47:06.613 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 2043 MB offset 972587008
19:47:06.659 Disk 0 scanning C:\windows\system32\drivers
19:47:14.355 Service scanning
19:47:52.706 Service SafeBoot C:\windows\System32\Drivers\SafeBoot.sys **LOCKED** 32
19:48:21.331 Modules scanning
19:48:21.344 Disk 0 trace - called modules:
19:48:21.397 ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ACPI.sys iaStor.sys hal.dll
19:48:21.406 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006883790]
19:48:21.413 3 CLASSPNP.SYS[fffff88000c0143f] -> nt!IofCallDriver -> [0xfffffa80068826d0]
19:48:21.421 5 hpdskflt.sys[fffff880017f3289] -> nt!IofCallDriver -> [0xfffffa8004a03770]
19:48:21.428 7 ACPI.sys[fffff88000edd781] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004a06050]
19:48:21.435 Scan finished successfully
19:48:31.058 Disk 0 MBR has been saved successfully to "C:\Users\Martin\Desktop\MBR.dat"
19:48:31.065 The log file has been saved successfully to "C:\Users\Martin\Desktop\aswMBR.txt"

log HJT

log HJT

Re: log HJT

Re: log HJT

Re: log HJT

Re: log HJT

Re: log HJT

Re: log HJT

Re: log HJT

Re: log HJT

Re: log HJT

Re: log HJT

Re: log HJT

Kdo je online