Preventivní kontrola logu Vyřešeno

[tony13]

09:23:34.0210 0x156c [ 3C3F7F424E324C6971632C5DE5FF458F, 932369A793C6FD527F7AD205B230E64228D54E8A1B17D8684EC43C71337BE9B1 ] lenovo.smi C:\Windows\system32\DRIVERS\smiif32.sys
09:23:34.0210 0x156c lenovo.smi - ok
09:23:34.0241 0x156c [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:23:34.0241 0x156c lltdio - ok
09:23:34.0288 0x156c [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:23:34.0319 0x156c lltdsvc - ok
09:23:34.0335 0x156c [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:23:34.0335 0x156c lmhosts - ok
09:23:34.0350 0x156c [ 31F74D5D47EEA83E5E89447586917774, 5B8C99FDC77E8782A4362907424432A36AAA487756CA3E6CCC7E0F9759662145 ] LPCFilter C:\Windows\system32\DRIVERS\LPCFilter.sys
09:23:34.0350 0x156c LPCFilter - ok
09:23:34.0397 0x156c [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
09:23:34.0397 0x156c LSI_FC - ok
09:23:34.0428 0x156c [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
09:23:34.0428 0x156c LSI_SAS - ok
09:23:34.0460 0x156c [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
09:23:34.0460 0x156c LSI_SCSI - ok
09:23:34.0475 0x156c [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv C:\Windows\system32\drivers\luafv.sys
09:23:34.0475 0x156c luafv - ok
09:23:34.0538 0x156c [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
09:23:34.0538 0x156c MBAMProtector - ok
09:23:34.0600 0x156c [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
09:23:34.0631 0x156c MBAMScheduler - ok
09:23:34.0694 0x156c [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
09:23:34.0725 0x156c MBAMService - ok
09:23:34.0772 0x156c [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:23:34.0787 0x156c Mcx2Svc - ok
09:23:34.0818 0x156c [ 0CEA2D0D3FA284B85ED5B68365114F76, E6FF0EC98FDC3F628438B613C356C237E68686E3B5B17A58A60C16F4B9A2B968 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
09:23:34.0818 0x156c mdmxsdk - ok
09:23:34.0850 0x156c [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas C:\Windows\system32\drivers\megasas.sys
09:23:34.0850 0x156c megasas - ok
09:23:34.0896 0x156c [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR C:\Windows\system32\drivers\megasr.sys
09:23:34.0912 0x156c MegaSR - ok
09:23:34.0943 0x156c [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS C:\Windows\system32\mmcss.dll
09:23:34.0959 0x156c MMCSS - ok
09:23:34.0990 0x156c [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem C:\Windows\system32\drivers\modem.sys
09:23:34.0990 0x156c Modem - ok
09:23:35.0037 0x156c [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:23:35.0037 0x156c monitor - ok
09:23:35.0052 0x156c [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:23:35.0052 0x156c mouclass - ok
09:23:35.0068 0x156c [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:23:35.0068 0x156c mouhid - ok
09:23:35.0099 0x156c [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
09:23:35.0099 0x156c MountMgr - ok
09:23:35.0146 0x156c [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio C:\Windows\system32\drivers\mpio.sys
09:23:35.0162 0x156c mpio - ok
09:23:35.0177 0x156c [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:23:35.0193 0x156c mpsdrv - ok
09:23:35.0240 0x156c [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:23:35.0271 0x156c MpsSvc - ok
09:23:35.0302 0x156c [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
09:23:35.0318 0x156c Mraid35x - ok
09:23:35.0349 0x156c [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:23:35.0364 0x156c MRxDAV - ok
09:23:35.0396 0x156c [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:23:35.0396 0x156c mrxsmb - ok
09:23:35.0427 0x156c [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:23:35.0442 0x156c mrxsmb10 - ok
09:23:35.0474 0x156c [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:23:35.0474 0x156c mrxsmb20 - ok
09:23:35.0505 0x156c [ 5457DCFA7C0DA43522F4D9D4049C1472, C8B0FD8F96E4FC5CB4B74D5968E808F44B4371F0A797B1D368E6A6080CB862FD ] msahci C:\Windows\system32\drivers\msahci.sys
09:23:35.0520 0x156c msahci - ok
09:23:35.0552 0x156c [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:23:35.0552 0x156c msdsm - ok
09:23:35.0598 0x156c [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC C:\Windows\System32\msdtc.exe
09:23:35.0598 0x156c MSDTC - ok
09:23:35.0630 0x156c [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:23:35.0630 0x156c Msfs - ok
09:23:35.0645 0x156c [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:23:35.0661 0x156c msisadrv - ok
09:23:35.0692 0x156c [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:23:35.0708 0x156c MSiSCSI - ok
09:23:35.0708 0x156c msiserver - ok
09:23:35.0723 0x156c [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:23:35.0739 0x156c MSKSSRV - ok
09:23:35.0754 0x156c [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:23:35.0754 0x156c MSPCLOCK - ok
09:23:35.0770 0x156c [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:23:35.0770 0x156c MSPQM - ok
09:23:35.0817 0x156c [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:23:35.0832 0x156c MsRPC - ok
09:23:35.0848 0x156c [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
09:23:35.0848 0x156c mssmbios - ok
09:23:35.0895 0x156c [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:23:35.0895 0x156c MSTEE - ok
09:23:35.0910 0x156c [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup C:\Windows\system32\Drivers\mup.sys
09:23:35.0926 0x156c Mup - ok
09:23:35.0988 0x156c [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent C:\Windows\system32\qagentRT.dll
09:23:36.0020 0x156c napagent - ok
09:23:36.0082 0x156c [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:23:36.0082 0x156c NativeWifiP - ok
09:23:36.0160 0x156c NBService - ok
09:23:36.0207 0x156c [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:23:36.0222 0x156c NDIS - ok
09:23:36.0254 0x156c [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:23:36.0269 0x156c NdisTapi - ok
09:23:36.0285 0x156c [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:23:36.0285 0x156c Ndisuio - ok
09:23:36.0316 0x156c [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:23:36.0332 0x156c NdisWan - ok
09:23:36.0347 0x156c [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:23:36.0347 0x156c NDProxy - ok
09:23:36.0378 0x156c [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:23:36.0378 0x156c NetBIOS - ok
09:23:36.0425 0x156c [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt C:\Windows\system32\DRIVERS\netbt.sys
09:23:36.0441 0x156c netbt - ok
09:23:36.0456 0x156c [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon C:\Windows\system32\lsass.exe
09:23:36.0456 0x156c Netlogon - ok
09:23:36.0503 0x156c [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman C:\Windows\System32\netman.dll
09:23:36.0534 0x156c Netman - ok
09:23:36.0566 0x156c [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm C:\Windows\System32\netprofm.dll
09:23:36.0597 0x156c netprofm - ok
09:23:36.0628 0x156c [ D6C4E4A39A36029AC0813D476FBD0248, A0907D98580D1CD3007365CBBB53E84BEF39001E05912776F68EB0564B54B6EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:23:36.0644 0x156c NetTcpPortSharing - ok
09:23:36.0690 0x156c [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
09:23:36.0690 0x156c nfrd960 - ok
09:23:36.0722 0x156c [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc C:\Windows\System32\nlasvc.dll
09:23:36.0737 0x156c NlaSvc - ok
09:23:36.0784 0x156c [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:23:36.0784 0x156c Npfs - ok
09:23:36.0815 0x156c [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi C:\Windows\system32\nsisvc.dll
09:23:36.0815 0x156c nsi - ok
09:23:36.0831 0x156c [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:23:36.0831 0x156c nsiproxy - ok
09:23:36.0924 0x156c [ 6A4A98CEE84CF9E99564510DDA4BAA47, 18C3D8C0F12761D3B7FC43D9413CF4C4CEBF8CA9BEC521381F40D241B35EA779 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:23:36.0971 0x156c Ntfs - ok
09:23:37.0002 0x156c [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
09:23:37.0002 0x156c ntrigdigi - ok
09:23:37.0018 0x156c [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null C:\Windows\system32\drivers\Null.sys
09:23:37.0018 0x156c Null - ok
09:23:37.0034 0x156c [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:23:37.0049 0x156c nvraid - ok
09:23:37.0080 0x156c [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:23:37.0080 0x156c nvstor - ok
09:23:37.0112 0x156c [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:23:37.0127 0x156c nv_agp - ok
09:23:37.0127 0x156c NwlnkFlt - ok
09:23:37.0143 0x156c NwlnkFwd - ok
09:23:37.0268 0x156c [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:23:37.0299 0x156c odserv - ok
09:23:37.0330 0x156c [ 790E27C3DB53410B40FF9EF2FD10A1D9, FD06F2702B8F7E04ECF1B6E88602F14301E7AE7FC44AD114282E580FAD530A9C ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
09:23:37.0330 0x156c ohci1394 - ok
09:23:37.0346 0x156c OlyCamComm - ok
09:23:37.0392 0x156c [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:23:37.0408 0x156c ose - ok
09:23:37.0470 0x156c [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc C:\Windows\system32\p2psvc.dll
09:23:37.0517 0x156c p2pimsvc - ok
09:23:37.0548 0x156c [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc C:\Windows\system32\p2psvc.dll
09:23:37.0595 0x156c p2psvc - ok
09:23:37.0611 0x156c [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport C:\Windows\system32\drivers\parport.sys
09:23:37.0626 0x156c Parport - ok
09:23:37.0642 0x156c [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:23:37.0658 0x156c partmgr - ok
09:23:37.0689 0x156c [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
09:23:37.0689 0x156c Parvdm - ok
09:23:37.0736 0x156c [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc C:\Windows\System32\pcasvc.dll
09:23:37.0736 0x156c PcaSvc - ok
09:23:37.0782 0x156c [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci C:\Windows\system32\drivers\pci.sys
09:23:37.0782 0x156c pci - ok
09:23:37.0814 0x156c [ FC175F5DDAB666D7F4D17449A547626F, 7D6108213D1AD3F97A3B83E491BCCC7D6F5BC72C32A182BDDE8736851A26C8D2 ] pciide C:\Windows\system32\drivers\pciide.sys
09:23:37.0814 0x156c pciide - ok
09:23:37.0845 0x156c [ B7C5A8769541900F6DFA6FE0C5E4D513, 1885FE8AE9D6929E8B43D674B43B7B3FEAA25AF6E45973A0B49CBA7B9CBA34C4 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
09:23:37.0845 0x156c pcmcia - ok
09:23:37.0876 0x156c [ EEDB845B7648D6FD632DDB8744892743, A29EB4AFEA9B033FA5822F2F18629C2B711FADF57AF6FBEB9F8152037C3F9236 ] PctvVirtualNdis C:\Windows\system32\DRIVERS\PctvVirtualNdis.sys
09:23:37.0892 0x156c PctvVirtualNdis - ok
09:23:37.0954 0x156c [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:23:38.0001 0x156c PEAUTH - ok
09:23:38.0126 0x156c [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla C:\Windows\system32\pla.dll
09:23:38.0235 0x156c pla - ok
09:23:38.0297 0x156c [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:23:38.0313 0x156c PlugPlay - ok
09:23:38.0422 0x156c [ 29A26236447E5B5E3FCE5E33168C43E0, 6BEA8990AAFDDF4D022C6C1C71E36536ED49FCA8B90BDCC33F9BE18951C113A2 ] PMSveH C:\Program Files\Lenovo\PMDriver\PMSveH.exe
09:23:38.0438 0x156c PMSveH - ok
09:23:38.0484 0x156c [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
09:23:38.0531 0x156c PNRPAutoReg - ok
09:23:38.0578 0x156c [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc C:\Windows\system32\p2psvc.dll
09:23:38.0609 0x156c PNRPsvc - ok
09:23:38.0656 0x156c [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:23:38.0703 0x156c PolicyAgent - ok
09:23:38.0750 0x156c [ 03280BC3DEB62F4C44AA5CC34C27DDB0, E71A9318B56657F91FB87AFDC2E576E6544875398F0202590790E3FF1EED6673 ] port_nt c:\windows\system32\drivers\port_nt.sys
09:23:38.0750 0x156c port_nt - ok
09:23:38.0796 0x156c [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:23:38.0812 0x156c PptpMiniport - ok
09:23:38.0843 0x156c [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor C:\Windows\system32\drivers\processr.sys
09:23:38.0843 0x156c Processor - ok
09:23:38.0890 0x156c [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc C:\Windows\system32\profsvc.dll
09:23:38.0921 0x156c ProfSvc - ok
09:23:38.0937 0x156c [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
09:23:38.0937 0x156c ProtectedStorage - ok
09:23:38.0984 0x156c [ F8A25F1DD8B2C332CBC663E3579566E7, 85413753DBEDCDD367DC655B4A8FCEF8A5F7919DA1D5EE6773DC4677A95C829F ] psadd C:\Windows\system32\DRIVERS\psadd.sys
09:23:38.0984 0x156c psadd - ok
09:23:39.0015 0x156c [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
09:23:39.0015 0x156c PSched - ok
09:23:39.0030 0x156c [ E42E3433DBB4CFFE8FDD91EAB29AEA8E, 20ABD8372B242FD356AC143E7EB56F93CFEA4988ED1B0C4434CB64C387D7F66C ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
09:23:39.0030 0x156c PxHelp20 - ok
09:23:39.0124 0x156c [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300 C:\Windows\system32\drivers\ql2300.sys
09:23:39.0171 0x156c ql2300 - ok
09:23:39.0202 0x156c [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
09:23:39.0202 0x156c ql40xx - ok
09:23:39.0280 0x156c [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE C:\Windows\system32\qwave.dll
09:23:39.0311 0x156c QWAVE - ok
09:23:39.0342 0x156c [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:23:39.0342 0x156c QWAVEdrv - ok
09:23:39.0405 0x156c [ 8F97D374AD1857E1EED85A79F29A1D3D, 4B2D1DBB60C0890E3CB497F534D8DE74952AF8774579B62B0F4ED14912CA583C ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
09:23:39.0420 0x156c RapiMgr - ok
09:23:39.0436 0x156c [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:23:39.0452 0x156c RasAcd - ok
09:23:39.0467 0x156c [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto C:\Windows\System32\rasauto.dll
09:23:39.0483 0x156c RasAuto - ok
09:23:39.0498 0x156c [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:23:39.0514 0x156c Rasl2tp - ok
09:23:39.0576 0x156c [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan C:\Windows\System32\rasmans.dll
09:23:39.0608 0x156c RasMan - ok
09:23:39.0639 0x156c [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:23:39.0639 0x156c RasPppoe - ok
09:23:39.0670 0x156c [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:23:39.0670 0x156c RasSstp - ok
09:23:39.0701 0x156c [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:23:39.0717 0x156c rdbss - ok
09:23:39.0748 0x156c [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:23:39.0748 0x156c RDPCDD - ok
09:23:39.0795 0x156c [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BAE9F1D593B43569 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
09:23:39.0810 0x156c rdpdr - ok
09:23:39.0826 0x156c [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:23:39.0826 0x156c RDPENCDD - ok
09:23:39.0873 0x156c [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:23:39.0888 0x156c RDPWD - ok
09:23:39.0935 0x156c [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess C:\Windows\System32\mprdim.dll
09:23:39.0951 0x156c RemoteAccess - ok
09:23:39.0998 0x156c [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:23:40.0013 0x156c RemoteRegistry - ok
09:23:40.0029 0x156c [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator C:\Windows\system32\locator.exe
09:23:40.0029 0x156c RpcLocator - ok
09:23:40.0076 0x156c [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs C:\Windows\system32\rpcss.dll
09:23:40.0107 0x156c RpcSs - ok
09:23:40.0138 0x156c [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:23:40.0138 0x156c rspndr - ok
09:23:40.0154 0x156c [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs C:\Windows\system32\lsass.exe
09:23:40.0154 0x156c SamSs - ok
09:23:40.0185 0x156c [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:23:40.0185 0x156c sbp2port - ok
09:23:40.0232 0x156c [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:23:40.0247 0x156c SCardSvr - ok
09:23:40.0310 0x156c [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule C:\Windows\system32\schedsvc.dll
09:23:40.0356 0x156c Schedule - ok
09:23:40.0372 0x156c [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc C:\Windows\System32\certprop.dll
09:23:40.0388 0x156c SCPolicySvc - ok
09:23:40.0403 0x156c [ 126EA89BCC413EE45E3004FB0764888F, 367BE2B56113177AE867E00D019C707C6449E0FC4A642101B11036A0534D6901 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
09:23:40.0419 0x156c sdbus - ok
09:23:40.0450 0x156c [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:23:40.0466 0x156c SDRSVC - ok
09:23:40.0497 0x156c [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:23:40.0497 0x156c secdrv - ok
09:23:40.0512 0x156c [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon C:\Windows\system32\seclogon.dll
09:23:40.0512 0x156c seclogon - ok
09:23:40.0528 0x156c [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS C:\Windows\System32\sens.dll
09:23:40.0544 0x156c SENS - ok
09:23:40.0559 0x156c [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum C:\Windows\system32\drivers\serenum.sys
09:23:40.0575 0x156c Serenum - ok
09:23:40.0606 0x156c [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial C:\Windows\system32\drivers\serial.sys
09:23:40.0606 0x156c Serial - ok
09:23:40.0622 0x156c [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse C:\Windows\system32\drivers\sermouse.sys
09:23:40.0637 0x156c sermouse - ok
09:23:40.0684 0x156c [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv C:\Windows\system32\sessenv.dll
09:23:40.0700 0x156c SessionEnv - ok
09:23:40.0731 0x156c [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:23:40.0731 0x156c sffdisk - ok
09:23:40.0762 0x156c [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:23:40.0762 0x156c sffp_mmc - ok
09:23:40.0778 0x156c [ 3D0EA348784B7AC9EA9BD9F317980979, 2500CE188C9B71C50E966FA575303AEFE50934E376C530AECEC7C7533C15EF08 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:23:40.0778 0x156c sffp_sd - ok
09:23:40.0793 0x156c [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
09:23:40.0793 0x156c sfloppy - ok
09:23:40.0856 0x156c [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:23:40.0887 0x156c SharedAccess - ok
09:23:40.0934 0x156c [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:23:40.0965 0x156c ShellHWDetection - ok
09:23:40.0996 0x156c [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp C:\Windows\system32\drivers\sisagp.sys
09:23:41.0012 0x156c sisagp - ok
09:23:41.0027 0x156c [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
09:23:41.0043 0x156c SiSRaid2 - ok
09:23:41.0058 0x156c [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
09:23:41.0058 0x156c SiSRaid4 - ok
09:23:41.0121 0x156c [ 3E587DBBDFF938DDE5D4CE4047BE9041, CA13B2C50FB09365362077AEC4B25120CF09F8C35702F645922D618FE57B5E05 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
09:23:41.0136 0x156c SkypeUpdate - ok
09:23:41.0386 0x156c [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc C:\Windows\system32\SLsvc.exe
09:23:41.0542 0x156c slsvc - ok
09:23:41.0589 0x156c [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify C:\Windows\system32\SLUINotify.dll
09:23:41.0604 0x156c SLUINotify - ok
09:23:41.0636 0x156c [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:23:41.0651 0x156c Smb - ok
09:23:41.0682 0x156c [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:23:41.0698 0x156c SNMPTRAP - ok
09:23:41.0729 0x156c [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr C:\Windows\system32\drivers\spldr.sys
09:23:41.0729 0x156c spldr - ok
09:23:41.0760 0x156c [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler C:\Windows\System32\spoolsv.exe
09:23:41.0776 0x156c Spooler - ok
09:23:41.0870 0x156c [ D15DA1BA189770D93EEA2D7E18F95AF9, 9B0BB676CF0CD1AACE915A624F13939CB152F136E13F58E6156984BD92F6BA2E ] sptd C:\Windows\system32\Drivers\sptd.sys
09:23:41.0870 0x156c Suspicious file ( NoAccess ): C:\Windows\system32\Drivers\sptd.sys. md5: D15DA1BA189770D93EEA2D7E18F95AF9, sha256: 9B0BB676CF0CD1AACE915A624F13939CB152F136E13F58E6156984BD92F6BA2E
09:23:41.0870 0x156c sptd - detected LockedFile.Multi.Generic ( 1 )
09:23:42.0088 0x156c Detect skipped due to KSN trusted
09:23:42.0088 0x156c sptd - ok
09:23:42.0182 0x156c [ D89083C4EB02DACA8F944B0E05E57F9D, F96416B5877C280B4EE088A83956E0202F82DC5EACDEEFF06D5979FFFAA9FA74 ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
09:23:42.0182 0x156c SQLWriter - ok
09:23:42.0244 0x156c [ 25ECEA986742275ECB23A1CB6BC87A61, 2E97710FE15446BDA78DBDBD9D67CF2E932D89A46E08A7F5097910BCB4CF4A45 ] SRS_SSCFilter C:\Windows\system32\drivers\srs_sscfilter_i386.sys
09:23:42.0244 0x156c SRS_SSCFilter - ok
09:23:42.0291 0x156c [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv C:\Windows\system32\DRIVERS\srv.sys
09:23:42.0306 0x156c srv - ok
09:23:42.0338 0x156c [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:23:42.0353 0x156c srv2 - ok
09:23:42.0384 0x156c [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:23:42.0400 0x156c srvnet - ok
09:23:42.0447 0x156c [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:23:42.0462 0x156c SSDPSRV - ok
09:23:42.0494 0x156c [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:23:42.0509 0x156c SstpSvc - ok
09:23:42.0572 0x156c [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc C:\Windows\System32\wiaservc.dll
09:23:42.0618 0x156c stisvc - ok
09:23:42.0665 0x156c [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum C:\Windows\system32\DRIVERS\swenum.sys
09:23:42.0665 0x156c swenum - ok
09:23:42.0743 0x156c [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv C:\Windows\System32\swprv.dll
09:23:42.0759 0x156c swprv - ok
09:23:42.0790 0x156c [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
09:23:42.0790 0x156c Symc8xx - ok
09:23:42.0806 0x156c SymIMMP - ok
09:23:42.0821 0x156c [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
09:23:42.0821 0x156c Sym_hi - ok
09:23:42.0837 0x156c [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
09:23:42.0852 0x156c Sym_u3 - ok
09:23:42.0915 0x156c [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain C:\Windows\system32\sysmain.dll
09:23:42.0962 0x156c SysMain - ok
09:23:43.0008 0x156c [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:23:43.0008 0x156c TabletInputService - ok
09:23:43.0071 0x156c [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:23:43.0102 0x156c TapiSrv - ok
09:23:43.0133 0x156c [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS C:\Windows\System32\tbssvc.dll
09:23:43.0133 0x156c TBS - ok
09:23:43.0227 0x156c [ 27D470DABC77BC60D0A3B0E4DEB6CB91, BB505F418856D722CC883CB4EEB51A26E9C62EFDF6E4B5BFCCCDEAE43025130C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:23:43.0258 0x156c Tcpip - ok
09:23:43.0352 0x156c [ 27D470DABC77BC60D0A3B0E4DEB6CB91, BB505F418856D722CC883CB4EEB51A26E9C62EFDF6E4B5BFCCCDEAE43025130C ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
09:23:43.0383 0x156c Tcpip6 - ok
09:23:43.0430 0x156c [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:23:43.0430 0x156c tcpipreg - ok
09:23:43.0461 0x156c [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:23:43.0476 0x156c TDPIPE - ok
09:23:43.0492 0x156c [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:23:43.0492 0x156c TDTCP - ok
09:23:43.0523 0x156c [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:23:43.0523 0x156c tdx - ok
09:23:43.0570 0x156c [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
09:23:43.0570 0x156c TermDD - ok
09:23:43.0648 0x156c [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService C:\Windows\System32\termsrv.dll
09:23:43.0679 0x156c TermService - ok
09:23:43.0710 0x156c [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes C:\Windows\system32\shsvcs.dll
09:23:43.0726 0x156c Themes - ok
09:23:43.0757 0x156c [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER C:\Windows\system32\mmcss.dll
09:23:43.0773 0x156c THREADORDER - ok
09:23:43.0820 0x156c [ 5815AE5EF8519066F19E575D67F6F191, EA981779CF8FBF92073C7A576AA0F944A5F7C55C94BB84B596ED11F583DB2E0C ] TPkd C:\Windows\system32\drivers\TPkd.sys
09:23:43.0820 0x156c TPkd - ok
09:23:43.0851 0x156c [ CB258C2F726F1BE73C507022BE33EBB3, 096A6027D3C0D4D09DC4038505FAEA41E5DD9F62782CED648DC14314F138D666 ] TPM C:\Windows\system32\drivers\tpm.sys
09:23:43.0851 0x156c TPM - ok
09:23:43.0913 0x156c [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks C:\Windows\System32\trkwks.dll
09:23:43.0913 0x156c TrkWks - ok
09:23:43.0976 0x156c [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:23:43.0976 0x156c TrustedInstaller - ok
09:23:44.0007 0x156c [ DCF0F056A2E4F52287264F5AB29CF206, D9F770BD65AE4320A8C130DEA1D093AA4E37FCA573BBE6A59D6D045452EA711D ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:23:44.0007 0x156c tssecsrv - ok
09:23:44.0038 0x156c [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
09:23:44.0038 0x156c tunmp - ok
09:23:44.0054 0x156c [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:23:44.0069 0x156c tunnel - ok
09:23:44.0100 0x156c [ 7E66DDA1EF146BFC3A6E36E08E036602, 8F053BA611059E514E3C718ADB2E697E64B62FB182E2CD13F3AD379EAA5D3392 ] TVTI2C C:\Windows\system32\DRIVERS\Tvti2c.sys
09:23:44.0116 0x156c TVTI2C - ok
09:23:44.0147 0x156c [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
09:23:44.0147 0x156c uagp35 - ok
09:23:44.0194 0x156c [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:23:44.0210 0x156c udfs - ok
09:23:44.0256 0x156c [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:23:44.0272 0x156c UI0Detect - ok
09:23:44.0288 0x156c [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:23:44.0288 0x156c uliagpkx - ok
09:23:44.0319 0x156c [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci C:\Windows\system32\drivers\uliahci.sys
09:23:44.0334 0x156c uliahci - ok
09:23:44.0366 0x156c [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata C:\Windows\system32\drivers\ulsata.sys
09:23:44.0366 0x156c UlSata - ok
09:23:44.0397 0x156c [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
09:23:44.0397 0x156c ulsata2 - ok
09:23:44.0428 0x156c [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:23:44.0428 0x156c umbus - ok
09:23:44.0475 0x156c [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost C:\Windows\System32\upnphost.dll
09:23:44.0506 0x156c upnphost - ok
09:23:44.0568 0x156c [ 56B0B784E0ED3B6A9BEB67F63CD6D4A2, 081776709BBE0507E7C3B7C34BBACACA10DBD7918DFDE6458124B9517E9AC837 ] USB28xxBGA C:\Windows\system32\DRIVERS\emBDA.sys
09:23:44.0600 0x156c USB28xxBGA - ok
09:23:44.0631 0x156c [ D74634509E22EA69692EA173586DB8E6, 4D96E599927A71E19CBC8E627D47A384A0E6C5C27ED40996598C09EBB9BE29AD ] USB28xxOEM C:\Windows\system32\DRIVERS\emOEM.sys
09:23:44.0631 0x156c USB28xxOEM - ok
09:23:44.0662 0x156c [ CAF811AE4C147FFCD5B51750C7F09142, BD670CF88D8F932AD1C6BA91FB68A7204BC473657C6A057C92AFB84D164D393C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:23:44.0662 0x156c usbccgp - ok
09:23:44.0693 0x156c [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:23:44.0693 0x156c usbcir - ok
09:23:44.0756 0x156c [ 79E96C23A97CE7B8F14D310DA2DB0C9B, EB441D3B93965CD927E0C181031AD1082F59F9885BF35CABFDCA08C6C76B0DAF ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:23:44.0756 0x156c usbehci - ok
09:23:44.0818 0x156c [ 4673BBCB006AF60E7ABDDBE7A130BA42, 0B7DED0D887A3530AA5497FDBCB69389486FB9E2B6FAE3163E33713256D575BA ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:23:44.0834 0x156c usbhub - ok
09:23:44.0865 0x156c [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:23:44.0865 0x156c usbohci - ok
09:23:44.0896 0x156c [ B51E52ACF758BE00EF3A58EA452FE360, 79E629EC5DE8AB7F31B0EE9AE94C71E8F703FED5C09A816228726974F7790C85 ] usbprint C:\Windows\system32\drivers\usbprint.sys
09:23:44.0896 0x156c usbprint - ok
09:23:44.0927 0x156c [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:23:44.0943 0x156c USBSTOR - ok
09:23:44.0974 0x156c [ 814D653EFC4D48BE3B04A307ECEFF56F, D73D62F51AEFE2F8F2B938B20107C246F2AC2F62ED49112DBD092A5D2E4024B3 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
09:23:44.0974 0x156c usbuhci - ok
09:23:44.0990 0x156c [ E67998E8F14CB0627A769F6530BCB352, 60982F168E9BF13954328C728F55F4D3ADDC572CACB65289B0E895A63DAA08C1 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
09:23:45.0005 0x156c usbvideo - ok
09:23:45.0052 0x156c [ 35C9095FA7076466AFBFC5B9EC4B779E, 6E4F8241020DC3353A802849AB7930C8E4271BD19CFA66EDF2F60038CC53D836 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
09:23:45.0052 0x156c usb_rndisx - ok
09:23:45.0099 0x156c [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms C:\Windows\System32\uxsms.dll
09:23:45.0114 0x156c UxSms - ok
09:23:45.0177 0x156c [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds C:\Windows\System32\vds.exe
09:23:45.0208 0x156c vds - ok
09:23:45.0239 0x156c [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:23:45.0255 0x156c vga - ok
09:23:45.0270 0x156c [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave C:\Windows\System32\drivers\vga.sys
09:23:45.0270 0x156c VgaSave - ok
09:23:45.0302 0x156c [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp C:\Windows\system32\drivers\viaagp.sys
09:23:45.0302 0x156c viaagp - ok
09:23:45.0333 0x156c [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
09:23:45.0333 0x156c ViaC7 - ok
09:23:45.0348 0x156c [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide C:\Windows\system32\drivers\viaide.sys
09:23:45.0364 0x156c viaide - ok
09:23:45.0380 0x156c [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:23:45.0380 0x156c volmgr - ok
09:23:45.0426 0x156c [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:23:45.0442 0x156c volmgrx - ok
09:23:45.0473 0x156c [ 147281C01FCB1DF9252DE2A10D5E7093, DF5DCF6FD472F21863DC10B62F7647420B9686607857D08286B618D585E50219 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:23:45.0489 0x156c volsnap - ok
09:23:45.0504 0x156c [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
09:23:45.0520 0x156c vsmraid - ok
09:23:45.0614 0x156c [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS C:\Windows\system32\vssvc.exe
09:23:45.0692 0x156c VSS - ok
09:23:45.0754 0x156c [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time C:\Windows\system32\w32time.dll
09:23:45.0785 0x156c W32Time - ok
09:23:45.0816 0x156c [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
09:23:45.0816 0x156c WacomPen - ok
09:23:45.0848 0x156c [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
09:23:45.0848 0x156c Wanarp - ok
09:23:45.0863 0x156c [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:23:45.0863 0x156c Wanarpv6 - ok
09:23:45.0910 0x156c [ 59E19BD13C3BDB857646B9E436BA27F7, CC84C607E15F5F29D93510387D5486BAF320BDAF79026A0BECE0D242F7B1DF3E ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
09:23:45.0941 0x156c WcesComm - ok
09:23:46.0004 0x156c [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:23:46.0035 0x156c wcncsvc - ok
09:23:46.0082 0x156c [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:23:46.0082 0x156c WcsPlugInService - ok
09:23:46.0128 0x156c [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd C:\Windows\system32\drivers\wd.sys
09:23:46.0128 0x156c Wd - ok
09:23:46.0144 0x156c WDC_SAM - ok
09:23:46.0206 0x156c [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96, 6A6EFFDB538DE1E201058A00F3E056F1256E92EED943FBFBCE28E54BE751E33D ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:23:46.0222 0x156c Wdf01000 - ok
09:23:46.0253 0x156c [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:23:46.0253 0x156c WdiServiceHost - ok
09:23:46.0269 0x156c [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:23:46.0284 0x156c WdiSystemHost - ok
09:23:46.0331 0x156c [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient C:\Windows\System32\webclnt.dll
09:23:46.0347 0x156c WebClient - ok
09:23:46.0394 0x156c [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:23:46.0409 0x156c Wecsvc - ok
09:23:46.0487 0x156c [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:23:46.0503 0x156c wercplsupport - ok
09:23:46.0581 0x156c [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc C:\Windows\System32\WerSvc.dll
09:23:46.0596 0x156c WerSvc - ok
09:23:46.0643 0x156c [ F9AD3A5E3FD7E0BDB18B8202B0FDD4E4, A6020D41FEA0CC76D0C3CA3A88F3E9493022CD5A549E18B02D69A482B579F339 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
09:23:46.0643 0x156c WimFltr - ok
09:23:46.0784 0x156c [ BB9CBAF6AC20452B245C324F1F50EE81, 0458CF8DE26E1F04AE278A1856E2C0285569E1438605793ED791F91E71B1FFD1 ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
09:23:46.0799 0x156c winachsf - ok
09:23:46.0924 0x156c [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
09:23:46.0940 0x156c WinDefend - ok
09:23:46.0955 0x156c WinHttpAutoProxySvc - ok
09:23:47.0096 0x156c [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:23:47.0096 0x156c Winmgmt - ok
09:23:47.0205 0x156c [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM C:\Windows\system32\WsmSvc.dll
09:23:47.0298 0x156c WinRM - ok
09:23:47.0361 0x156c [ 676F4B665BDD8053EAA53AC1695B8074, 98521FCB6B6B33DD8BF38A703745053481681C7981DFE5A59116D6BDE187D6F6 ] winusb C:\Windows\system32\DRIVERS\winusb.sys
09:23:47.0361 0x156c winusb - ok
09:23:47.0439 0x156c [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc C:\Windows\System32\wlansvc.dll
09:23:47.0486 0x156c Wlansvc - ok
09:23:47.0532 0x156c [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
09:23:47.0532 0x156c WmiAcpi - ok
09:23:47.0610 0x156c [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:23:47.0610 0x156c wmiApSrv - ok
09:23:47.0751 0x156c [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
09:23:47.0798 0x156c WMPNetworkSvc - ok
09:23:47.0829 0x156c [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:23:47.0844 0x156c WPCSvc - ok
09:23:47.0876 0x156c [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:23:47.0891 0x156c WPDBusEnum - ok
09:23:47.0938 0x156c [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
09:23:47.0938 0x156c WpdUsb - ok
09:23:48.0063 0x156c [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
09:23:48.0094 0x156c WPFFontCache_v0400 - ok
09:23:48.0141 0x156c [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:23:48.0141 0x156c ws2ifsl - ok
09:23:48.0188 0x156c [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc C:\Windows\System32\wscsvc.dll
09:23:48.0203 0x156c wscsvc - ok
09:23:48.0203 0x156c WSearch - ok
09:23:48.0375 0x156c [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv C:\Windows\system32\wuaueng.dll
09:23:48.0500 0x156c wuauserv - ok
09:23:48.0531 0x156c [ AC13CB789D93412106B0FB6C7EB2BCB6, 8F5B0BD0CBBAB182A400F8994D4727BC0C978D749B6429A2D41B412AE97428B6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:23:48.0546 0x156c WUDFRd - ok
09:23:48.0578 0x156c [ 575A4190D989F64732119E4114045A4F, 373C344B106AFDB1E6125A21DFE28CA6CFC77FA87FE904656A4F209DB2ED69C7 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:23:48.0593 0x156c wudfsvc - ok
09:23:48.0640 0x156c [ DAB33CFA9DD24251AAA389FF36B64D4B, 1C5D7C3D6C3552BDD52EB7E76031746D7DAAF64CA2432CC23329DA72BE7252D0 ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
09:23:48.0640 0x156c XAudio - ok
09:23:48.0687 0x156c [ CD5F291A1161F15896D1A4D63DAFF5DF, 4F30DC454F255249431FCD14DE17858A79A088A4084F2CEDD0CF25382D427285 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
09:23:48.0702 0x156c XAudioService - ok
09:23:48.0734 0x156c ================ Scan global ===============================
09:23:48.0780 0x156c [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
09:23:48.0843 0x156c [ D2293B069E4B63DC17B2F08D45E71124, 615305E8B854CFAAC70378B29014517FEBDA6BB90BDC2E455B5127CD7B0AEAB3 ] C:\Windows\system32\winsrv.dll
09:23:48.0890 0x156c [ D2293B069E4B63DC17B2F08D45E71124, 615305E8B854CFAAC70378B29014517FEBDA6BB90BDC2E455B5127CD7B0AEAB3 ] C:\Windows\system32\winsrv.dll
09:23:48.0952 0x156c [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
09:23:48.0983 0x156c [ Global ] - ok
09:23:48.0983 0x156c ================ Scan MBR ==================================
09:23:48.0999 0x156c [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
09:23:49.0389 0x156c \Device\Harddisk0\DR0 - ok
09:23:49.0389 0x156c ================ Scan VBR ==================================
09:23:49.0389 0x156c [ 188B67B9EE3DFC7E3E6C7A851EBA13F9 ] \Device\Harddisk0\DR0\Partition1
09:23:49.0404 0x156c \Device\Harddisk0\DR0\Partition1 - ok
09:23:49.0420 0x156c [ 470BB6AEBF3EC30038471C32EB9882F9 ] \Device\Harddisk0\DR0\Partition2
09:23:49.0420 0x156c \Device\Harddisk0\DR0\Partition2 - ok
09:23:49.0420 0x156c Waiting for KSN requests completion. In queue: 57
09:23:50.0465 0x156c Win FW state via NFP2: disabled
09:23:50.0621 0x156c ============================================================
09:23:50.0621 0x156c Scan finished
09:23:50.0621 0x156c ============================================================
09:23:50.0637 0x16b4 Detected object count: 0
09:23:50.0637 0x16b4 Actual detected object count: 0
09:24:11.0541 0x13ec Deinitialize success

[Reklama]

[jaro3]

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[tony13]

ComboFix 13-11-04.01 - Comfor 07.11.2013 11:15:09.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3032.1881 [GMT 1:00]
Spuštěný z: c:\users\Comfor\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\frapsvid.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-07 do 2013-11-07 )))))))))))))))))))))))))))))))
.
.
2013-11-07 10:25 . 2013-11-07 10:26 -------- d-----w- c:\users\Comfor\AppData\Local\temp
2013-11-07 10:25 . 2013-11-07 10:25 -------- d-----w- c:\users\Guest\AppData\Local\temp
2013-11-07 10:25 . 2013-11-07 10:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-07 09:56 . 2013-11-07 09:56 -------- d-----w- c:\program files\CrystalDiskInfo
2013-11-07 09:27 . 2013-11-07 09:28 -------- d-----w- c:\users\Comfor\AppData\Roaming\vlc
2013-11-06 13:27 . 2013-11-06 13:27 -------- d-----w- c:\program files\VLC
2013-11-06 08:09 . 2013-11-06 08:09 -------- d-----w- c:\windows\ERUNT
2013-11-06 07:55 . 2013-11-06 12:44 -------- d-----w- c:\users\Comfor\AppData\Local\Adobe
2013-11-06 07:51 . 2013-11-06 07:51 -------- d-----w- c:\users\Comfor\AppData\Local\CrashRpt
2013-11-05 11:09 . 2013-11-05 11:09 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-11-05 11:09 . 2013-04-04 13:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-11-05 10:50 . 2013-11-06 07:34 -------- d-----w- C:\AdwCleaner
2013-10-30 20:42 . 2000-10-23 23:00 3608 ----a-w- c:\windows\system32\drivers\port_nt.sys
2013-10-30 20:38 . 2013-10-30 20:39 -------- d-----w- c:\program files\PRO100
2013-10-29 18:43 . 2013-10-29 18:43 -------- d-----w- c:\program files\GreenTree Applications
2013-10-29 10:34 . 2013-10-29 10:34 -------- d-----w- c:\programdata\InstallMate
2013-10-27 19:57 . 2013-10-27 20:00 -------- d-----w- c:\users\Comfor\AppData\Local\NFS Underground 2
2013-10-27 19:52 . 2013-10-27 19:52 -------- d-----w- c:\program files\EA GAMES
2013-10-16 07:39 . 2013-10-16 07:39 -------- d-----w- c:\users\Comfor\AppData\Roaming\AVAST Software
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-23 09:26 . 2012-05-02 19:23 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-10-23 09:26 . 2011-05-20 07:18 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-16 07:09 . 2013-07-17 07:26 178304 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-10-16 07:09 . 2013-07-17 07:26 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-10-16 07:09 . 2012-09-16 14:13 35656 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-10-16 07:09 . 2012-09-16 14:13 403440 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-10-16 07:09 . 2012-09-16 14:13 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-10-16 07:09 . 2012-09-16 14:13 54832 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-10-16 07:09 . 2012-09-16 14:13 774392 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-10-16 07:09 . 2012-09-16 14:13 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-10-16 07:09 . 2012-09-16 14:13 43152 ----a-w- c:\windows\avastSS.scr
2013-10-16 07:09 . 2012-09-16 14:13 269216 ----a-w- c:\windows\system32\aswBoot.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-10-16 07:09 321752 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PMHandler"="c:\progra~1\Lenovo\PMDriver\PMHandler.exe" [2008-09-23 83240]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2008-03-26 163840]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 136216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 170520]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-10-20 3567800]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-04-04 21:06 958576 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
2012-07-11 21:01 138096 ----atw- c:\users\Comfor\AppData\Local\Facebook\Update\FacebookUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
2007-05-31 07:21 648072 ------w- c:\windows\WindowsMobile\wmdcBase.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ehTray.exe"=c:\windows\ehome\ehTray.exe
"Google Update"="c:\users\Comfor\AppData\Local\Google\Update\GoogleUpdate.exe" /c
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"TVT Scheduler Proxy"=c:\program files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
"AMSG"=c:\program files\ThinkVantage\AMSG\Amsg.exe /startup
"HotKeysCmds"=c:\windows\system32\hkcmd.exe
"IgfxTray"=c:\windows\system32\igfxtray.exe
"Persistence"=c:\windows\system32\igfxpers.exe
"ACTray"=c:\program files\ThinkPad\ConnectUtilities\ACTray.exe
"ACWlIcon"=c:\program files\ThinkPad\ConnectUtilities\ACWlIcon.exe
"LPManager"=c:\progra~1\Lenovo\LENOVO~2\LPMGR.exe
"SmartAudio"=c:\program files\CONEXANT\SMARTAUDIO\SMAUDIO.EXE /c
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"NeroFilterCheck"=c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Obsah adresáře 'Naplánované úlohy'
.
2012-09-16 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-209910396-3507630868-571481715-1003Core.job
- c:\users\Comfor\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-06-07 21:01]
.
2012-09-16 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-209910396-3507630868-571481715-1003UA.job
- c:\users\Comfor\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-06-07 21:01]
.
2013-11-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-24 16:37]
.
2013-11-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-09-24 16:37]
.
2013-11-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-209910396-3507630868-571481715-1003Core.job
- c:\users\Comfor\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-23 15:03]
.
2013-11-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-209910396-3507630868-571481715-1003UA.job
- c:\users\Comfor\AppData\Local\Google\Update\GoogleUpdate.exe [2010-11-23 15:03]
.
.
------- Doplňkový sken -------
.
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 195.178.72.150
TCP: Interfaces\{5FFEE5D1-D46A-4E06-BB58-DBB25392C431}: NameServer = 156.154.70.22,156.154.71.22
FF - ProfilePath - c:\users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\5ye992uu.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.startup.homepage - google.cz
FF - ExtSQL: !HIDDEN! 2009-09-20 19:31; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
------- Asociace souborů -------
.
.scr=AutoCADScriptFile
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-11-07 11:26
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2013-11-07 11:32:37
ComboFix-quarantined-files.txt 2013-11-07 10:32
.
Před spuštěním: Volných bajtů: 107 522 875 392
Po spuštění: Volných bajtů: 107 445 706 752
.
- - End Of File - - A3F4AFA4F4D0125934E515C367A2C2D5
5C616939100B85E558DA92B899A0FC36

[memphisto]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

KillAll::
Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000000

Folder::
c:\users\Comfor\AppData\Local\Facebook\Update
c:\program files\Google\Update
c:\users\Comfor\AppData\Local\Google\Update

File::
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-209910396-3507630868-571481715-1003Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-209910396-3507630868-571481715-1003UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-209910396-3507630868-571481715-1003Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-209910396-3507630868-571481715-1003UA.job

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upus.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu

[tony13]

ComboFix mi s tím skriptem nefunguje, vždycky se zasekne na hlášce, že vyhledává, ale jel přes půl hodiny a vůbec nic se nedělo, ani vypnout pak nešel a musel jsem počítač natvrdo restartovat... Co s tím? Děkuji.

[jaro3]

Půl hodiny je málo , někdy to trvá i hodinu.

Pokud ani po hodině nepůjde , zkus ten script v nouz. režimu.

Odinstaluj:
InstallMate

S tímto scriptem:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
File::
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-209910396-3507630868-571481715-1003Core.job
c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-209910396-3507630868-571481715-1003UA.job
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-209910396-3507630868-571481715-1003Core.job
c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-209910396-3507630868-571481715-1003UA.job

Folder::
c:\programdata\InstallMate
c:\users\Comfor\AppData\Local\Facebook\Update
c:\program files\Google\Update
c:\users\Comfor\AppData\Local\Google\Update

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000000

Registry::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]


+
Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

[tony13]

Log z druhého ComboFixu - první log byl přepsán tímto.

ComboFix 13-11-07.01 - Comfor 09.11.2013 13:23:50.2.2 - x86 MINIMAL
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3032.2576 [GMT 1:00]
Spuštěný z: c:\users\Comfor\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Comfor\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-209910396-3507630868-571481715-1003Core.job"
"c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-209910396-3507630868-571481715-1003UA.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-209910396-3507630868-571481715-1003Core.job"
"c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-209910396-3507630868-571481715-1003UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\InstallMate
c:\programdata\InstallMate\43667FD9\cfg\1.ini
c:\programdata\InstallMate\43667FD9\cfg\2.ini
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-09 do 2013-11-09 )))))))))))))))))))))))))))))))
.
.
2013-11-09 12:29 . 2013-11-09 12:32 -------- d-----w- c:\users\Comfor\AppData\Local\temp
2013-11-09 12:29 . 2013-11-09 12:29 -------- d-----w- c:\users\Guest\AppData\Local\temp
2013-11-09 12:29 . 2013-11-09 12:29 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-07 09:56 . 2013-11-07 09:56 -------- d-----w- c:\program files\CrystalDiskInfo
2013-11-07 09:27 . 2013-11-07 09:28 -------- d-----w- c:\users\Comfor\AppData\Roaming\vlc
2013-11-06 13:27 . 2013-11-06 13:27 -------- d-----w- c:\program files\VLC
2013-11-06 08:09 . 2013-11-06 08:09 -------- d-----w- c:\windows\ERUNT
2013-11-06 07:55 . 2013-11-06 12:44 -------- d-----w- c:\users\Comfor\AppData\Local\Adobe
2013-11-06 07:51 . 2013-11-06 07:51 -------- d-----w- c:\users\Comfor\AppData\Local\CrashRpt
2013-11-05 11:09 . 2013-11-05 11:09 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-11-05 11:09 . 2013-04-04 13:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-11-05 10:50 . 2013-11-06 07:34 -------- d-----w- C:\AdwCleaner
2013-10-30 20:42 . 2000-10-23 23:00 3608 ----a-w- c:\windows\system32\drivers\port_nt.sys
2013-10-30 20:38 . 2013-10-30 20:39 -------- d-----w- c:\program files\PRO100
2013-10-29 18:43 . 2013-10-29 18:43 -------- d-----w- c:\program files\GreenTree Applications
2013-10-27 19:57 . 2013-10-27 20:00 -------- d-----w- c:\users\Comfor\AppData\Local\NFS Underground 2
2013-10-27 19:52 . 2013-10-27 19:52 -------- d-----w- c:\program files\EA GAMES
2013-10-16 07:39 . 2013-10-16 07:39 -------- d-----w- c:\users\Comfor\AppData\Roaming\AVAST Software
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-08 19:47 . 2012-09-16 14:13 403440 ----a-w- c:\windows\system32\drivers\aswsp.sys
2013-10-23 09:26 . 2012-05-02 19:23 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-10-23 09:26 . 2011-05-20 07:18 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-16 07:09 . 2013-07-17 07:26 178304 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-10-16 07:09 . 2013-07-17 07:26 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-10-16 07:09 . 2012-09-16 14:13 35656 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-10-16 07:09 . 2012-09-16 14:13 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-10-16 07:09 . 2012-09-16 14:13 54832 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-10-16 07:09 . 2012-09-16 14:13 774392 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-10-16 07:09 . 2012-09-16 14:13 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-10-16 07:09 . 2012-09-16 14:13 43152 ----a-w- c:\windows\avastSS.scr
2013-10-16 07:09 . 2012-09-16 14:13 269216 ----a-w- c:\windows\system32\aswBoot.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-10-16 07:09 321752 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PMHandler"="c:\progra~1\Lenovo\PMDriver\PMHandler.exe" [2008-09-23 83240]
"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2008-03-26 163840]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 136216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 171032]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 170520]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-10-20 3567800]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-04-04 21:06 958576 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
2007-05-31 07:21 648072 ------w- c:\windows\WindowsMobile\wmdcBase.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ehTray.exe"=c:\windows\ehome\ehTray.exe
"Google Update"="c:\users\Comfor\AppData\Local\Google\Update\GoogleUpdate.exe" /c
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"TVT Scheduler Proxy"=c:\program files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
"AMSG"=c:\program files\ThinkVantage\AMSG\Amsg.exe /startup
"HotKeysCmds"=c:\windows\system32\hkcmd.exe
"IgfxTray"=c:\windows\system32\igfxtray.exe
"Persistence"=c:\windows\system32\igfxpers.exe
"ACTray"=c:\program files\ThinkPad\ConnectUtilities\ACTray.exe
"ACWlIcon"=c:\program files\ThinkPad\ConnectUtilities\ACWlIcon.exe
"LPManager"=c:\progra~1\Lenovo\LENOVO~2\LPMGR.exe
"SmartAudio"=c:\program files\CONEXANT\SMARTAUDIO\SMAUDIO.EXE /c
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"NeroFilterCheck"=c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
bthsvcs REG_MULTI_SZ BthServ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
.
------- Doplňkový sken -------
.
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.1
TCP: Interfaces\{5FFEE5D1-D46A-4E06-BB58-DBB25392C431}: NameServer = 156.154.70.22,156.154.71.22
FF - ProfilePath - c:\users\Comfor\AppData\Roaming\Mozilla\Firefox\Profiles\5ye992uu.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.startup.homepage - google.cz
FF - ExtSQL: !HIDDEN! 2009-09-20 19:31; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-11-09 13:31
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\system32\WLANExt.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe
c:\program files\Lenovo\PMDriver\PMSveH.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
c:\windows\system32\conime.exe
c:\windows\system32\igfxsrvc.exe
.
**************************************************************************
.
Celkový čas: 2013-11-09 13:37:25 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-11-09 12:37
ComboFix2.txt 2013-11-09 12:13
ComboFix3.txt 2013-11-07 10:32
.
Před spuštěním: Volných bajtů: 107 537 170 432
Po spuštění: Volných bajtů: 107 502 444 544
.
- - End Of File - - 52C1DEE6D8BF0BFC5508D1E065FAA055
5C616939100B85E558DA92B899A0FC36

[tony13]

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-11-09 13:39:45
-----------------------------
13:39:45.280 OS Version: Windows 6.0.6002 Service Pack 2
13:39:45.280 Number of processors: 2 586 0xF0D
13:39:45.296 ComputerName: COMFOR-PC UserName: Comfor
13:39:47.199 Initialize success
13:39:47.511 AVAST engine defs: 13110801
13:39:56.122 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
13:39:56.122 Disk 0 Vendor: WDC_WD2500BEVT-88ZCT0 11.01A11 Size: 238475MB BusType: 3
13:39:56.138 Disk 0 MBR read successfully
13:39:56.138 Disk 0 MBR scan
13:39:56.138 Disk 0 Windows VISTA default MBR code
13:39:56.184 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 1500 MB offset 2048
13:39:56.200 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 209726 MB offset 3074048
13:39:56.200 Disk 0 Partition - 00 05 Extended 27243 MB offset 432598320
13:39:56.231 Disk 0 scanning sectors +488392065
13:39:56.309 Disk 0 scanning C:\Windows\system32\drivers
13:40:14.015 Service scanning
13:40:30.052 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
13:40:36.557 Modules scanning
13:40:47.586 Disk 0 trace - called modules:
13:40:47.618 ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x85ce31f8]<<
13:40:47.633 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x864985c0]
13:40:47.633 3 CLASSPNP.SYS[8afac8b3] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x85da58c8]
13:40:47.649 \Driver\atapi[0x85d5e8d0] -> IRP_MJ_CREATE -> 0x85ce31f8
13:40:49.396 AVAST engine scan C:\Windows
13:40:59.177 AVAST engine scan C:\Windows\system32
13:44:09.965 AVAST engine scan C:\Windows\system32\drivers
13:44:27.546 AVAST engine scan C:\Users\Comfor
13:50:20.559 AVAST engine scan C:\ProgramData
13:51:51.912 Scan finished successfully
13:52:18.442 Disk 0 MBR has been saved successfully to "C:\Users\Comfor\Desktop\MBR.dat"
13:52:18.458 The log file has been saved successfully to "C:\Users\Comfor\Desktop\aswMBR.txt"

[memphisto]

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

+ Nový log z HJT

Jak se chová PC?

[tony13]

ComboFix mi odinstalovat nešel ani v nouzovém režimu, psalo mi to, že soubor neexistuje. Pak ale při použití OTC ikonka ComboFixu z plochy zmizela.

Log z nového HJT:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:36:51, on 11.11.2013
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Lenovo\PMDriver\PMHandler.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Comodo\COMODO Internet Security\CisTray.exe
C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Comodo\COMODO Internet Security\cis.exe
C:\Users\Comfor\Desktop\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [PMHandler] C:\PROGRA~1\Lenovo\PMDriver\PMHandler.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
O4 - HKLM\..\Run: [tvncontrol] "C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe" -controlservice -slave
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - Global Startup: Start GeekBuddy.lnk = C:\Program Files\Comodo\GeekBuddy\launcher.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{5FFEE5D1-D46A-4E06-BB58-DBB25392C431}: NameServer = 192.168.1.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: COMODO LPS Launcher (CLPSLauncher) - Comodo Security Solutions, Inc. - C:\Program Files\Common Files\COMODO\launcher_service.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Unknown owner - C:\Program Files\Comodo\Dragon\dragon_updater.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GeekBuddyRSP Server (GeekBuddyRSP) - Comodo Security Solutions, Inc. - C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NBService - Unknown owner - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe (file missing)
O23 - Service: PMSveH - Lenovo - C:\Program Files\Lenovo\PMDriver\PMSveH.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 5977 bytes

[jaro3]

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R3 - URLSearchHook: (no name) - - (no file)
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.

[tony13]

Díky moc za ochotu a pomoc .