iexplore.exe - problem

prochy7b · Příspěvekod **prochy7b** » 30 led 2014 14:59

Zdravím, asi týden se mi v procesech ukazuje proces ixplore.exe, který se zapne jen tehdy když zapnu internet. Nijak špatně to nevypadá, ale problém je v tom, že jakmile zapnu třeba video na youtube, tak to najednou vyskočí na 150 000 - 300 000 kB. Video se poté strašně seká a stránky se načítají strašně dlouho.

Mockrát děkuju za kontrolu.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:45:48, on 30.1.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Windows\System32\rundll32.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\taskmgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil32_12_0_0_38_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://seznam.cz/?clid=2
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [ShadowPlay] C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [Adobe Reader Synchronizer] "C:\Program Files\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [NextLive] C:\Windows\system32\rundll32.exe "C:\Users\bolid\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
O4 - Startup: taskmgr.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://188.120.220.150/activex/AxisCamControl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--
End of file - 6986 bytes

Reklama

Příspěvekod **jaro3** » 30 led 2014 19:11

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Pokud budou problémy , spusť v nouz. režimu.

prochy7b · Příspěvekod **prochy7b** » 31 led 2014 10:03

# AdwCleaner v3.018 - Report created 31/01/2014 at 09:25:16
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : bolid - BOLID-PC
# Running from : C:\Users\bolid\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\END
File Found : C:\Windows\System32\Tasks\AmiUpdXp
File Found : C:\Windows\Tasks\AmiUpdXp.job
Folder Found C:\Program Files\Vuze
Folder Found C:\ProgramData\apn
Folder Found C:\ProgramData\Babylon
Folder Found C:\Users\bolid\AppData\Local\SwvUpdater
Folder Found C:\Users\bolid\AppData\Local\TempDir
Folder Found C:\Users\bolid\AppData\Roaming\Babylon
Folder Found C:\Users\bolid\AppData\Roaming\file scout
Folder Found C:\Users\bolid\AppData\Roaming\yourfiledownloader

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\5c48ddde239b841
Key Found : HKCU\Software\BabSolution
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\filescout
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKLM\Software\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Found : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\AmiUpdXp
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\AmiUpdXp
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AmiUpdXp
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Google Chrome v32.0.1700.102

[ File : C:\Users\bolid\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [2520 octets] - [31/01/2014 09:25:16]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2580 octets] ##########

-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2014.01.31.04

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.16476
bolid :: BOLID-PC [administrátor]

31.1.2014 9:47:37
MBAM-log-2014-01-31 (10-00-53).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 201376
Uplynulý čas: 8 minut, 53 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 1
C:\Users\bolid\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.

Nalezené klíče v registru: 9
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Nebyla provedena žádná instrukce.
HKCR\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCR\Updater.AmiUpd.1 (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCR\Updater.AmiUpd (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Nebyla provedena žádná instrukce.
HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NextLive (PUP.Optional.NextLive.A) -> Data: C:\Windows\system32\rundll32.exe "C:\Users\bolid\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l -> Nebyla provedena žádná instrukce.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 3
C:\Users\bolid\AppData\Roaming\File Scout (PUP.Optional.FileScout.A) -> Nebyla provedena žádná instrukce.
C:\Users\bolid\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Users\bolid\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 7
C:\Users\bolid\AppData\Local\SwvUpdater\Updater.exe (PUP.Optional.SoftwareUpdater) -> Nebyla provedena žádná instrukce.
C:\Users\bolid\AppData\Roaming\File Scout\filescout.exe (PUP.Optional.FileScout.A) -> Nebyla provedena žádná instrukce.
C:\Windows\Tasks\AmiUpdXp.job (PUP.Software.Updater) -> Nebyla provedena žádná instrukce.
C:\Users\bolid\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Users\bolid\AppData\Roaming\File Scout\uninst.exe (PUP.Optional.FileScout.A) -> Nebyla provedena žádná instrukce.
C:\Users\bolid\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.
C:\Users\bolid\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Nebyla provedena žádná instrukce.

(konec)

Příspěvekod **jaro3** » 31 led 2014 10:29

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

. spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

prochy7b · Příspěvekod **prochy7b** » 31 led 2014 11:41

# AdwCleaner v3.018 - Report created 31/01/2014 at 10:50:47
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : bolid - BOLID-PC
# Running from : C:\Users\bolid\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\Program Files\Vuze
Folder Deleted : C:\Users\bolid\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\bolid\AppData\Local\TempDir
Folder Deleted : C:\Users\bolid\AppData\Roaming\Babylon
Folder Deleted : C:\Users\bolid\AppData\Roaming\file scout
Folder Deleted : C:\Users\bolid\AppData\Roaming\yourfiledownloader
File Deleted : C:\END
File Deleted : C:\Windows\Tasks\AmiUpdXp.job
File Deleted : C:\Windows\System32\Tasks\AmiUpdXp

***** [ Shortcuts ] *****

***** [ Registry ] *****

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AmiUpdXp
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FCB7581B-55B4-4482-8150-7D175C43529E}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FCB7581B-55B4-4482-8150-7D175C43529E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKCU\Software\5c48ddde239b841
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\filescout
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Google Chrome v32.0.1700.102

[ File : C:\Users\bolid\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [2660 octets] - [31/01/2014 09:25:16]
AdwCleaner[R1].txt - [2720 octets] - [31/01/2014 10:50:03]
AdwCleaner[S0].txt - [2711 octets] - [31/01/2014 10:50:47]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2771 octets] ##########

--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Ultimate x86
Ran by bolid on p 31.01.2014 at 11:03:31,47
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Suspicious HKCU\..\Run entries found. Trojan:JS/Medfos.B?

Value Name Type Value Data
========================================================================================
NextLive REG_SZ C:\Windows\system32\rundll32.exe "C:\Users\bolid\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4141045439-2583610481-2502348904-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{FC175CC9-C776-49A5-ACF4-95327118B0EE}

~~~ Files

~~~ Folders

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p 31.01.2014 at 11:06:00,47
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2014.01.31.04

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.16476
bolid :: BOLID-PC [administrátor]

31.1.2014 11:08:51
mbam-log-2014-01-31 (11-08-51).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 201431
Uplynulý čas: 8 minut, 25 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NextLive (PUP.Optional.NextLive.A) -> Data: C:\Windows\system32\rundll32.exe "C:\Users\bolid\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l -> Přesun do karantény a smazání se zdařilo.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 2
C:\Users\bolid\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\bolid\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Přesun do karantény a smazání se zdařilo.

Nalezené soubory: 3
C:\Users\bolid\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\bolid\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\bolid\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Přesun do karantény a smazání se zdařilo.

(konec)

--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2014.01.31.04

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.16476
bolid :: BOLID-PC [administrátor]

31.1.2014 11:21:04
mbam-log-2014-01-31 (11-21-04).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 201788
Uplynulý čas: 9 minut, 24 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

RogueKiller V8.8.4 [Jan 27 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : bolid [Práva správce]
Mód : Kontrola -- Datum : 01/31/2014 11:36:56
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP PATH] taskmgr.exe -- C:\Users\bolid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\taskmgr.exe [7] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 7 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NALEZENO
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> NALEZENO
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] IRP[IRP_MJ_CREATE] : C:\Windows\system32\drivers\winhv.sys -> HOOKED (Unknown @ 0x8552E1F8)
[Address] IRP[IRP_MJ_CLOSE] : C:\Windows\system32\drivers\winhv.sys -> HOOKED (Unknown @ 0x8552E1F8)
[Address] IRP[IRP_MJ_DEVICE_CONTROL] : C:\Windows\system32\drivers\winhv.sys -> HOOKED (Unknown @ 0x8552E1F8)
[Address] IRP[IRP_MJ_INTERNAL_DEVICE_CONTROL] : C:\Windows\system32\drivers\winhv.sys -> HOOKED (Unknown @ 0x8552E1F8)
[Address] IRP[IRP_MJ_POWER] : C:\Windows\system32\drivers\winhv.sys -> HOOKED (Unknown @ 0x8552E1F8)
[Address] IRP[IRP_MJ_SYSTEM_CONTROL] : C:\Windows\system32\drivers\winhv.sys -> HOOKED (Unknown @ 0x8552E1F8)
[Address] IRP[IRP_MJ_PNP] : C:\Windows\system32\drivers\winhv.sys -> HOOKED (Unknown @ 0x8552E1F8)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 csc3-2010-crl.verisign.com
127.0.0.1 ocsp.verisign.com
127.0.0.1 crl.verisign.com
127.0.0.1 download.dm.origin.com
127.0.0.1 secure.download.dm.origin.com
127.0.0.1 loginregistration.dm.origin.com
127.0.0.1 achievements.gameservices.ea.com
127.0.0.1 friends.dm.origin.com
127.0.0.1 avatar.dm.origin.com
127.0.0.1 ecommerce.dm.origin.com
127.0.0.1 static.cdn.ea.com
127.0.0.1 tealium.hs.llnwd.net
127.0.0.1 heartbeat.dm.origin.com
127.0.0.1 web.dm.origin.com
127.0.0.1 store.origin.com
127.0.0.1 ec2-54-243-231-82.compute-1.amazonaws.com
127.0.0.1 eaassets-a.akamaihd.net
127.0.0.1 ssl.resources.ea.com
127.0.0.1 akamai.cdn.ea.com
127.0.0.1 novafusion.ea.com
[...]

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD3200AAJS-00B4A0 ATA Device +++++
--- User ---
[MBR] 1a2e461c50c5a9e124dba03c79edeb88
[BSP] e122b92544fb4ddf63867a0359fda64b : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 134759 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 275988480 | Size: 170483 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_01312014_113656.txt >>

Příspěvekod **memphisto** » 31 led 2014 17:54

Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání- Finished "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

plus ještě jednou Rogue a dej možnost FIXHOST a opět log

prochy7b · Příspěvekod **prochy7b** » 31 led 2014 22:47

RogueKiller V8.8.4 [Jan 27 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : bolid [Práva správce]
Mód : Odebrat -- Datum : 01/31/2014 21:38:52
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 7 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NAHRAZENO (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowPrinters (0) -> NAHRAZENO (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> NAHRAZENO (1)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 csc3-2010-crl.verisign.com
127.0.0.1 ocsp.verisign.com
127.0.0.1 crl.verisign.com
127.0.0.1 download.dm.origin.com
127.0.0.1 secure.download.dm.origin.com
127.0.0.1 loginregistration.dm.origin.com
127.0.0.1 achievements.gameservices.ea.com
127.0.0.1 friends.dm.origin.com
127.0.0.1 avatar.dm.origin.com
127.0.0.1 ecommerce.dm.origin.com
127.0.0.1 static.cdn.ea.com
127.0.0.1 tealium.hs.llnwd.net
127.0.0.1 heartbeat.dm.origin.com
127.0.0.1 web.dm.origin.com
127.0.0.1 store.origin.com
127.0.0.1 ec2-54-243-231-82.compute-1.amazonaws.com
127.0.0.1 eaassets-a.akamaihd.net
127.0.0.1 ssl.resources.ea.com
127.0.0.1 akamai.cdn.ea.com
127.0.0.1 novafusion.ea.com
[...]

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD3200AAJS-00B4A0 ATA Device +++++
--- User ---
[MBR] 1a2e461c50c5a9e124dba03c79edeb88
[BSP] e122b92544fb4ddf63867a0359fda64b : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 134759 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 275988480 | Size: 170483 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_01312014_213852.txt >>
RKreport[0]_S_01312014_113656.txt;RKreport[0]_S_01312014_213827.txt

-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

RogueKiller V8.8.4 [Jan 27 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : bolid [Práva správce]
Mód : Oprava HOSTS -- Datum : 01/31/2014 22:25:34
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP PATH] taskmgr.exe -- C:\Users\bolid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\taskmgr.exe [7] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 csc3-2010-crl.verisign.com
127.0.0.1 ocsp.verisign.com
127.0.0.1 crl.verisign.com
127.0.0.1 download.dm.origin.com
127.0.0.1 secure.download.dm.origin.com
127.0.0.1 loginregistration.dm.origin.com
127.0.0.1 achievements.gameservices.ea.com
127.0.0.1 friends.dm.origin.com
127.0.0.1 avatar.dm.origin.com
127.0.0.1 ecommerce.dm.origin.com
127.0.0.1 static.cdn.ea.com
127.0.0.1 tealium.hs.llnwd.net
127.0.0.1 heartbeat.dm.origin.com
127.0.0.1 web.dm.origin.com
127.0.0.1 store.origin.com
127.0.0.1 ec2-54-243-231-82.compute-1.amazonaws.com
127.0.0.1 eaassets-a.akamaihd.net
127.0.0.1 ssl.resources.ea.com
127.0.0.1 akamai.cdn.ea.com
127.0.0.1 novafusion.ea.com
[...]

¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost

Dokončeno : << RKreport[0]_H_01312014_222534.txt >>
RKreport[0]_D_01312014_213852.txt;RKreport[0]_S_01312014_113656.txt;RKreport[0]_S_01312014_213827.txt
RKreport[0]_S_01312014_220848.txt

Příspěvekod **jaro3** » 01 úno 2014 11:04

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:
Poznámka: Nepoužij k označení skriptu funkci VYBRAT VŠE

Kód: Vybrat vše

@echo off
del /q /a /f %systemroot%\system32\drivers\etc\hosts 2>nul
echo 127.0.0.1 localhost>>%systemroot%\system32\drivers\etc\hosts
exit

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:zev souboru: zde napiš: FixHosts.bat
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.
Poklepáním na soubor ho spusť.

pak nový RK,

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

prochy7b · Příspěvekod **prochy7b** » 01 úno 2014 12:51

RogueKiller V8.8.4 [Jan 27 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : bolid [Práva správce]
Mód : Kontrola -- Datum : 02/01/2014 11:56:25
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP PATH] taskmgr.exe -- C:\Users\bolid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\taskmgr.exe [7] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] IRP[IRP_MJ_CREATE] : C:\Windows\system32\drivers\winhv.sys -> HOOKED (Unknown @ 0x8532F1F8)
[Address] IRP[IRP_MJ_CLOSE] : C:\Windows\system32\drivers\winhv.sys -> HOOKED (Unknown @ 0x8532F1F8)
[Address] IRP[IRP_MJ_DEVICE_CONTROL] : C:\Windows\system32\drivers\winhv.sys -> HOOKED (Unknown @ 0x8532F1F8)
[Address] IRP[IRP_MJ_INTERNAL_DEVICE_CONTROL] : C:\Windows\system32\drivers\winhv.sys -> HOOKED (Unknown @ 0x8532F1F8)
[Address] IRP[IRP_MJ_POWER] : C:\Windows\system32\drivers\winhv.sys -> HOOKED (Unknown @ 0x8532F1F8)
[Address] IRP[IRP_MJ_SYSTEM_CONTROL] : C:\Windows\system32\drivers\winhv.sys -> HOOKED (Unknown @ 0x8532F1F8)
[Address] IRP[IRP_MJ_PNP] : C:\Windows\system32\drivers\winhv.sys -> HOOKED (Unknown @ 0x8532F1F8)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD3200AAJS-00B4A0 ATA Device +++++
--- User ---
[MBR] 1a2e461c50c5a9e124dba03c79edeb88
[BSP] e122b92544fb4ddf63867a0359fda64b : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 134759 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 275988480 | Size: 170483 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_02012014_115625.txt >>

prochy7b · Příspěvekod **prochy7b** » 01 úno 2014 12:54

12:17:48.0304 2144 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
12:18:08.0678 2144 ============================================================
12:18:08.0678 2144 Current date / time: 2014/02/01 12:18:08.0678
12:18:08.0678 2144 SystemInfo:
12:18:08.0678 2144
12:18:08.0678 2144 OS Version: 6.1.7601 ServicePack: 1.0
12:18:08.0678 2144 Product type: Workstation
12:18:08.0678 2144 ComputerName: BOLID-PC
12:18:08.0678 2144 UserName: bolid
12:18:08.0678 2144 Windows directory: C:\Windows
12:18:08.0678 2144 System windows directory: C:\Windows
12:18:08.0678 2144 Processor architecture: Intel x86
12:18:08.0678 2144 Number of processors: 2
12:18:08.0678 2144 Page size: 0x1000
12:18:08.0678 2144 Boot type: Normal boot
12:18:08.0678 2144 ============================================================
12:18:09.0988 2144 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:18:10.0004 2144 ============================================================
12:18:10.0004 2144 \Device\Harddisk0\DR0:
12:18:10.0004 2144 MBR partitions:
12:18:10.0004 2144 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x10733800
12:18:10.0004 2144 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x10734000, BlocksNum 0x14CF9800
12:18:10.0004 2144 ============================================================
12:18:10.0035 2144 C: <-> \Device\Harddisk0\DR0\Partition1
12:18:10.0066 2144 K: <-> \Device\Harddisk0\DR0\Partition2
12:18:10.0066 2144 ============================================================
12:18:10.0066 2144 Initialize success
12:18:10.0066 2144 ============================================================
12:18:15.0323 0696 ============================================================
12:18:15.0323 0696 Scan started
12:18:15.0323 0696 Mode: Manual;
12:18:15.0323 0696 ============================================================
12:18:15.0651 0696 ================ Scan system memory ========================
12:18:15.0651 0696 System memory - ok
12:18:15.0651 0696 ================ Scan services =============================
12:18:15.0838 0696 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:18:15.0854 0696 1394ohci - ok
12:18:15.0885 0696 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:18:15.0885 0696 ACPI - ok
12:18:15.0932 0696 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:18:15.0932 0696 AcpiPmi - ok
12:18:16.0025 0696 [ B362181ED3771DC03B4141927C80F801 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
12:18:16.0025 0696 AdobeARMservice - ok
12:18:16.0119 0696 [ 2471BCB6E1388A3484E78243A1BE5F33 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:18:16.0119 0696 AdobeFlashPlayerUpdateSvc - ok
12:18:16.0181 0696 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
12:18:16.0181 0696 adp94xx - ok
12:18:16.0212 0696 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
12:18:16.0212 0696 adpahci - ok
12:18:16.0228 0696 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
12:18:16.0228 0696 adpu320 - ok
12:18:16.0259 0696 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:18:16.0259 0696 AeLookupSvc - ok
12:18:16.0322 0696 [ F81BB7E487EDCEAB630A7EE66CF23913 ] AFD C:\Windows\system32\drivers\afd.sys
12:18:16.0322 0696 AFD - ok
12:18:16.0353 0696 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
12:18:16.0353 0696 agp440 - ok
12:18:16.0384 0696 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
12:18:16.0384 0696 aic78xx - ok
12:18:16.0415 0696 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
12:18:16.0415 0696 ALG - ok
12:18:16.0462 0696 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
12:18:16.0462 0696 aliide - ok
12:18:16.0493 0696 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
12:18:16.0493 0696 amdagp - ok
12:18:16.0524 0696 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
12:18:16.0524 0696 amdide - ok
12:18:16.0556 0696 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:18:16.0556 0696 AmdK8 - ok
12:18:16.0587 0696 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:18:16.0587 0696 AmdPPM - ok
12:18:16.0618 0696 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:18:16.0618 0696 amdsata - ok
12:18:16.0649 0696 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
12:18:16.0649 0696 amdsbs - ok
12:18:16.0649 0696 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:18:16.0665 0696 amdxata - ok
12:18:16.0696 0696 [ DD8D9C597AF7CD2F6B70A3D6A4A1ACEA ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
12:18:16.0712 0696 androidusb - ok
12:18:16.0758 0696 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
12:18:16.0758 0696 AppID - ok
12:18:16.0805 0696 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:18:16.0805 0696 AppIDSvc - ok
12:18:16.0836 0696 [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo C:\Windows\System32\appinfo.dll
12:18:16.0836 0696 Appinfo - ok
12:18:16.0883 0696 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
12:18:16.0899 0696 AppMgmt - ok
12:18:16.0946 0696 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
12:18:16.0946 0696 arc - ok
12:18:16.0977 0696 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
12:18:16.0977 0696 arcsas - ok
12:18:17.0070 0696 [ 9D768C43FEF254DD50B1DBF8AD5C4C0B ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
12:18:17.0070 0696 aspnet_state - ok
12:18:17.0102 0696 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:18:17.0102 0696 AsyncMac - ok
12:18:17.0133 0696 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
12:18:17.0133 0696 atapi - ok
12:18:17.0180 0696 [ 20B956A7D7484915B647FA13569AB557 ] AtcL001 C:\Windows\system32\DRIVERS\l160x86.sys
12:18:17.0180 0696 AtcL001 - ok
12:18:17.0211 0696 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:18:17.0226 0696 AudioEndpointBuilder - ok
12:18:17.0242 0696 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
12:18:17.0242 0696 Audiosrv - ok
12:18:17.0273 0696 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:18:17.0273 0696 AxInstSV - ok
12:18:17.0336 0696 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
12:18:17.0336 0696 b06bdrv - ok
12:18:17.0398 0696 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
12:18:17.0398 0696 b57nd60x - ok
12:18:17.0445 0696 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
12:18:17.0445 0696 BDESVC - ok
12:18:17.0460 0696 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
12:18:17.0460 0696 Beep - ok
12:18:17.0507 0696 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
12:18:17.0523 0696 BFE - ok
12:18:17.0570 0696 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
12:18:17.0585 0696 BITS - ok
12:18:17.0601 0696 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:18:17.0601 0696 blbdrive - ok
12:18:17.0632 0696 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:18:17.0632 0696 bowser - ok
12:18:17.0663 0696 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:18:17.0663 0696 BrFiltLo - ok
12:18:17.0679 0696 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:18:17.0679 0696 BrFiltUp - ok
12:18:17.0694 0696 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
12:18:17.0694 0696 Browser - ok
12:18:17.0726 0696 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:18:17.0726 0696 Brserid - ok
12:18:17.0741 0696 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:18:17.0741 0696 BrSerWdm - ok
12:18:17.0757 0696 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:18:17.0757 0696 BrUsbMdm - ok
12:18:17.0772 0696 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:18:17.0772 0696 BrUsbSer - ok
12:18:17.0788 0696 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:18:17.0788 0696 BTHMODEM - ok
12:18:17.0850 0696 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
12:18:17.0850 0696 bthserv - ok
12:18:17.0897 0696 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:18:17.0897 0696 cdfs - ok
12:18:17.0944 0696 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:18:17.0944 0696 cdrom - ok
12:18:18.0006 0696 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
12:18:18.0006 0696 CertPropSvc - ok
12:18:18.0022 0696 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:18:18.0022 0696 circlass - ok
12:18:18.0038 0696 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
12:18:18.0038 0696 CLFS - ok
12:18:18.0100 0696 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:18:18.0116 0696 clr_optimization_v2.0.50727_32 - ok
12:18:18.0147 0696 [ E87213F37A13E2B54391E40934F071D0 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:18:18.0147 0696 clr_optimization_v4.0.30319_32 - ok
12:18:18.0162 0696 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:18:18.0162 0696 CmBatt - ok
12:18:18.0194 0696 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:18:18.0194 0696 cmdide - ok
12:18:18.0225 0696 [ 85449EEBE8F8EBD6481EFBF0F352B4EB ] CNG C:\Windows\system32\Drivers\cng.sys
12:18:18.0225 0696 CNG - ok
12:18:18.0240 0696 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:18:18.0240 0696 Compbatt - ok
12:18:18.0272 0696 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:18:18.0272 0696 CompositeBus - ok
12:18:18.0303 0696 COMSysApp - ok
12:18:18.0334 0696 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
12:18:18.0334 0696 crcdisk - ok
12:18:18.0365 0696 [ 7CA1BECEA5DE2643ADDAD32670E7A4C9 ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:18:18.0381 0696 CryptSvc - ok
12:18:18.0428 0696 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
12:18:18.0428 0696 CSC - ok
12:18:18.0490 0696 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
12:18:18.0506 0696 CscService - ok
12:18:18.0552 0696 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
12:18:18.0552 0696 DcomLaunch - ok
12:18:18.0599 0696 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
12:18:18.0599 0696 defragsvc - ok
12:18:18.0646 0696 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:18:18.0646 0696 DfsC - ok
12:18:18.0693 0696 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
12:18:18.0693 0696 Dhcp - ok
12:18:18.0740 0696 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
12:18:18.0740 0696 discache - ok
12:18:18.0771 0696 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
12:18:18.0771 0696 Disk - ok
12:18:18.0802 0696 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:18:18.0802 0696 Dnscache - ok
12:18:18.0833 0696 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
12:18:18.0833 0696 dot3svc - ok
12:18:18.0864 0696 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
12:18:18.0864 0696 DPS - ok
12:18:18.0958 0696 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:18:18.0958 0696 drmkaud - ok
12:18:19.0052 0696 [ 71BC35067CABC02C9453AEAA42B2E43E ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:18:19.0052 0696 DXGKrnl - ok
12:18:19.0098 0696 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
12:18:19.0098 0696 EapHost - ok
12:18:19.0192 0696 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
12:18:19.0223 0696 ebdrv - ok
12:18:19.0254 0696 [ 803B370865D907EA21DC0C2B6A8936B5 ] EFS C:\Windows\System32\lsass.exe
12:18:19.0254 0696 EFS - ok
12:18:19.0317 0696 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:18:19.0317 0696 ehRecvr - ok
12:18:19.0348 0696 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
12:18:19.0348 0696 ehSched - ok
12:18:19.0395 0696 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
12:18:19.0395 0696 elxstor - ok
12:18:19.0426 0696 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:18:19.0426 0696 ErrDev - ok
12:18:19.0457 0696 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
12:18:19.0457 0696 EventSystem - ok
12:18:19.0473 0696 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
12:18:19.0473 0696 exfat - ok
12:18:19.0504 0696 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:18:19.0504 0696 fastfat - ok
12:18:19.0535 0696 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
12:18:19.0535 0696 Fax - ok
12:18:19.0551 0696 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:18:19.0551 0696 fdc - ok
12:18:19.0566 0696 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
12:18:19.0566 0696 fdPHost - ok
12:18:19.0582 0696 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
12:18:19.0582 0696 FDResPub - ok
12:18:19.0582 0696 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:18:19.0598 0696 FileInfo - ok
12:18:19.0598 0696 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:18:19.0598 0696 Filetrace - ok
12:18:19.0613 0696 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:18:19.0613 0696 flpydisk - ok
12:18:19.0644 0696 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:18:19.0644 0696 FltMgr - ok
12:18:19.0691 0696 [ E12C4928B32ACE04610259647F072635 ] FontCache C:\Windows\system32\FntCache.dll
12:18:19.0707 0696 FontCache - ok
12:18:19.0785 0696 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:18:19.0785 0696 FontCache3.0.0.0 - ok
12:18:19.0800 0696 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:18:19.0800 0696 FsDepends - ok
12:18:19.0847 0696 [ 2B3BF55BA74EB8118F67AB2B450B8EA9 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
12:18:19.0847 0696 fssfltr - ok
12:18:19.0972 0696 [ B6AB40819ECEC4BA07266EC0EBBC85A7 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
12:18:19.0988 0696 fsssvc - ok
12:18:20.0019 0696 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:18:20.0019 0696 Fs_Rec - ok
12:18:20.0066 0696 [ E306A24D9694C724FA2491278BF50FDB ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:18:20.0066 0696 fvevol - ok
12:18:20.0097 0696 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:18:20.0097 0696 gagp30kx - ok
12:18:20.0144 0696 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
12:18:20.0159 0696 gpsvc - ok
12:18:20.0237 0696 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
12:18:20.0237 0696 gupdate - ok
12:18:20.0237 0696 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
12:18:20.0237 0696 gupdatem - ok
12:18:20.0268 0696 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:18:20.0268 0696 hcw85cir - ok
12:18:20.0315 0696 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:18:20.0315 0696 HdAudAddService - ok
12:18:20.0331 0696 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:18:20.0331 0696 HDAudBus - ok
12:18:20.0346 0696 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:18:20.0346 0696 HidBatt - ok
12:18:20.0362 0696 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:18:20.0362 0696 HidBth - ok
12:18:20.0378 0696 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:18:20.0378 0696 HidIr - ok
12:18:20.0424 0696 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
12:18:20.0424 0696 hidserv - ok
12:18:20.0487 0696 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:18:20.0487 0696 HidUsb - ok
12:18:20.0518 0696 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:18:20.0518 0696 hkmsvc - ok
12:18:20.0565 0696 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:18:20.0565 0696 HomeGroupListener - ok
12:18:20.0612 0696 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:18:20.0612 0696 HomeGroupProvider - ok
12:18:20.0643 0696 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:18:20.0643 0696 HpSAMD - ok
12:18:20.0690 0696 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:18:20.0705 0696 HTTP - ok
12:18:20.0721 0696 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:18:20.0721 0696 hwpolicy - ok
12:18:20.0752 0696 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:18:20.0752 0696 i8042prt - ok
12:18:20.0783 0696 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:18:20.0783 0696 iaStorV - ok
12:18:20.0861 0696 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:18:20.0861 0696 idsvc - ok
12:18:20.0924 0696 IEEtwCollectorService - ok
12:18:20.0970 0696 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:18:20.0970 0696 iirsp - ok
12:18:21.0033 0696 [ B9C54120F46392100478F58F374E5709 ] IKEEXT C:\Windows\System32\ikeext.dll
12:18:21.0064 0696 IKEEXT - ok
12:18:21.0095 0696 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
12:18:21.0095 0696 intelide - ok
12:18:21.0126 0696 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:18:21.0142 0696 intelppm - ok
12:18:21.0158 0696 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:18:21.0173 0696 IPBusEnum - ok
12:18:21.0189 0696 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:18:21.0189 0696 IpFilterDriver - ok
12:18:21.0220 0696 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:18:21.0251 0696 iphlpsvc - ok
12:18:21.0282 0696 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:18:21.0282 0696 IPMIDRV - ok
12:18:21.0298 0696 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:18:21.0298 0696 IPNAT - ok
12:18:21.0329 0696 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:18:21.0329 0696 IRENUM - ok
12:18:21.0345 0696 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:18:21.0345 0696 isapnp - ok
12:18:21.0376 0696 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:18:21.0376 0696 iScsiPrt - ok
12:18:21.0423 0696 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
12:18:21.0423 0696 kbdclass - ok
12:18:21.0454 0696 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
12:18:21.0454 0696 kbdhid - ok
12:18:21.0470 0696 [ 803B370865D907EA21DC0C2B6A8936B5 ] KeyIso C:\Windows\system32\lsass.exe
12:18:21.0470 0696 KeyIso - ok
12:18:21.0501 0696 [ F286830298323272260332D6ABC905C1 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:18:21.0501 0696 KSecDD - ok
12:18:21.0532 0696 [ D7C760D57B1656DD748B9E4AB6CB5A51 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:18:21.0532 0696 KSecPkg - ok
12:18:21.0563 0696 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
12:18:21.0579 0696 KtmRm - ok
12:18:21.0610 0696 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
12:18:21.0610 0696 LanmanServer - ok
12:18:21.0641 0696 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:18:21.0641 0696 LanmanWorkstation - ok
12:18:21.0704 0696 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:18:21.0704 0696 lltdio - ok
12:18:21.0735 0696 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:18:21.0735 0696 lltdsvc - ok
12:18:21.0750 0696 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
12:18:21.0766 0696 lmhosts - ok
12:18:21.0782 0696 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
12:18:21.0782 0696 LSI_FC - ok
12:18:21.0797 0696 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
12:18:21.0813 0696 LSI_SAS - ok
12:18:21.0813 0696 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:18:21.0813 0696 LSI_SAS2 - ok
12:18:21.0828 0696 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:18:21.0844 0696 LSI_SCSI - ok
12:18:21.0860 0696 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
12:18:21.0860 0696 luafv - ok
12:18:21.0891 0696 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:18:21.0891 0696 Mcx2Svc - ok
12:18:21.0984 0696 [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
12:18:21.0984 0696 MDM - ok
12:18:22.0016 0696 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
12:18:22.0016 0696 megasas - ok
12:18:22.0031 0696 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
12:18:22.0047 0696 MegaSR - ok
12:18:22.0140 0696 Microsoft SharePoint Workspace Audit Service - ok
12:18:22.0156 0696 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
12:18:22.0172 0696 MMCSS - ok
12:18:22.0203 0696 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
12:18:22.0203 0696 Modem - ok
12:18:22.0218 0696 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:18:22.0218 0696 monitor - ok
12:18:22.0265 0696 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:18:22.0265 0696 mouclass - ok
12:18:22.0296 0696 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:18:22.0296 0696 mouhid - ok
12:18:22.0328 0696 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:18:22.0328 0696 mountmgr - ok
12:18:22.0421 0696 [ E77DC03DD3C8E5A388BF9EED2A28F3D1 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
12:18:22.0421 0696 MpFilter - ok
12:18:22.0468 0696 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
12:18:22.0468 0696 mpio - ok
12:18:22.0608 0696 [ 06D4F934E09C359B0EFBFB3146F1D910 ] MpKsldf34b988 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C1E044A4-A7CA-4841-B623-6DE6471516C6}\MpKsldf34b988.sys
12:18:22.0608 0696 MpKsldf34b988 - ok
12:18:22.0640 0696 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:18:22.0640 0696 mpsdrv - ok
12:18:22.0686 0696 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:18:22.0702 0696 MpsSvc - ok
12:18:22.0733 0696 [ 21F4B24ACFC79A483515BD986DD9043F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:18:22.0749 0696 MRxDAV - ok
12:18:22.0780 0696 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:18:22.0780 0696 mrxsmb - ok
12:18:22.0827 0696 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:18:22.0827 0696 mrxsmb10 - ok
12:18:22.0874 0696 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:18:22.0874 0696 mrxsmb20 - ok
12:18:22.0920 0696 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
12:18:22.0920 0696 msahci - ok
12:18:22.0952 0696 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:18:22.0952 0696 msdsm - ok
12:18:22.0983 0696 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
12:18:22.0998 0696 MSDTC - ok
12:18:23.0030 0696 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:18:23.0030 0696 Msfs - ok
12:18:23.0045 0696 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:18:23.0045 0696 mshidkmdf - ok
12:18:23.0076 0696 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:18:23.0076 0696 msisadrv - ok
12:18:23.0123 0696 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:18:23.0123 0696 MSiSCSI - ok
12:18:23.0123 0696 msiserver - ok
12:18:23.0139 0696 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:18:23.0154 0696 MSKSSRV - ok
12:18:23.0232 0696 [ B0F49DA36F30922F5DDC3B623B778FCE ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
12:18:23.0232 0696 MsMpSvc - ok
12:18:23.0248 0696 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:18:23.0248 0696 MSPCLOCK - ok
12:18:23.0279 0696 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:18:23.0279 0696 MSPQM - ok
12:18:23.0295 0696 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:18:23.0295 0696 MsRPC - ok
12:18:23.0326 0696 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:18:23.0326 0696 mssmbios - ok
12:18:23.0342 0696 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:18:23.0342 0696 MSTEE - ok
12:18:23.0357 0696 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
12:18:23.0357 0696 MTConfig - ok
12:18:23.0388 0696 [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
12:18:23.0388 0696 MTsensor - ok
12:18:23.0404 0696 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
12:18:23.0404 0696 Mup - ok
12:18:23.0451 0696 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
12:18:23.0466 0696 napagent - ok
12:18:23.0482 0696 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:18:23.0498 0696 NativeWifiP - ok
12:18:23.0544 0696 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:18:23.0560 0696 NDIS - ok
12:18:23.0576 0696 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:18:23.0576 0696 NdisCap - ok
12:18:23.0607 0696 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:18:23.0607 0696 NdisTapi - ok
12:18:23.0638 0696 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:18:23.0638 0696 Ndisuio - ok
12:18:23.0669 0696 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:18:23.0685 0696 NdisWan - ok
12:18:23.0700 0696 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:18:23.0716 0696 NDProxy - ok
12:18:23.0747 0696 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:18:23.0747 0696 NetBIOS - ok
12:18:23.0778 0696 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:18:23.0794 0696 NetBT - ok
12:18:23.0810 0696 [ 803B370865D907EA21DC0C2B6A8936B5 ] Netlogon C:\Windows\system32\lsass.exe
12:18:23.0810 0696 Netlogon - ok
12:18:23.0872 0696 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
12:18:23.0888 0696 Netman - ok
12:18:23.0919 0696 [ 21318671BCAD3ACF16638F98D4D00973 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:18:23.0919 0696 NetMsmqActivator - ok
12:18:23.0950 0696 [ 21318671BCAD3ACF16638F98D4D00973 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:18:23.0950 0696 NetPipeActivator - ok
12:18:23.0966 0696 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
12:18:23.0981 0696 netprofm - ok
12:18:23.0981 0696 [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:18:23.0981 0696 NetTcpActivator - ok
12:18:23.0997 0696 [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:18:23.0997 0696 NetTcpPortSharing - ok
12:18:24.0028 0696 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
12:18:24.0028 0696 nfrd960 - ok
12:18:24.0090 0696 [ 32FF06EC6D946EF791D98D6C838A3090 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
12:18:24.0090 0696 NisDrv - ok
12:18:24.0122 0696 [ 42D33042371BFB1A7D40834590CAFD30 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
12:18:24.0122 0696 NisSrv - ok
12:18:24.0168 0696 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
12:18:24.0168 0696 NlaSvc - ok
12:18:24.0200 0696 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:18:24.0200 0696 Npfs - ok
12:18:24.0215 0696 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
12:18:24.0215 0696 nsi - ok
12:18:24.0231 0696 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:18:24.0231 0696 nsiproxy - ok
12:18:24.0278 0696 [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:18:24.0293 0696 Ntfs - ok
12:18:24.0293 0696 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
12:18:24.0293 0696 Null - ok
12:18:24.0605 0696 [ FB20C4EE6242B71AB95A65AC2CE19161 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:18:24.0699 0696 nvlddmkm - ok
12:18:24.0792 0696 [ 1D3878E5722F0AB3C22D04E88AC4AC55 ] NvNetworkService C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
12:18:24.0808 0696 NvNetworkService - ok
12:18:24.0839 0696 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:18:24.0839 0696 nvraid - ok
12:18:24.0886 0696 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:18:24.0886 0696 nvstor - ok
12:18:25.0338 0696 [ 4A5826E5CC2DA7DC33CB4FB8EA285508 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
12:18:25.0432 0696 NvStreamSvc - ok
12:18:25.0463 0696 [ E6A8ED576AB1DAF196E204BCF52DDA18 ] nvsvc C:\Windows\system32\nvvsvc.exe
12:18:25.0479 0696 nvsvc - ok
12:18:25.0526 0696 [ F9D6D29A55C289B8AF0858C267BE7126 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad32v.sys
12:18:25.0526 0696 nvvad_WaveExtensible - ok
12:18:25.0557 0696 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:18:25.0572 0696 nv_agp - ok
12:18:25.0604 0696 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:18:25.0619 0696 ohci1394 - ok
12:18:25.0682 0696 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:18:25.0682 0696 ose - ok
12:18:25.0853 0696 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:18:25.0884 0696 osppsvc - ok
12:18:25.0916 0696 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:18:25.0931 0696 p2pimsvc - ok
12:18:25.0962 0696 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
12:18:25.0978 0696 p2psvc - ok
12:18:26.0009 0696 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:18:26.0009 0696 Parport - ok
12:18:26.0040 0696 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:18:26.0040 0696 partmgr - ok
12:18:26.0072 0696 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
12:18:26.0072 0696 Parvdm - ok
12:18:26.0087 0696 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:18:26.0087 0696 PcaSvc - ok
12:18:26.0134 0696 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
12:18:26.0134 0696 pci - ok
12:18:26.0165 0696 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
12:18:26.0165 0696 pciide - ok
12:18:26.0181 0696 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:18:26.0181 0696 pcmcia - ok
12:18:26.0181 0696 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
12:18:26.0181 0696 pcw - ok
12:18:26.0212 0696 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:18:26.0228 0696 PEAUTH - ok
12:18:26.0274 0696 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
12:18:26.0321 0696 PeerDistSvc - ok
12:18:26.0399 0696 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
12:18:26.0446 0696 pla - ok
12:18:26.0493 0696 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:18:26.0508 0696 PlugPlay - ok
12:18:26.0540 0696 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:18:26.0555 0696 PNRPAutoReg - ok
12:18:26.0571 0696 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:18:26.0571 0696 PNRPsvc - ok
12:18:26.0586 0696 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:18:26.0602 0696 PolicyAgent - ok
12:18:26.0633 0696 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
12:18:26.0633 0696 Power - ok
12:18:26.0680 0696 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:18:26.0680 0696 PptpMiniport - ok
12:18:26.0711 0696 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
12:18:26.0711 0696 Processor - ok
12:18:26.0758 0696 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
12:18:26.0758 0696 ProfSvc - ok
12:18:26.0774 0696 [ 803B370865D907EA21DC0C2B6A8936B5 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:18:26.0774 0696 ProtectedStorage - ok
12:18:26.0805 0696 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:18:26.0805 0696 Psched - ok
12:18:26.0852 0696 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
12:18:26.0867 0696 ql2300 - ok
12:18:26.0883 0696 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
12:18:26.0883 0696 ql40xx - ok
12:18:26.0914 0696 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
12:18:26.0914 0696 QWAVE - ok
12:18:26.0930 0696 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:18:26.0930 0696 QWAVEdrv - ok
12:18:26.0945 0696 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:18:26.0945 0696 RasAcd - ok
12:18:26.0992 0696 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:18:26.0992 0696 RasAgileVpn - ok
12:18:27.0008 0696 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
12:18:27.0023 0696 RasAuto - ok
12:18:27.0039 0696 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:18:27.0039 0696 Rasl2tp - ok
12:18:27.0086 0696 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
12:18:27.0086 0696 RasMan - ok
12:18:27.0101 0696 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:18:27.0101 0696 RasPppoe - ok
12:18:27.0132 0696 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:18:27.0132 0696 RasSstp - ok
12:18:27.0164 0696 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:18:27.0164 0696 rdbss - ok
12:18:27.0210 0696 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:18:27.0210 0696 rdpbus - ok
12:18:27.0226 0696 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:18:27.0226 0696 RDPCDD - ok
12:18:27.0273 0696 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
12:18:27.0273 0696 RDPDR - ok
12:18:27.0304 0696 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:18:27.0304 0696 RDPENCDD - ok
12:18:27.0320 0696 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:18:27.0320 0696 RDPREFMP - ok
12:18:27.0398 0696 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:18:27.0398 0696 RdpVideoMiniport - ok
12:18:27.0429 0696 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:18:27.0444 0696 RDPWD - ok
12:18:27.0491 0696 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:18:27.0507 0696 rdyboost - ok
12:18:27.0538 0696 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
12:18:27.0554 0696 RemoteAccess - ok
12:18:27.0585 0696 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:18:27.0585 0696 RemoteRegistry - ok
12:18:27.0616 0696 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:18:27.0616 0696 RpcEptMapper - ok
12:18:27.0647 0696 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
12:18:27.0647 0696 RpcLocator - ok
12:18:27.0678 0696 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
12:18:27.0678 0696 RpcSs - ok
12:18:27.0725 0696 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:18:27.0725 0696 rspndr - ok
12:18:27.0756 0696 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
12:18:27.0756 0696 s3cap - ok
12:18:27.0772 0696 [ 803B370865D907EA21DC0C2B6A8936B5 ] SamSs C:\Windows\system32\lsass.exe
12:18:27.0772 0696 SamSs - ok
12:18:27.0819 0696 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:18:27.0819 0696 sbp2port - ok
12:18:27.0834 0696 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:18:27.0850 0696 SCardSvr - ok
12:18:27.0881 0696 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:18:27.0881 0696 scfilter - ok
12:18:27.0912 0696 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
12:18:27.0928 0696 Schedule - ok
12:18:27.0959 0696 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
12:18:27.0975 0696 SCPolicySvc - ok
12:18:28.0006 0696 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:18:28.0006 0696 SDRSVC - ok
12:18:28.0053 0696 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:18:28.0068 0696 secdrv - ok
12:18:28.0100 0696 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
12:18:28.0100 0696 seclogon - ok
12:18:28.0131 0696 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
12:18:28.0146 0696 SENS - ok
12:18:28.0178 0696 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:18:28.0178 0696 SensrSvc - ok
12:18:28.0193 0696 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:18:28.0193 0696 Serenum - ok
12:18:28.0209 0696 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:18:28.0209 0696 Serial - ok
12:18:28.0256 0696 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
12:18:28.0256 0696 sermouse - ok
12:18:28.0302 0696 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
12:18:28.0302 0696 SessionEnv - ok
12:18:28.0334 0696 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:18:28.0334 0696 sffdisk - ok
12:18:28.0349 0696 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:18:28.0349 0696 sffp_mmc - ok
12:18:28.0365 0696 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:18:28.0365 0696 sffp_sd - ok
12:18:28.0380 0696 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:18:28.0380 0696 sfloppy - ok
12:18:28.0427 0696 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:18:28.0427 0696 SharedAccess - ok
12:18:28.0458 0696 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:18:28.0474 0696 ShellHWDetection - ok
12:18:28.0505 0696 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
12:18:28.0505 0696 sisagp - ok
12:18:28.0521 0696 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:18:28.0521 0696 SiSRaid2 - ok
12:18:28.0552 0696 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
12:18:28.0552 0696 SiSRaid4 - ok
12:18:28.0599 0696 [ F5BBEDF602C310B00036EB2DBF4348A5 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
12:18:28.0599 0696 SkypeUpdate - ok
12:18:28.0630 0696 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:18:28.0630 0696 Smb - ok
12:18:28.0692 0696 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:18:28.0692 0696 SNMPTRAP - ok
12:18:28.0708 0696 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
12:18:28.0708 0696 spldr - ok
12:18:28.0755 0696 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
12:18:28.0770 0696 Spooler - ok
12:18:28.0864 0696 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
12:18:28.0880 0696 sppsvc - ok
12:18:28.0895 0696 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:18:28.0911 0696 sppuinotify - ok
12:18:28.0958 0696 [ 68103A2B441BBF3908EBB587F0704D6C ] sptd C:\Windows\System32\Drivers\sptd.sys
12:18:28.0958 0696 sptd - ok
12:18:28.0989 0696 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:18:29.0004 0696 srv - ok
12:18:29.0020 0696 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:18:29.0020 0696 srv2 - ok
12:18:29.0051 0696 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:18:29.0051 0696 srvnet - ok
12:18:29.0082 0696 [ 64E44ACD8C238FCBBB78F0BA4BDC4B05 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
12:18:29.0098 0696 ssadbus - ok
12:18:29.0129 0696 [ BB2C84A15C765DA89FD832B0E73F26CE ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
12:18:29.0129 0696 ssadmdfl - ok
12:18:29.0129 0696 [ 6D0D132DDC6F43EDA00DCED6D8B1CA31 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
12:18:29.0129 0696 ssadmdm - ok
12:18:29.0160 0696 [ 1A5A397BC459F346AB56492B61EF79F6 ] ssadserd C:\Windows\system32\DRIVERS\ssadserd.sys
12:18:29.0160 0696 ssadserd - ok
12:18:29.0207 0696 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:18:29.0223 0696 SSDPSRV - ok
12:18:29.0238 0696 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:18:29.0254 0696 SstpSvc - ok
12:18:29.0285 0696 [ 3F0164FBC0BD1ADBD02DF9759181451A ] ss_bbus C:\Windows\system32\DRIVERS\ss_bbus.sys
12:18:29.0285 0696 ss_bbus - ok
12:18:29.0332 0696 [ B89D62206034E5FE573C80A24DD55675 ] ss_bmdfl C:\Windows\system32\DRIVERS\ss_bmdfl.sys
12:18:29.0332 0696 ss_bmdfl - ok
12:18:29.0348 0696 [ 1ED0FCEA586FE2A416EE15196E5631DD ] ss_bmdm C:\Windows\system32\DRIVERS\ss_bmdm.sys
12:18:29.0348 0696 ss_bmdm - ok
12:18:29.0426 0696 [ A9D26626BEADF5A0641BF6B5095EF309 ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
12:18:29.0426 0696 Stereo Service - ok
12:18:29.0472 0696 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
12:18:29.0472 0696 stexstor - ok
12:18:29.0504 0696 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
12:18:29.0519 0696 StiSvc - ok
12:18:29.0535 0696 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
12:18:29.0535 0696 storflt - ok
12:18:29.0582 0696 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
12:18:29.0582 0696 storvsc - ok
12:18:29.0613 0696 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
12:18:29.0613 0696 swenum - ok
12:18:29.0660 0696 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
12:18:29.0675 0696 swprv - ok
12:18:29.0675 0696 Synth3dVsc - ok
12:18:29.0722 0696 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
12:18:29.0753 0696 SysMain - ok
12:18:29.0769 0696 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:18:29.0769 0696 TabletInputService - ok
12:18:29.0816 0696 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
12:18:29.0816 0696 TapiSrv - ok
12:18:29.0831 0696 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
12:18:29.0831 0696 TBS - ok
12:18:29.0878 0696 [ CA59F7C570AF70BC174F477CFE2D9EE3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:18:29.0894 0696 Tcpip - ok
12:18:29.0940 0696 [ CA59F7C570AF70BC174F477CFE2D9EE3 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:18:29.0940 0696 TCPIP6 - ok
12:18:29.0987 0696 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:18:29.0987 0696 tcpipreg - ok
12:18:30.0018 0696 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:18:30.0018 0696 TDPIPE - ok
12:18:30.0050 0696 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:18:30.0050 0696 TDTCP - ok
12:18:30.0081 0696 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:18:30.0081 0696 tdx - ok
12:18:30.0112 0696 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
12:18:30.0112 0696 TermDD - ok
12:18:30.0143 0696 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
12:18:30.0159 0696 TermService - ok
12:18:30.0206 0696 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
12:18:30.0206 0696 Themes - ok
12:18:30.0221 0696 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
12:18:30.0221 0696 THREADORDER - ok
12:18:30.0252 0696 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
12:18:30.0252 0696 TrkWks - ok
12:18:30.0315 0696 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:18:30.0315 0696 TrustedInstaller - ok
12:18:30.0362 0696 [ B37B08F2E5EEB1A37E448E09BACE1101 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:18:30.0362 0696 tssecsrv - ok
12:18:30.0393 0696 [ C6A5FBD4977305E1FA23E02C042DB463 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:18:30.0408 0696 TsUsbFlt - ok
12:18:30.0408 0696 tsusbhub - ok
12:18:30.0471 0696 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:18:30.0471 0696 tunnel - ok
12:18:30.0502 0696 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
12:18:30.0502 0696 uagp35 - ok
12:18:30.0518 0696 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:18:30.0518 0696 udfs - ok
12:18:30.0549 0696 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:18:30.0549 0696 UI0Detect - ok
12:18:30.0580 0696 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:18:30.0580 0696 uliagpkx - ok
12:18:30.0627 0696 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:18:30.0627 0696 umbus - ok
12:18:30.0627 0696 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:18:30.0642 0696 UmPass - ok
12:18:30.0689 0696 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
12:18:30.0689 0696 UmRdpService - ok
12:18:30.0736 0696 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
12:18:30.0752 0696 upnphost - ok
12:18:30.0783 0696 [ 0803FBA9FE829D61AE26EC0BCC910C46 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:18:30.0783 0696 usbccgp - ok
12:18:30.0830 0696 [ 2352AB5F9F8F097BF9D41D5A4718A041 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:18:30.0830 0696 usbcir - ok

prochy7b · Příspěvekod **prochy7b** » 01 úno 2014 12:54

12:18:30.0845 0696 [ D40855F89B69305140BBD7E9A3BA2DA6 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:18:30.0845 0696 usbehci - ok
12:18:30.0876 0696 [ EDF2DF71C4F1E13A6AC75F5224DE655A ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:18:30.0876 0696 usbhub - ok
12:18:30.0908 0696 [ 9828C8D14CC2676421778F0DE638CF97 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
12:18:30.0908 0696 usbohci - ok
12:18:30.0939 0696 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:18:30.0939 0696 usbprint - ok
12:18:30.0970 0696 [ FC6B21DB4B5B398AB93DBE59CBF11036 ] usbscan C:\Windows\system32\drivers\usbscan.sys
12:18:30.0986 0696 usbscan - ok
12:18:31.0017 0696 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:18:31.0017 0696 USBSTOR - ok
12:18:31.0032 0696 [ 800AABFD625EEFF899F7E5496BDE37AB ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:18:31.0032 0696 usbuhci - ok
12:18:31.0064 0696 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
12:18:31.0064 0696 UxSms - ok
12:18:31.0079 0696 [ 803B370865D907EA21DC0C2B6A8936B5 ] VaultSvc C:\Windows\system32\lsass.exe
12:18:31.0079 0696 VaultSvc - ok
12:18:31.0126 0696 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:18:31.0126 0696 vdrvroot - ok
12:18:31.0157 0696 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
12:18:31.0157 0696 vds - ok
12:18:31.0173 0696 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:18:31.0188 0696 vga - ok
12:18:31.0204 0696 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:18:31.0204 0696 VgaSave - ok
12:18:31.0204 0696 VGPU - ok
12:18:31.0235 0696 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:18:31.0235 0696 vhdmp - ok
12:18:31.0266 0696 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
12:18:31.0266 0696 viaagp - ok
12:18:31.0282 0696 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
12:18:31.0282 0696 ViaC7 - ok
12:18:31.0313 0696 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
12:18:31.0313 0696 viaide - ok
12:18:31.0344 0696 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
12:18:31.0344 0696 vmbus - ok
12:18:31.0360 0696 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
12:18:31.0360 0696 VMBusHID - ok
12:18:31.0407 0696 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:18:31.0407 0696 volmgr - ok
12:18:31.0422 0696 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:18:31.0438 0696 volmgrx - ok
12:18:31.0454 0696 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:18:31.0469 0696 volsnap - ok
12:18:31.0500 0696 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:18:31.0500 0696 vsmraid - ok
12:18:31.0547 0696 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
12:18:31.0563 0696 VSS - ok
12:18:31.0578 0696 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
12:18:31.0578 0696 vwifibus - ok
12:18:31.0610 0696 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
12:18:31.0625 0696 W32Time - ok
12:18:31.0641 0696 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:18:31.0641 0696 WacomPen - ok
12:18:31.0688 0696 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:18:31.0688 0696 WANARP - ok
12:18:31.0688 0696 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:18:31.0688 0696 Wanarpv6 - ok
12:18:31.0797 0696 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:18:31.0797 0696 WatAdminSvc - ok
12:18:31.0859 0696 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
12:18:31.0859 0696 wbengine - ok
12:18:31.0875 0696 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:18:31.0890 0696 WbioSrvc - ok
12:18:31.0937 0696 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:18:31.0953 0696 wcncsvc - ok
12:18:31.0968 0696 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:18:31.0968 0696 WcsPlugInService - ok
12:18:32.0015 0696 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:18:32.0015 0696 Wd - ok
12:18:32.0062 0696 [ 25944D2CC49E0A6C581D02A74B7D6645 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:18:32.0062 0696 Wdf01000 - ok
12:18:32.0078 0696 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:18:32.0093 0696 WdiServiceHost - ok
12:18:32.0093 0696 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:18:32.0093 0696 WdiSystemHost - ok
12:18:32.0124 0696 [ 75E8EBD7040CE238684333F97014762A ] WebClient C:\Windows\System32\webclnt.dll
12:18:32.0140 0696 WebClient - ok
12:18:32.0171 0696 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:18:32.0171 0696 Wecsvc - ok
12:18:32.0187 0696 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:18:32.0187 0696 wercplsupport - ok
12:18:32.0218 0696 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
12:18:32.0218 0696 WerSvc - ok
12:18:32.0249 0696 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:18:32.0249 0696 WfpLwf - ok
12:18:32.0280 0696 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:18:32.0280 0696 WIMMount - ok
12:18:32.0358 0696 [ 082CF481F659FAE0DE51AD060881EB47 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
12:18:32.0390 0696 WinDefend - ok
12:18:32.0405 0696 WinHttpAutoProxySvc - ok
12:18:32.0483 0696 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:18:32.0483 0696 Winmgmt - ok
12:18:32.0561 0696 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
12:18:32.0592 0696 WinRM - ok
12:18:32.0655 0696 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:18:32.0655 0696 WinUsb - ok
12:18:32.0702 0696 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:18:32.0733 0696 Wlansvc - ok
12:18:32.0795 0696 [ 5E7C103F8475C4289847D15E129C20F7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:18:32.0811 0696 wlidsvc - ok
12:18:32.0842 0696 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:18:32.0842 0696 WmiAcpi - ok
12:18:32.0873 0696 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:18:32.0873 0696 wmiApSrv - ok
12:18:32.0967 0696 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
12:18:32.0982 0696 WMPNetworkSvc - ok
12:18:32.0998 0696 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:18:32.0998 0696 WPCSvc - ok
12:18:33.0045 0696 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:18:33.0045 0696 WPDBusEnum - ok
12:18:33.0092 0696 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:18:33.0092 0696 ws2ifsl - ok
12:18:33.0107 0696 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
12:18:33.0107 0696 wscsvc - ok
12:18:33.0107 0696 WSearch - ok
12:18:33.0170 0696 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
12:18:33.0201 0696 wuauserv - ok
12:18:33.0232 0696 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:18:33.0232 0696 WudfPf - ok
12:18:33.0263 0696 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:18:33.0263 0696 WUDFRd - ok
12:18:33.0310 0696 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:18:33.0326 0696 wudfsvc - ok
12:18:33.0357 0696 [ 3C5E51C05BE9B56EAFF4E388C3AB25E4 ] WwanSvc C:\Windows\System32\wwansvc.dll
12:18:33.0372 0696 WwanSvc - ok
12:18:33.0404 0696 XDva401 - ok
12:18:33.0404 0696 XDva403 - ok
12:18:33.0435 0696 XDva405 - ok
12:18:33.0450 0696 ================ Scan global ===============================
12:18:33.0482 0696 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
12:18:33.0513 0696 [ 51BB04243DF6196C06E125898127E397 ] C:\Windows\system32\winsrv.dll
12:18:33.0544 0696 [ 51BB04243DF6196C06E125898127E397 ] C:\Windows\system32\winsrv.dll
12:18:33.0591 0696 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
12:18:33.0638 0696 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
12:18:33.0653 0696 [Global] - ok
12:18:33.0653 0696 ================ Scan MBR ==================================
12:18:33.0669 0696 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:18:34.0262 0696 \Device\Harddisk0\DR0 - ok
12:18:34.0262 0696 ================ Scan VBR ==================================
12:18:34.0262 0696 [ 08A729A2235EA9BD6D2D9F703D0F55FE ] \Device\Harddisk0\DR0\Partition1
12:18:34.0262 0696 \Device\Harddisk0\DR0\Partition1 - ok
12:18:34.0277 0696 [ B5C1692D1EC97C8041400EF9510B734B ] \Device\Harddisk0\DR0\Partition2
12:18:34.0277 0696 \Device\Harddisk0\DR0\Partition2 - ok
12:18:34.0277 0696 ============================================================
12:18:34.0277 0696 Scan finished
12:18:34.0277 0696 ============================================================
12:18:34.0293 2728 Detected object count: 0
12:18:34.0293 2728 Actual detected object count: 0
12:18:49.0830 2364 Deinitialize success

prochy7b · Příspěvekod **prochy7b** » 01 úno 2014 12:55

ComboFix 14-02-01.01 - bolid 01.02.2014 12:31:43.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1033.18.3327.2398 [GMT 1:00]
Spuštěný z: c:\users\bolid\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
c:\games\WORLD_~2\WOTTwe~1.exe
c:\users\bolid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\taskmgr.exe
c:\windows\system32\frapsvid.dll
c:\windows\unin0405.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-01-01 do 2014-02-01 )))))))))))))))))))))))))))))))
.
.
2014-02-01 11:38 . 2014-02-01 11:38 -------- d-----w- c:\users\bolid\AppData\Local\temp
2014-02-01 11:38 . 2014-02-01 11:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-02-01 11:26 . 2014-02-01 11:26 40392 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C1E044A4-A7CA-4841-B623-6DE6471516C6}\MpKsl55b80106.sys
2014-02-01 08:35 . 2013-12-04 02:57 7760024 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C1E044A4-A7CA-4841-B623-6DE6471516C6}\mpengine.dll
2014-01-31 10:03 . 2014-01-31 10:03 -------- d-----w- c:\windows\ERUNT
2014-01-31 08:45 . 2014-01-31 08:45 -------- d-----w- c:\users\bolid\AppData\Roaming\Malwarebytes
2014-01-31 08:45 . 2014-01-31 08:45 -------- d-----w- c:\programdata\Malwarebytes
2014-01-31 08:45 . 2014-01-31 08:45 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2014-01-31 08:45 . 2013-04-04 13:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-01-31 08:25 . 2014-01-31 09:50 -------- d-----w- C:\AdwCleaner
2014-01-31 08:07 . 2013-12-04 02:57 7760024 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-01-30 13:41 . 2014-01-30 13:41 388096 ----a-r- c:\users\bolid\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2014-01-30 13:41 . 2014-01-30 13:41 -------- d-----w- c:\program files\Trend Micro
2014-01-30 06:39 . 2013-11-27 00:20 235216 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2014-01-30 06:39 . 2013-11-26 09:23 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-01-30 06:39 . 2013-11-26 06:41 251392 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2014-01-30 06:32 . 2013-11-26 11:11 240576 ----a-w- c:\windows\system32\drivers\netio.sys
2014-01-30 06:31 . 2013-11-27 01:13 43520 ----a-w- c:\windows\system32\drivers\usbehci.sys
2014-01-30 06:31 . 2013-11-26 10:10 2349056 ----a-w- c:\windows\system32\win32k.sys
2014-01-30 06:31 . 2013-11-27 01:14 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2014-01-30 06:31 . 2013-11-27 01:13 284672 ----a-w- c:\windows\system32\drivers\usbport.sys
2014-01-30 06:31 . 2013-11-27 01:13 76288 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-01-30 06:31 . 2013-11-27 01:13 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys
2014-01-30 06:31 . 2013-11-27 01:13 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2014-01-30 06:31 . 2013-11-27 01:13 6016 ----a-w- c:\windows\system32\drivers\usbd.sys
2014-01-23 19:02 . 2013-10-19 07:01 719224 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{09C13E99-223F-4916-A88E-692C838FD64D}\gapaengine.dll
2014-01-15 23:41 . 2014-01-15 23:41 -------- d-----w- c:\users\bolid\.android
2014-01-15 23:41 . 2014-01-15 23:41 -------- d-----w- c:\users\bolid\AppData\Local\cache
2014-01-15 23:41 . 2014-01-15 23:41 -------- d-----w- c:\users\bolid\AppData\Local\genienext
2014-01-15 23:41 . 2014-01-16 14:57 -------- d-----w- c:\users\bolid\AppData\Local\Mobogenie
2014-01-12 08:27 . 2014-01-12 08:27 -------- d-----w- c:\windows\Migration
2014-01-08 15:21 . 2014-01-08 15:22 -------- d-----w- c:\program files\Game Dev Tycoon
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-19 07:32 . 2013-05-17 20:21 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-01-15 22:23 . 2013-05-17 23:06 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-01-15 22:23 . 2013-05-17 23:06 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-12-22 16:09 . 2013-12-21 16:29 281152 ----a-w- c:\windows\system32\PnkBstrB.xtr
2013-12-22 16:06 . 2013-12-21 16:02 281152 ----a-w- c:\windows\system32\PnkBstrB.ex0
2013-12-21 16:02 . 2013-12-21 16:02 138904 ----a-w- c:\users\bolid\AppData\Roaming\PnkBstrK.sys
2013-11-29 16:56 . 2013-12-02 22:44 979744 ----a-w- c:\windows\system32\nvspcap.dll
2013-11-23 18:26 . 2013-12-12 09:06 417792 ----a-w- c:\windows\system32\WMPhoto.dll
2013-11-12 02:07 . 2013-12-12 09:06 2048 ----a-w- c:\windows\system32\tzres.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-09-05 17:46 222832 ----a-w- c:\users\bolid\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-09-05 17:46 222832 ----a-w- c:\users\bolid\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-09-05 17:46 222832 ----a-w- c:\users\bolid\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2013-04-22 720064]
"Adobe Reader Synchronizer"="c:\program files\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe" [2013-12-21 698760]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 948440]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"NvBackend"="c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-11-29 2273056]
"ShadowPlay"="c:\windows\system32\nvspcap.dll" [2013-11-29 979744]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2013-03-14 08:23 3672640 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-09-05 171680]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2011-05-13 30312]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2013-11-26 108032]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 104768]
R3 NisSrv;Kontrola sítě Microsoft;c:\program files\Microsoft Security Client\NisSrv.exe [2013-10-23 280288]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 98432]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 14848]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 123648]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-05-13 121064]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 12776]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 136808]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-05-13 114280]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt; [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files\NVIDIA Corporation\NetService\NvNetworkService.exe [2013-11-29 1370912]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-11-29 14657824]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-23 414496]
S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\DRIVERS\l160x86.sys [2009-10-13 49152]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad32v.sys [2013-10-30 34080]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - MPKSL55B80106
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-01-29 21:07 1211672 ----a-w- c:\program files\Google\Chrome\Application\32.0.1700.102\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-02-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-07 22:23]
.
2014-02-01 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS\AutoKMS.exe [2013-11-01 21:12]
.
2014-02-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-05-23 17:39]
.
2014-02-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-05-23 17:39]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-8461-7759-5462-8226 - c:\program files\Vuze\uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-4141045439-2583610481-2502348904-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Favorites\V*`]
@DACL="Unknown ACL Revision 0x04"
@SACL=(02 0001)
"Order"=hex:08,00,00,00,02,00,00,00,c8,03,00,00,01,00,00,00,03,00,00,00,b0,00,
00,00,00,00,00,00,a2,00,36,00,00,00,00,00,c8,42,b4,b6,20,00,46,00,61,00,72,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-02-01 12:39:37
ComboFix-quarantined-files.txt 2014-02-01 11:39
.
Před spuštěním: Volných bajtů: 10 843 901 952
Po spuštění: Volných bajtů: 10 754 572 288
.
- - End Of File - - 3C92962194DEB456018E47D731C4608E
A36C5E4F47E84449FF07ED3517B43A31

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Moc si cenim toho, co pro mne děláte, ale nevíte náhodou, jesti je to chyba v počítači, nebo nějaký druh viru?

iexplore.exe - problem

iexplore.exe - problem

Re: iexplore.exe - problem

Re: iexplore.exe - problem

Re: iexplore.exe - problem

Re: iexplore.exe - problem

Re: iexplore.exe - problem

Re: iexplore.exe - problem

Re: iexplore.exe - problem

Re: iexplore.exe - problem

Re: iexplore.exe - problem

Re: iexplore.exe - problem

Re: iexplore.exe - problem

Kdo je online