Kontrola PC Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Uživatelský avatar
kropovez
Level 4.5
Level 4.5
Příspěvky: 1540
Registrován: prosinec 10
Pohlaví: Muž
Stav:
Offline

Kontrola PC

Příspěvekod kropovez » 30 čer 2013 11:42

Ahoj,
prosím vás, asi před měsícem jsem měl v PC virus a odstraňoval jsem ho manuálně. Vždycky jsem vše řešil přeinstalací windows, ale teď se mě do toho moc nechce, tak jestli by jste se prosím nemohli na ten log mrknout, zda je vše v pořádku.
Díky

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:38:50, on 30.6.2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\loggingserver.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Users\Kropovez\AppData\Roaming\uTorrent\uTorrent.exe
D:\pape\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.youwillfind.info/?pid= ... g=EN&cc=CZ
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.youwillfind.info/?pid= ... g=EN&cc=CZ
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: continnuetosavve - {0F7B7218-53EA-205C-D344-7E43188E5E9E} - (no file)
O2 - BHO: SearchNewTab - {3A041D7E-6008-DCA7-41A9-079CB373C79E} - (no file)
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: BeraoywsE2save - {CC2BB506-B7B3-B1A0-0DFF-C4808555998F} - C:\ProgramData\BeraoywsE2save\5142103145678.dll
O3 - Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [GarenaPlus] "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: hemxccape.exe
O4 - Startup: jafpdndnn.exe
O4 - Startup: wtnwkloct.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.3.0\ViProtocol.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~2\browse~1\sprote~1.dll c:\progra~2\contin~1\sprote~1.dll c:\progra~2\websea~1\sprote~1.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater15.3.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9662 bytes
Já jsem já a ty jseš ty.
"Milan Hvězda"

Reklama
Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: Kontrola PC

Příspěvekod memphisto » 30 čer 2013 11:47

Jsou tam ještě zbytky

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji

Uživatelský avatar
kropovez
Level 4.5
Level 4.5
Příspěvky: 1540
Registrován: prosinec 10
Pohlaví: Muž
Stav:
Offline

Re: Kontrola PC

Příspěvekod kropovez » 30 čer 2013 12:08

Takže z Malwarebytes' Anti-Malware:

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
http://www.malwarebytes.org

Verze: v2013.06.30.02

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Kropovez :: KROPOVEZ-PC [administrátor]

Ochrana: Povolena

30.6.2013 11:58:14
MBAM-log-2013-06-30 (12-03-40).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 208326
Uplynulý čas: 2 minut, 59 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 4
HKCR\CLSID\{CC2BB506-B7B3-B1A0-0DFF-C4808555998F} (PUP.Adware.MultiPlug) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC2BB506-B7B3-B1A0-0DFF-C4808555998F} (PUP.Adware.MultiPlug) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{CC2BB506-B7B3-B1A0-0DFF-C4808555998F} (PUP.Adware.MultiPlug) -> Nebyla provedena žádná instrukce.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC2BB506-B7B3-B1A0-0DFF-C4808555998F} (PUP.Adware.MultiPlug) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
C:\ProgramData\BeraoywsE2save\5142103145678.dll (PUP.Adware.MultiPlug) -> Nebyla provedena žádná instrukce.

(konec)

AdwCleaner po klepnutí na prohledat hlásí chybu viz příloha.
chyba.jpg
Já jsem já a ty jseš ty.
"Milan Hvězda"

Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: Kontrola PC

Příspěvekod memphisto » 30 čer 2013 12:20

V Mbam všechno smaž a dodej log po mazání.

Ten adw zkus spustit jako správce případně smazat a zkusit stáhnout znovu
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji

Uživatelský avatar
kropovez
Level 4.5
Level 4.5
Příspěvky: 1540
Registrován: prosinec 10
Pohlaví: Muž
Stav:
Offline

Re: Kontrola PC

Příspěvekod kropovez » 30 čer 2013 12:41

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2013.06.30.02

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Kropovez :: KROPOVEZ-PC [administrátor]

Ochrana: Povolena

30.6.2013 12:36:13
mbam-log-2013-06-30 (12-36-13).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 207919
Uplynulý čas: 2 minut, 39 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

U ADW nic nepomáhá. Jinak teď se mi stalo že v klidu na ploše se PC rozhučel a v catalystech mi to psalo aktivitu grafiky na 91%, větrák hučel na 60% a teploty se pohybovaly jako při zátěži. S tím sem se nikdy nesetkal a musel sem se i zasmát, protože to nejpíš byl nějaký bug. Restart pomohl.
Já jsem já a ty jseš ty.
"Milan Hvězda"

Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: Kontrola PC

Příspěvekod memphisto » 30 čer 2013 12:50

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji

Uživatelský avatar
kropovez
Level 4.5
Level 4.5
Příspěvky: 1540
Registrován: prosinec 10
Pohlaví: Muž
Stav:
Offline

Re: Kontrola PC

Příspěvekod kropovez » 30 čer 2013 13:19

12:59:57.0119 3956 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
12:59:57.0382 3956 ============================================================
12:59:57.0382 3956 Current date / time: 2013/06/30 12:59:57.0382
12:59:57.0382 3956 SystemInfo:
12:59:57.0382 3956
12:59:57.0382 3956 OS Version: 6.1.7600 ServicePack: 0.0
12:59:57.0382 3956 Product type: Workstation
12:59:57.0382 3956 ComputerName: KROPOVEZ-PC
12:59:57.0382 3956 UserName: Kropovez
12:59:57.0382 3956 Windows directory: C:\Windows
12:59:57.0382 3956 System windows directory: C:\Windows
12:59:57.0382 3956 Running under WOW64
12:59:57.0382 3956 Processor architecture: Intel x64
12:59:57.0382 3956 Number of processors: 8
12:59:57.0382 3956 Page size: 0x1000
12:59:57.0382 3956 Boot type: Normal boot
12:59:57.0382 3956 ============================================================
12:59:58.0104 3956 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C100DE00 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3F161, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
12:59:58.0117 3956 ============================================================
12:59:58.0117 3956 \Device\Harddisk0\DR0:
12:59:58.0117 3956 MBR partitions:
12:59:58.0117 3956 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:59:58.0117 3956 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xD6A6000
12:59:58.0117 3956 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xD6D8800, BlocksNum 0xDB72F000
12:59:58.0117 3956 ============================================================
12:59:58.0172 3956 C: <-> \Device\Harddisk0\DR0\Partition2
12:59:58.0207 3956 D: <-> \Device\Harddisk0\DR0\Partition3
12:59:58.0207 3956 ============================================================
12:59:58.0207 3956 Initialize success
12:59:58.0207 3956 ============================================================
13:00:06.0620 0836 ============================================================
13:00:06.0620 0836 Scan started
13:00:06.0620 0836 Mode: Manual;
13:00:06.0620 0836 ============================================================
13:00:07.0243 0836 ================ Scan system memory ========================
13:00:07.0243 0836 System memory - ok
13:00:07.0243 0836 ================ Scan services =============================
13:00:09.0020 0836 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
13:00:09.0043 0836 1394ohci - ok
13:00:09.0059 0836 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
13:00:09.0062 0836 ACPI - ok
13:00:09.0074 0836 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
13:00:09.0118 0836 AcpiPmi - ok
13:00:09.0232 0836 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:00:09.0233 0836 AdobeARMservice - ok
13:00:09.0342 0836 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:00:09.0345 0836 AdobeFlashPlayerUpdateSvc - ok
13:00:09.0377 0836 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
13:00:09.0383 0836 adp94xx - ok
13:00:09.0391 0836 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
13:00:09.0394 0836 adpahci - ok
13:00:09.0404 0836 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
13:00:09.0406 0836 adpu320 - ok
13:00:09.0425 0836 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:00:09.0427 0836 AeLookupSvc - ok
13:00:09.0450 0836 [ B9384E03479D2506BC924C16A3DB87BC ] AFD C:\Windows\system32\drivers\afd.sys
13:00:09.0455 0836 AFD - ok
13:00:09.0470 0836 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
13:00:09.0472 0836 agp440 - ok
13:00:09.0487 0836 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
13:00:09.0489 0836 ALG - ok
13:00:09.0505 0836 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
13:00:09.0506 0836 aliide - ok
13:00:09.0540 0836 [ 310F86335B0505DDC6D2DD48E66EF06B ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:00:09.0542 0836 AMD External Events Utility - ok
13:00:09.0553 0836 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
13:00:09.0555 0836 amdide - ok
13:00:09.0563 0836 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
13:00:09.0590 0836 AmdK8 - ok
13:00:09.0736 0836 [ 79CC9BE187E3144E1B58A54B842475E7 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
13:00:09.0959 0836 amdkmdag - ok
13:00:09.0978 0836 [ 07561D3B7FD99F6E186C49C2D0628E38 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
13:00:10.0000 0836 amdkmdap - ok
13:00:10.0003 0836 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
13:00:10.0041 0836 AmdPPM - ok
13:00:10.0082 0836 [ 7A4B413614C055935567CF88A9734D38 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
13:00:10.0084 0836 amdsata - ok
13:00:10.0098 0836 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
13:00:10.0100 0836 amdsbs - ok
13:00:10.0118 0836 [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
13:00:10.0120 0836 amdxata - ok
13:00:10.0140 0836 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
13:00:10.0148 0836 AppID - ok
13:00:10.0163 0836 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:00:10.0165 0836 AppIDSvc - ok
13:00:10.0197 0836 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
13:00:10.0199 0836 Appinfo - ok
13:00:10.0257 0836 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
13:00:10.0259 0836 AppMgmt - ok
13:00:10.0278 0836 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
13:00:10.0279 0836 arc - ok
13:00:10.0290 0836 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
13:00:10.0292 0836 arcsas - ok
13:00:10.0399 0836 [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:00:10.0401 0836 aspnet_state - ok
13:00:10.0422 0836 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:00:10.0423 0836 AsyncMac - ok
13:00:10.0429 0836 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
13:00:10.0429 0836 atapi - ok
13:00:10.0458 0836 [ ED3A041014FBBFDC23D6C04F9C7A5D79 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
13:00:10.0486 0836 AtiHDAudioService - ok
13:00:10.0625 0836 [ 79CC9BE187E3144E1B58A54B842475E7 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
13:00:10.0667 0836 atikmdag - ok
13:00:10.0685 0836 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:00:10.0691 0836 AudioEndpointBuilder - ok
13:00:10.0698 0836 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:00:10.0700 0836 AudioSrv - ok
13:00:10.0970 0836 [ 50185186719134FA8F307D269106A51C ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
13:00:11.0031 0836 AVGIDSAgent - ok
13:00:11.0074 0836 [ 139BD30C32BEE830D0CF39C5324D79DE ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
13:00:11.0094 0836 AVGIDSDriver - ok
13:00:11.0112 0836 [ 2940FACB6EF92BD1936E4A1E2502468E ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
13:00:11.0115 0836 AVGIDSHA - ok
13:00:11.0138 0836 [ 54B66C4AEEC6C4F742F3569EBA03EBB8 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
13:00:11.0141 0836 Avgldx64 - ok
13:00:11.0191 0836 [ 13667B5D6310228A9FEF2BA5FCD9081F ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
13:00:11.0194 0836 Avgloga - ok
13:00:11.0207 0836 [ BE82F9A1F2CCF4CE746D0C645D94079E ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
13:00:11.0208 0836 Avgmfx64 - ok
13:00:11.0231 0836 [ 5D11620DEF66F9DC9468FEE385A8429B ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
13:00:11.0233 0836 Avgrkx64 - ok
13:00:11.0246 0836 [ 69BD90E337625F96C718CACE7A9C9E29 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
13:00:11.0301 0836 Avgtdia - ok
13:00:11.0316 0836 [ 34E9A86B0EF71BA72B58D72215EBFABC ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
13:00:11.0318 0836 avgtp - ok
13:00:11.0347 0836 [ 3A0977CB68AF13E2579E47EB8984056B ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
13:00:11.0350 0836 avgwd - ok
13:00:11.0377 0836 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:00:11.0379 0836 AxInstSV - ok
13:00:11.0414 0836 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
13:00:11.0439 0836 b06bdrv - ok
13:00:11.0479 0836 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:00:11.0521 0836 b57nd60a - ok
13:00:11.0544 0836 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
13:00:11.0547 0836 BDESVC - ok
13:00:11.0555 0836 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
13:00:11.0585 0836 Beep - ok
13:00:11.0633 0836 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
13:00:11.0639 0836 BFE - ok
13:00:11.0666 0836 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
13:00:11.0674 0836 BITS - ok
13:00:11.0702 0836 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:00:11.0738 0836 blbdrive - ok
13:00:11.0769 0836 [ 91CE0D3DC57DD377E690A2D324022B08 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:00:11.0772 0836 bowser - ok
13:00:11.0774 0836 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:00:11.0790 0836 BrFiltLo - ok
13:00:11.0792 0836 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:00:11.0808 0836 BrFiltUp - ok
13:00:11.0892 0836 [ 94FBC06F294D58D02361918418F996E3 ] Browser C:\Windows\System32\browser.dll
13:00:11.0910 0836 Browser - ok
13:00:11.0921 0836 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:00:12.0138 0836 Brserid - ok
13:00:12.0141 0836 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:00:12.0178 0836 BrSerWdm - ok
13:00:12.0180 0836 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:00:12.0227 0836 BrUsbMdm - ok
13:00:12.0254 0836 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:00:12.0275 0836 BrUsbSer - ok
13:00:12.0278 0836 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
13:00:12.0293 0836 BTHMODEM - ok
13:00:12.0318 0836 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
13:00:12.0328 0836 bthserv - ok
13:00:12.0345 0836 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:00:12.0347 0836 cdfs - ok
13:00:12.0362 0836 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:00:12.0363 0836 cdrom - ok
13:00:12.0417 0836 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
13:00:12.0419 0836 CertPropSvc - ok
13:00:12.0428 0836 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
13:00:12.0436 0836 circlass - ok
13:00:12.0457 0836 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
13:00:12.0461 0836 CLFS - ok
13:00:12.0624 0836 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:00:12.0626 0836 clr_optimization_v2.0.50727_32 - ok
13:00:12.0782 0836 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:00:12.0784 0836 clr_optimization_v2.0.50727_64 - ok
13:00:12.0848 0836 [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:00:12.0849 0836 clr_optimization_v4.0.30319_32 - ok
13:00:12.0856 0836 [ 86329C35FF23CFEF0FB6C0023BA06BCE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:00:12.0857 0836 clr_optimization_v4.0.30319_64 - ok
13:00:12.0859 0836 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:00:12.0882 0836 CmBatt - ok
13:00:12.0897 0836 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
13:00:12.0899 0836 cmdide - ok
13:00:12.0958 0836 [ 2835BF2A864CDE9184C80CF4E6A485F9 ] cmuda3 C:\Windows\system32\drivers\cmudax3.sys
13:00:13.0019 0836 cmuda3 - ok
13:00:13.0068 0836 [ F95FD4CB7DA00BA2A63CE9F6B5C053E1 ] CNG C:\Windows\system32\Drivers\cng.sys
13:00:13.0072 0836 CNG - ok
13:00:13.0081 0836 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:00:13.0082 0836 Compbatt - ok
13:00:13.0102 0836 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
13:00:13.0124 0836 CompositeBus - ok
13:00:13.0139 0836 COMSysApp - ok
13:00:13.0146 0836 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
13:00:13.0147 0836 crcdisk - ok
13:00:13.0170 0836 [ 8C57411B66282C01533CB776F98AD384 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:00:13.0172 0836 CryptSvc - ok
13:00:13.0192 0836 [ 4A6173C2279B498CD8F57CAE504564CB ] CSC C:\Windows\system32\drivers\csc.sys
13:00:13.0212 0836 CSC - ok
13:00:13.0233 0836 [ 873FBF927C06E5CEE04DEC617502F8FD ] CscService C:\Windows\System32\cscsvc.dll
13:00:13.0239 0836 CscService - ok
13:00:13.0276 0836 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:00:13.0280 0836 DcomLaunch - ok
13:00:13.0297 0836 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
13:00:13.0301 0836 defragsvc - ok
13:00:13.0306 0836 [ 3F1DC527070ACB87E40AFE46EF6DA749 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:00:13.0307 0836 DfsC - ok
13:00:13.0327 0836 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
13:00:13.0331 0836 Dhcp - ok
13:00:13.0340 0836 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
13:00:13.0342 0836 discache - ok
13:00:13.0364 0836 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
13:00:13.0366 0836 Disk - ok
13:00:13.0375 0836 [ 676108C4E3AA6F6B34633748BD0BEBD9 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:00:13.0377 0836 Dnscache - ok
13:00:13.0394 0836 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
13:00:13.0397 0836 dot3svc - ok
13:00:13.0404 0836 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
13:00:13.0406 0836 DPS - ok
13:00:13.0433 0836 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:00:13.0463 0836 drmkaud - ok
13:00:13.0513 0836 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
13:00:13.0514 0836 dtsoftbus01 - ok
13:00:13.0537 0836 [ 7CB7D2B73813CE05C7BC0F5F95D27CEC ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:00:13.0571 0836 DXGKrnl - ok
13:00:13.0584 0836 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
13:00:13.0586 0836 EapHost - ok
13:00:13.0637 0836 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
13:00:13.0728 0836 ebdrv - ok
13:00:13.0750 0836 [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS C:\Windows\System32\lsass.exe
13:00:13.0753 0836 EFS - ok
13:00:13.0839 0836 [ B91D81B3B54A54CCAFC03733DBC2E29E ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:00:13.0845 0836 ehRecvr - ok
13:00:13.0860 0836 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
13:00:13.0862 0836 ehSched - ok
13:00:13.0883 0836 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
13:00:13.0889 0836 elxstor - ok
13:00:13.0902 0836 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
13:00:13.0924 0836 ErrDev - ok
13:00:13.0941 0836 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
13:00:13.0944 0836 EventSystem - ok
13:00:13.0970 0836 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
13:00:13.0992 0836 exfat - ok
13:00:14.0082 0836 FairplayKD - ok
13:00:14.0097 0836 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:00:14.0100 0836 fastfat - ok
13:00:14.0129 0836 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
13:00:14.0136 0836 Fax - ok
13:00:14.0139 0836 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:00:14.0169 0836 fdc - ok
13:00:14.0185 0836 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
13:00:14.0186 0836 fdPHost - ok
13:00:14.0190 0836 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
13:00:14.0191 0836 FDResPub - ok
13:00:14.0211 0836 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:00:14.0213 0836 FileInfo - ok
13:00:14.0226 0836 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:00:14.0228 0836 Filetrace - ok
13:00:14.0231 0836 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:00:14.0245 0836 flpydisk - ok
13:00:14.0257 0836 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:00:14.0260 0836 FltMgr - ok
13:00:14.0277 0836 [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A ] FontCache C:\Windows\system32\FntCache.dll
13:00:14.0298 0836 FontCache - ok
13:00:14.0349 0836 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:00:14.0351 0836 FontCache3.0.0.0 - ok
13:00:14.0365 0836 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:00:14.0367 0836 FsDepends - ok
13:00:14.0374 0836 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:00:14.0376 0836 Fs_Rec - ok
13:00:14.0391 0836 [ B8B2A6E1558F8F5DE5CE431C5B2C7B09 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:00:14.0394 0836 fvevol - ok
13:00:14.0401 0836 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
13:00:14.0403 0836 gagp30kx - ok
13:00:14.0486 0836 GGSAFERDriver - ok
13:00:14.0506 0836 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
13:00:14.0514 0836 gpsvc - ok
13:00:14.0517 0836 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:00:14.0533 0836 hcw85cir - ok
13:00:14.0568 0836 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:00:14.0587 0836 HdAudAddService - ok
13:00:14.0611 0836 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
13:00:14.0618 0836 HDAudBus - ok
13:00:14.0636 0836 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
13:00:14.0663 0836 HidBatt - ok
13:00:14.0679 0836 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
13:00:14.0716 0836 HidBth - ok
13:00:14.0731 0836 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
13:00:14.0760 0836 HidIr - ok
13:00:14.0771 0836 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
13:00:14.0773 0836 hidserv - ok
13:00:14.0792 0836 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:00:14.0830 0836 HidUsb - ok
13:00:14.0842 0836 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:00:14.0844 0836 hkmsvc - ok
13:00:14.0876 0836 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:00:14.0879 0836 HomeGroupListener - ok
13:00:14.0888 0836 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:00:14.0890 0836 HomeGroupProvider - ok
13:00:14.0905 0836 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
13:00:14.0907 0836 HpSAMD - ok
13:00:14.0987 0836 [ D4F91CF4DE215D6F14A06087D46725E4 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
13:00:14.0991 0836 HPSLPSVC - ok
13:00:15.0043 0836 [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
13:00:15.0064 0836 HTCAND64 - ok
13:00:15.0081 0836 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
13:00:15.0082 0836 htcnprot - ok
13:00:15.0107 0836 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:00:15.0114 0836 HTTP - ok
13:00:15.0128 0836 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:00:15.0130 0836 hwpolicy - ok
13:00:15.0140 0836 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
13:00:15.0176 0836 i8042prt - ok
13:00:15.0192 0836 [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
13:00:15.0197 0836 iaStorV - ok
13:00:15.0251 0836 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:00:15.0259 0836 idsvc - ok
13:00:15.0276 0836 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
13:00:15.0278 0836 iirsp - ok
13:00:15.0303 0836 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
13:00:15.0311 0836 IKEEXT - ok
13:00:15.0430 0836 [ C6128F2E3DC6156C6F8828F9F1B96010 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
13:00:15.0437 0836 Intel(R) Capability Licensing Service Interface - ok
13:00:15.0487 0836 [ 729AB4F0608E95EFF8FDEF23596283E2 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
13:00:15.0495 0836 Intel(R) Capability Licensing Service TCP IP Interface - ok
13:00:15.0509 0836 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
13:00:15.0511 0836 intelide - ok
13:00:15.0527 0836 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:00:15.0528 0836 intelppm - ok
13:00:15.0535 0836 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:00:15.0538 0836 IPBusEnum - ok
13:00:15.0544 0836 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:00:15.0564 0836 IpFilterDriver - ok
13:00:15.0585 0836 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:00:15.0590 0836 iphlpsvc - ok
13:00:15.0597 0836 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
13:00:15.0622 0836 IPMIDRV - ok
13:00:15.0631 0836 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:00:15.0658 0836 IPNAT - ok
13:00:15.0673 0836 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:00:15.0674 0836 IRENUM - ok
13:00:15.0685 0836 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
13:00:15.0687 0836 isapnp - ok
13:00:15.0702 0836 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
13:00:15.0705 0836 iScsiPrt - ok
13:00:15.0774 0836 [ 924019BC58FEDDE04A08C45EC1CF1847 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
13:00:15.0775 0836 jhi_service - ok
13:00:15.0784 0836 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:00:15.0786 0836 kbdclass - ok
13:00:15.0808 0836 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:00:15.0828 0836 kbdhid - ok
13:00:15.0851 0836 [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso C:\Windows\system32\lsass.exe
13:00:15.0852 0836 KeyIso - ok
13:00:15.0860 0836 [ E8B6FCC9C83535C67F835D407620BD27 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:00:15.0862 0836 KSecDD - ok
13:00:15.0874 0836 [ BBE1BF6D9B661C354D4857D5FADB943B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:00:15.0877 0836 KSecPkg - ok
13:00:15.0879 0836 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:00:15.0885 0836 ksthunk - ok
13:00:15.0905 0836 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
13:00:15.0941 0836 KtmRm - ok
13:00:15.0980 0836 [ A43A9920D2409BB9DA747D2FD20A2E61 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
13:00:15.0983 0836 L1C - ok
13:00:16.0007 0836 [ C926920B8978DE6ACFE9E15C709E9B57 ] LanmanServer C:\Windows\system32\srvsvc.dll
13:00:16.0010 0836 LanmanServer - ok
13:00:16.0040 0836 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:00:16.0043 0836 LanmanWorkstation - ok
13:00:16.0083 0836 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:00:16.0085 0836 lltdio - ok
13:00:16.0119 0836 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:00:16.0147 0836 lltdsvc - ok
13:00:16.0164 0836 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:00:16.0166 0836 lmhosts - ok
13:00:16.0215 0836 [ DF9ADD70659EA4F2A17075524E043FD8 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
13:00:16.0217 0836 LMS - ok
13:00:16.0261 0836 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
13:00:16.0264 0836 LSI_FC - ok
13:00:16.0293 0836 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
13:00:16.0296 0836 LSI_SAS - ok
13:00:16.0326 0836 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:00:16.0328 0836 LSI_SAS2 - ok
13:00:16.0351 0836 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:00:16.0353 0836 LSI_SCSI - ok
13:00:16.0369 0836 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
13:00:16.0371 0836 luafv - ok
13:00:16.0412 0836 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
13:00:16.0414 0836 MBAMProtector - ok
13:00:16.0465 0836 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
13:00:16.0469 0836 MBAMScheduler - ok
13:00:16.0509 0836 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
13:00:16.0516 0836 MBAMService - ok
13:00:16.0528 0836 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:00:16.0558 0836 Mcx2Svc - ok
13:00:16.0573 0836 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
13:00:16.0575 0836 megasas - ok
13:00:16.0601 0836 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
13:00:16.0605 0836 MegaSR - ok
13:00:16.0624 0836 [ 2BB3EAE2EA641515D4B205CAB29E1624 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
13:00:16.0626 0836 MEIx64 - ok
13:00:16.0636 0836 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
13:00:16.0638 0836 MMCSS - ok
13:00:16.0652 0836 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
13:00:16.0672 0836 Modem - ok
13:00:16.0691 0836 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:00:16.0692 0836 monitor - ok
13:00:16.0706 0836 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:00:16.0708 0836 mouclass - ok
13:00:16.0723 0836 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:00:16.0743 0836 mouhid - ok
13:00:16.0773 0836 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:00:16.0775 0836 mountmgr - ok
13:00:16.0832 0836 [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:00:16.0834 0836 MozillaMaintenance - ok
13:00:16.0848 0836 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
13:00:16.0850 0836 mpio - ok
13:00:16.0863 0836 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:00:16.0865 0836 mpsdrv - ok
13:00:16.0880 0836 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:00:16.0889 0836 MpsSvc - ok
13:00:16.0902 0836 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:00:16.0911 0836 MRxDAV - ok
13:00:16.0926 0836 [ CFDCD8CA87C2A657DEBC150AC35B5E08 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:00:16.0929 0836 mrxsmb - ok
13:00:16.0944 0836 [ 1BEE517B220B7F024F411AEC1571DD5A ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:00:16.0947 0836 mrxsmb10 - ok
13:00:16.0952 0836 [ 6B2D5FEF385828B6E485C1C90AFB8195 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:00:16.0954 0836 mrxsmb20 - ok
13:00:16.0964 0836 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
13:00:16.0966 0836 msahci - ok
13:00:16.0981 0836 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
13:00:16.0983 0836 msdsm - ok
13:00:16.0989 0836 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
13:00:17.0038 0836 MSDTC - ok
13:00:17.0052 0836 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:00:17.0054 0836 Msfs - ok
13:00:17.0069 0836 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:00:17.0071 0836 mshidkmdf - ok
13:00:17.0076 0836 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
13:00:17.0077 0836 msisadrv - ok
13:00:17.0098 0836 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:00:17.0132 0836 MSiSCSI - ok
13:00:17.0134 0836 msiserver - ok
13:00:17.0175 0836 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:00:17.0185 0836 MSKSSRV - ok
13:00:17.0197 0836 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:00:17.0213 0836 MSPCLOCK - ok
13:00:17.0222 0836 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:00:17.0249 0836 MSPQM - ok
13:00:17.0261 0836 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:00:17.0265 0836 MsRPC - ok
13:00:17.0273 0836 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
13:00:17.0274 0836 mssmbios - ok
13:00:17.0361 0836 MSSQL$SQLEXPRESS - ok
13:00:17.0439 0836 [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
13:00:17.0441 0836 MSSQLServerADHelper100 - ok
13:00:17.0443 0836 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:00:17.0466 0836 MSTEE - ok
13:00:17.0475 0836 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
13:00:17.0502 0836 MTConfig - ok
13:00:17.0518 0836 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
13:00:17.0520 0836 Mup - ok
13:00:17.0538 0836 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
13:00:17.0543 0836 napagent - ok
13:00:17.0570 0836 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:00:17.0597 0836 NativeWifiP - ok
13:00:17.0634 0836 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
13:00:17.0642 0836 NDIS - ok
13:00:17.0659 0836 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:00:17.0680 0836 NdisCap - ok
13:00:17.0698 0836 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:00:17.0709 0836 NdisTapi - ok
13:00:17.0731 0836 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:00:17.0750 0836 Ndisuio - ok
13:00:17.0766 0836 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:00:17.0786 0836 NdisWan - ok
13:00:17.0802 0836 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:00:17.0830 0836 NDProxy - ok
13:00:17.0891 0836 [ DC6530A291D4BDF6DF399F1F128E7F8F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
13:00:17.0893 0836 Net Driver HPZ12 - ok
13:00:17.0917 0836 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:00:17.0920 0836 NetBIOS - ok
13:00:17.0933 0836 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:00:17.0936 0836 NetBT - ok
13:00:17.0952 0836 [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon C:\Windows\system32\lsass.exe
13:00:17.0952 0836 Netlogon - ok
13:00:17.0991 0836 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
13:00:17.0996 0836 Netman - ok
13:00:18.0010 0836 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:00:18.0012 0836 NetMsmqActivator - ok
13:00:18.0021 0836 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:00:18.0022 0836 NetPipeActivator - ok
13:00:18.0037 0836 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
13:00:18.0042 0836 netprofm - ok
13:00:18.0045 0836 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:00:18.0046 0836 NetTcpActivator - ok
13:00:18.0049 0836 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:00:18.0050 0836 NetTcpPortSharing - ok
13:00:18.0076 0836 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
13:00:18.0090 0836 nfrd960 - ok
13:00:18.0131 0836 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:00:18.0134 0836 NlaSvc - ok
13:00:18.0144 0836 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:00:18.0145 0836 Npfs - ok
13:00:18.0157 0836 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
13:00:18.0160 0836 nsi - ok
13:00:18.0168 0836 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:00:18.0170 0836 nsiproxy - ok
13:00:18.0197 0836 [ 356698A13C4630D5B31C37378D469196 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:00:18.0218 0836 Ntfs - ok
13:00:18.0228 0836 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
13:00:18.0240 0836 Null - ok
13:00:18.0252 0836 [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
13:00:18.0254 0836 nvraid - ok
13:00:18.0265 0836 [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
13:00:18.0268 0836 nvstor - ok
13:00:18.0282 0836 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
13:00:18.0285 0836 nv_agp - ok
13:00:18.0296 0836 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
13:00:18.0318 0836 ohci1394 - ok
13:00:18.0377 0836 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:00:18.0380 0836 ose64 - ok
13:00:18.0486 0836 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:00:18.0548 0836 osppsvc - ok
13:00:18.0569 0836 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:00:18.0573 0836 p2pimsvc - ok
13:00:18.0591 0836 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
13:00:18.0595 0836 p2psvc - ok
13:00:18.0602 0836 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
13:00:18.0636 0836 Parport - ok
13:00:18.0647 0836 [ 7DAA117143316C4A1537E074A5A9EAF0 ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:00:18.0649 0836 partmgr - ok
13:00:18.0712 0836 [ A1E779A0CF7A21B42E8FD3E8856D8481 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
13:00:18.0714 0836 PassThru Service - ok
13:00:18.0728 0836 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:00:18.0731 0836 PcaSvc - ok
13:00:18.0747 0836 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
13:00:18.0749 0836 pci - ok
13:00:18.0751 0836 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
13:00:18.0752 0836 pciide - ok
13:00:18.0763 0836 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
13:00:18.0765 0836 pcmcia - ok
13:00:18.0777 0836 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
13:00:18.0779 0836 pcw - ok
13:00:18.0795 0836 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:00:18.0801 0836 PEAUTH - ok
13:00:18.0831 0836 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
13:00:18.0852 0836 PeerDistSvc - ok
13:00:18.0903 0836 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:00:18.0905 0836 PerfHost - ok
13:00:18.0928 0836 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
13:00:18.0949 0836 pla - ok
13:00:18.0980 0836 [ 23157D583244400E1D7FBAEE2E4B31B7 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:00:18.0985 0836 PlugPlay - ok
13:00:19.0030 0836 [ 71F62C51DFDFBC04C83C5C64B2B8058E ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
13:00:19.0032 0836 Pml Driver HPZ12 - ok
13:00:19.0041 0836 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:00:19.0043 0836 PNRPAutoReg - ok
13:00:19.0053 0836 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:00:19.0055 0836 PNRPsvc - ok
13:00:19.0085 0836 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:00:19.0090 0836 PolicyAgent - ok
13:00:19.0106 0836 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
13:00:19.0109 0836 Power - ok
13:00:19.0121 0836 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:00:19.0129 0836 PptpMiniport - ok
13:00:19.0132 0836 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
13:00:19.0150 0836 Processor - ok
13:00:19.0163 0836 [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc C:\Windows\system32\profsvc.dll
13:00:19.0166 0836 ProfSvc - ok
13:00:19.0174 0836 [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe
13:00:19.0174 0836 ProtectedStorage - ok
13:00:19.0191 0836 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:00:19.0193 0836 Psched - ok
13:00:19.0228 0836 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
13:00:19.0249 0836 ql2300 - ok
13:00:19.0269 0836 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
13:00:19.0272 0836 ql40xx - ok
13:00:19.0290 0836 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
13:00:19.0293 0836 QWAVE - ok
13:00:19.0303 0836 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:00:19.0305 0836 QWAVEdrv - ok
13:00:19.0316 0836 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:00:19.0329 0836 RasAcd - ok
13:00:19.0368 0836 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:00:19.0389 0836 RasAgileVpn - ok
13:00:19.0399 0836 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
13:00:19.0402 0836 RasAuto - ok
13:00:19.0414 0836 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:00:19.0421 0836 Rasl2tp - ok
13:00:19.0443 0836 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
13:00:19.0447 0836 RasMan - ok
13:00:19.0467 0836 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:00:19.0512 0836 RasPppoe - ok
13:00:19.0521 0836 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:00:19.0546 0836 RasSstp - ok
13:00:19.0559 0836 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:00:19.0562 0836 rdbss - ok
13:00:19.0572 0836 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
13:00:19.0578 0836 rdpbus - ok
13:00:19.0594 0836 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:00:19.0597 0836 RDPCDD - ok
13:00:19.0615 0836 [ 9706B84DBABFC4B4CA46C5A82B14DFA3 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
13:00:19.0627 0836 RDPDR - ok
13:00:19.0637 0836 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:00:19.0638 0836 RDPENCDD - ok
13:00:19.0648 0836 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:00:19.0650 0836 RDPREFMP - ok
13:00:19.0662 0836 [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:00:19.0680 0836 RDPWD - ok
13:00:19.0691 0836 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:00:19.0693 0836 rdyboost - ok
13:00:19.0707 0836 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:00:19.0710 0836 RemoteAccess - ok
13:00:19.0727 0836 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:00:19.0729 0836 RemoteRegistry - ok
13:00:19.0738 0836 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:00:19.0740 0836 RpcEptMapper - ok
13:00:19.0759 0836 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
13:00:19.0760 0836 RpcLocator - ok
13:00:19.0780 0836 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
13:00:19.0782 0836 RpcSs - ok
13:00:19.0830 0836 [ CD553B8633466A6D1C115812F2619F1F ] RsFx0103 C:\Windows\system32\DRIVERS\RsFx0103.sys
13:00:19.0834 0836 RsFx0103 - ok
13:00:19.0852 0836 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:00:19.0853 0836 rspndr - ok
13:00:19.0883 0836 [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
13:00:19.0899 0836 s3cap - ok
Já jsem já a ty jseš ty.
"Milan Hvězda"

Uživatelský avatar
kropovez
Level 4.5
Level 4.5
Příspěvky: 1540
Registrován: prosinec 10
Pohlaví: Muž
Stav:
Offline

Re: Kontrola PC

Příspěvekod kropovez » 30 čer 2013 13:19

13:00:19.0911 0836 [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs C:\Windows\system32\lsass.exe
13:00:19.0912 0836 SamSs - ok
13:00:19.0928 0836 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
13:00:19.0931 0836 sbp2port - ok
13:00:19.0948 0836 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:00:19.0951 0836 SCardSvr - ok
13:00:19.0956 0836 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:00:19.0957 0836 scfilter - ok
13:00:19.0974 0836 [ EC56B171F85C7E855E7B0588AC503EEA ] Schedule C:\Windows\system32\schedsvc.dll
13:00:19.0995 0836 Schedule - ok
13:00:20.0013 0836 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
13:00:20.0013 0836 SCPolicySvc - ok
13:00:20.0024 0836 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:00:20.0027 0836 SDRSVC - ok
13:00:20.0047 0836 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:00:20.0049 0836 secdrv - ok
13:00:20.0061 0836 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
13:00:20.0063 0836 seclogon - ok
13:00:20.0084 0836 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
13:00:20.0087 0836 SENS - ok
13:00:20.0098 0836 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:00:20.0100 0836 SensrSvc - ok
13:00:20.0121 0836 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:00:20.0137 0836 Serenum - ok
13:00:20.0159 0836 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:00:20.0181 0836 Serial - ok
13:00:20.0188 0836 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
13:00:20.0223 0836 sermouse - ok
13:00:20.0237 0836 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
13:00:20.0240 0836 SessionEnv - ok
13:00:20.0242 0836 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
13:00:20.0260 0836 sffdisk - ok
13:00:20.0270 0836 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
13:00:20.0288 0836 sffp_mmc - ok
13:00:20.0290 0836 [ 5588B8C6193EB1522490C122EB94DFFA ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
13:00:20.0309 0836 sffp_sd - ok
13:00:20.0311 0836 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
13:00:20.0317 0836 sfloppy - ok
13:00:20.0334 0836 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:00:20.0338 0836 SharedAccess - ok
13:00:20.0352 0836 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:00:20.0355 0836 ShellHWDetection - ok
13:00:20.0367 0836 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:00:20.0369 0836 SiSRaid2 - ok
13:00:20.0385 0836 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
13:00:20.0388 0836 SiSRaid4 - ok
13:00:20.0418 0836 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:00:20.0456 0836 Smb - ok
13:00:20.0473 0836 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:00:20.0475 0836 SNMPTRAP - ok
13:00:20.0486 0836 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
13:00:20.0487 0836 spldr - ok
13:00:20.0503 0836 [ 89E8550C5862999FCF482EA562B0E98E ] Spooler C:\Windows\System32\spoolsv.exe
13:00:20.0509 0836 Spooler - ok
13:00:20.0558 0836 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
13:00:20.0599 0836 sppsvc - ok
13:00:20.0619 0836 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:00:20.0622 0836 sppuinotify - ok
13:00:20.0657 0836 [ 12E6D95CDE974B131DEFAA44BAB8B056 ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
13:00:20.0661 0836 SQLAgent$SQLEXPRESS - ok
13:00:20.0715 0836 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
13:00:20.0719 0836 SQLBrowser - ok
13:00:20.0772 0836 [ 6D65985945B03CA59B67D0B73702FC7B ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
13:00:20.0775 0836 SQLWriter - ok
13:00:20.0791 0836 [ EC8F67289105BF270498095F14963464 ] srv C:\Windows\system32\DRIVERS\srv.sys
13:00:20.0796 0836 srv - ok
13:00:20.0806 0836 [ F773D2ED090B7BAA1C1A034F3CA476C8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:00:20.0810 0836 srv2 - ok
13:00:20.0818 0836 [ 26E84D3649019C3244622E654DFCD75B ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:00:20.0820 0836 srvnet - ok
13:00:20.0845 0836 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:00:20.0848 0836 SSDPSRV - ok
13:00:20.0856 0836 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:00:20.0858 0836 SstpSvc - ok
13:00:20.0865 0836 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
13:00:20.0867 0836 stexstor - ok
13:00:20.0904 0836 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
13:00:20.0922 0836 StillCam - ok
13:00:20.0943 0836 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
13:00:20.0949 0836 stisvc - ok
13:00:20.0981 0836 [ FFD7A6F15B14234B5B0E5D49E7961895 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
13:00:20.0983 0836 storflt - ok
13:00:21.0000 0836 [ 8FCCBEFC5C440B3C23454656E551B09A ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
13:00:21.0002 0836 storvsc - ok
13:00:21.0012 0836 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
13:00:21.0014 0836 swenum - ok
13:00:21.0090 0836 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
13:00:21.0095 0836 SwitchBoard - ok
13:00:21.0108 0836 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
13:00:21.0113 0836 swprv - ok
13:00:21.0141 0836 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
13:00:21.0172 0836 SysMain - ok
13:00:21.0182 0836 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:00:21.0185 0836 TabletInputService - ok
13:00:21.0214 0836 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
13:00:21.0218 0836 TapiSrv - ok
13:00:21.0238 0836 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
13:00:21.0241 0836 TBS - ok
13:00:21.0270 0836 [ 912107716BAB424C7870E8E6AF5E07E1 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:00:21.0301 0836 Tcpip - ok
13:00:21.0341 0836 [ 912107716BAB424C7870E8E6AF5E07E1 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:00:21.0348 0836 TCPIP6 - ok
13:00:21.0358 0836 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:00:21.0361 0836 tcpipreg - ok
13:00:21.0378 0836 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:00:21.0394 0836 TDPIPE - ok
13:00:21.0408 0836 [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:00:21.0420 0836 TDTCP - ok
13:00:21.0431 0836 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:00:21.0439 0836 tdx - ok
13:00:21.0512 0836 [ 6B1B2F8D62D606B200C2072564090104 ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
13:00:21.0553 0836 TeamViewer8 - ok
13:00:21.0564 0836 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
13:00:21.0566 0836 TermDD - ok
13:00:21.0588 0836 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
13:00:21.0595 0836 TermService - ok
13:00:21.0603 0836 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
13:00:21.0605 0836 Themes - ok
13:00:21.0615 0836 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
13:00:21.0616 0836 THREADORDER - ok
13:00:21.0646 0836 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
13:00:21.0649 0836 TrkWks - ok
13:00:21.0698 0836 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:00:21.0700 0836 TrustedInstaller - ok
13:00:21.0709 0836 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:00:21.0711 0836 tssecsrv - ok
13:00:21.0727 0836 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:00:21.0766 0836 tunnel - ok
13:00:21.0778 0836 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
13:00:21.0780 0836 uagp35 - ok
13:00:21.0799 0836 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:00:21.0803 0836 udfs - ok
13:00:21.0826 0836 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:00:21.0828 0836 UI0Detect - ok
13:00:21.0854 0836 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
13:00:21.0857 0836 uliagpkx - ok
13:00:21.0866 0836 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:00:21.0900 0836 umbus - ok
13:00:21.0912 0836 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
13:00:21.0926 0836 UmPass - ok
13:00:21.0948 0836 [ AF0AC98EE5077EB844413EB54287FDE3 ] UmRdpService C:\Windows\System32\umrdp.dll
13:00:21.0951 0836 UmRdpService - ok
13:00:21.0965 0836 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
13:00:21.0969 0836 upnphost - ok
13:00:21.0979 0836 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:00:21.0988 0836 usbccgp - ok
13:00:22.0000 0836 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
13:00:22.0012 0836 usbcir - ok
13:00:22.0024 0836 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
13:00:22.0026 0836 usbehci - ok
13:00:22.0044 0836 [ 4C9042B8DF86C1E8E6240C218B99B39B ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:00:22.0070 0836 usbhub - ok
13:00:22.0077 0836 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
13:00:22.0087 0836 usbohci - ok
13:00:22.0102 0836 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:00:22.0115 0836 usbprint - ok
13:00:22.0125 0836 [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:00:22.0127 0836 USBSTOR - ok
13:00:22.0130 0836 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
13:00:22.0145 0836 usbuhci - ok
13:00:22.0171 0836 [ D501E12614B00A3252073101D6A1A74B ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
13:00:22.0201 0836 usbvideo - ok
13:00:22.0220 0836 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
13:00:22.0223 0836 UxSms - ok
13:00:22.0234 0836 [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc C:\Windows\system32\lsass.exe
13:00:22.0234 0836 VaultSvc - ok
13:00:22.0244 0836 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
13:00:22.0246 0836 vdrvroot - ok
13:00:22.0277 0836 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
13:00:22.0283 0836 vds - ok
13:00:22.0290 0836 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:00:22.0297 0836 vga - ok
13:00:22.0309 0836 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
13:00:22.0317 0836 VgaSave - ok
13:00:22.0344 0836 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
13:00:22.0347 0836 vhdmp - ok
13:00:22.0403 0836 [ 3CCC0D9607419AC28B4216C18F6FA5E9 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
13:00:22.0434 0836 VIAHdAudAddService - ok
13:00:22.0443 0836 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
13:00:22.0445 0836 viaide - ok
13:00:22.0457 0836 [ 888450E821E7A66CB8A4E5B7A01BA5C5 ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
13:00:22.0459 0836 VIAKaraokeService - ok
13:00:22.0470 0836 [ 1501699D7EDA984ABC4155A7DA5738D1 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
13:00:22.0472 0836 vmbus - ok
13:00:22.0488 0836 [ AE10C35761889E65A6F7176937C5592C ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
13:00:22.0516 0836 VMBusHID - ok
13:00:22.0536 0836 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
13:00:22.0538 0836 volmgr - ok
13:00:22.0550 0836 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:00:22.0554 0836 volmgrx - ok
13:00:22.0561 0836 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
13:00:22.0564 0836 volsnap - ok
13:00:22.0592 0836 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
13:00:22.0594 0836 vsmraid - ok
13:00:22.0628 0836 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
13:00:22.0648 0836 VSS - ok
13:00:22.0758 0836 [ 254E8F9BA44E9F55416B0E51DBFF3C5F ] vToolbarUpdater15.3.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe
13:00:22.0778 0836 vToolbarUpdater15.3.0 - ok
13:00:22.0790 0836 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
13:00:22.0791 0836 vwifibus - ok
13:00:22.0819 0836 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
13:00:22.0824 0836 W32Time - ok
13:00:22.0831 0836 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
13:00:22.0844 0836 WacomPen - ok
13:00:22.0868 0836 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:00:22.0891 0836 WANARP - ok
13:00:22.0904 0836 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:00:22.0905 0836 Wanarpv6 - ok
13:00:22.0973 0836 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
13:00:23.0012 0836 wbengine - ok
13:00:23.0049 0836 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:00:23.0052 0836 WbioSrvc - ok
13:00:23.0067 0836 [ 8321C2CA3B62B61B293CDA3451984468 ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:00:23.0071 0836 wcncsvc - ok
13:00:23.0084 0836 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:00:23.0086 0836 WcsPlugInService - ok
13:00:23.0097 0836 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
13:00:23.0099 0836 Wd - ok
13:00:23.0126 0836 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:00:23.0146 0836 Wdf01000 - ok
13:00:23.0167 0836 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:00:23.0170 0836 WdiServiceHost - ok
13:00:23.0172 0836 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:00:23.0173 0836 WdiSystemHost - ok
13:00:23.0195 0836 [ 8A438CBB8C032A0C798B0C642FFBE572 ] WebClient C:\Windows\System32\webclnt.dll
13:00:23.0199 0836 WebClient - ok
13:00:23.0225 0836 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:00:23.0228 0836 Wecsvc - ok
13:00:23.0253 0836 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:00:23.0256 0836 wercplsupport - ok
13:00:23.0285 0836 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
13:00:23.0287 0836 WerSvc - ok
13:00:23.0298 0836 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:00:23.0323 0836 WfpLwf - ok
13:00:23.0335 0836 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:00:23.0337 0836 WIMMount - ok
13:00:23.0342 0836 WinDefend - ok
13:00:23.0345 0836 WinHttpAutoProxySvc - ok
13:00:23.0382 0836 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:00:23.0385 0836 Winmgmt - ok
13:00:23.0423 0836 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
13:00:23.0453 0836 WinRM - ok
13:00:23.0504 0836 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
13:00:23.0511 0836 WinUSB - ok
13:00:23.0531 0836 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
13:00:23.0539 0836 Wlansvc - ok
13:00:23.0546 0836 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
13:00:23.0563 0836 WmiAcpi - ok
13:00:23.0580 0836 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:00:23.0583 0836 wmiApSrv - ok
13:00:23.0604 0836 WMPNetworkSvc - ok
13:00:23.0614 0836 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:00:23.0616 0836 WPCSvc - ok
13:00:23.0628 0836 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:00:23.0631 0836 WPDBusEnum - ok
13:00:23.0644 0836 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:00:23.0646 0836 ws2ifsl - ok
13:00:23.0656 0836 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
13:00:23.0659 0836 wscsvc - ok
13:00:23.0660 0836 WSearch - ok
13:00:23.0701 0836 [ 38340204A2D0228F1E87740FC5E554A7 ] wuauserv C:\Windows\system32\wuaueng.dll
13:00:23.0731 0836 wuauserv - ok
13:00:23.0745 0836 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:00:23.0747 0836 WudfPf - ok
13:00:23.0763 0836 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:00:23.0765 0836 WUDFRd - ok
13:00:23.0783 0836 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:00:23.0785 0836 wudfsvc - ok
13:00:23.0804 0836 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
13:00:23.0807 0836 WwanSvc - ok
13:00:23.0815 0836 ================ Scan global ===============================
13:00:23.0828 0836 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:00:23.0839 0836 [ 457B44AB6D502E55F64A867D4F35C76C ] C:\Windows\system32\winsrv.dll
13:00:23.0845 0836 [ 457B44AB6D502E55F64A867D4F35C76C ] C:\Windows\system32\winsrv.dll
13:00:23.0861 0836 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:00:23.0873 0836 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
13:00:23.0877 0836 [Global] - ok
13:00:23.0877 0836 ================ Scan MBR ==================================
13:00:23.0889 0836 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:00:24.0151 0836 \Device\Harddisk0\DR0 - ok
13:00:24.0151 0836 ================ Scan VBR ==================================
13:00:24.0153 0836 [ 5D968AA4246A0241183DDC966825E898 ] \Device\Harddisk0\DR0\Partition1
13:00:24.0154 0836 \Device\Harddisk0\DR0\Partition1 - ok
13:00:24.0166 0836 [ A579CD09549F8CC0A3065EE9F1EF9B9C ] \Device\Harddisk0\DR0\Partition2
13:00:24.0168 0836 \Device\Harddisk0\DR0\Partition2 - ok
13:00:24.0177 0836 [ 69D55EB5DAB0BFB72A5E99B92F115039 ] \Device\Harddisk0\DR0\Partition3
13:00:24.0179 0836 \Device\Harddisk0\DR0\Partition3 - ok
13:00:24.0179 0836 ============================================================
13:00:24.0179 0836 Scan finished
13:00:24.0179 0836 ============================================================
13:00:24.0184 3652 Detected object count: 0
13:00:24.0184 3652 Actual detected object count: 0
Já jsem já a ty jseš ty.
"Milan Hvězda"

Uživatelský avatar
kropovez
Level 4.5
Level 4.5
Příspěvky: 1540
Registrován: prosinec 10
Pohlaví: Muž
Stav:
Offline

Re: Kontrola PC

Příspěvekod kropovez » 30 čer 2013 13:20

Combofix:
ComboFix 13-06-28.02 - Kropovez 30.06.2013 13:07:27.1.8 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.4079.2688 [GMT 2:00]
Spuštěný z: c:\users\Kropovez\Desktop\kontrola logu\ComboFix.exe
AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\BeraoywsE2save
c:\programdata\BeraoywsE2save\5142103145678.tlb
c:\programdata\BeraoywsE2save\data\BeraoywsE2save.dat
c:\programdata\BeraoywsE2save\settings.ini
c:\programdata\BeraoywsE2save\uninstall.exe
c:\programdata\continnuetosavve
c:\programdata\continnuetosavve\51853e9be7225.tlb
c:\programdata\continnuetosavve\settings.ini
c:\programdata\continnuetosavve\uninstall.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\BeraoywsE2save
c:\programdata\Microsoft\Windows\Start Menu\Programs\BeraoywsE2save\BeraoywsE2save.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\BeraoywsE2save\Uninstall.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\continnuetosavve
c:\programdata\Microsoft\Windows\Start Menu\Programs\continnuetosavve\continnuetosavve.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\continnuetosavve\Uninstall.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\SearchNewTab
c:\programdata\Microsoft\Windows\Start Menu\Programs\SearchNewTab\SearchNewTab.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\SearchNewTab\Uninstall.lnk
c:\programdata\SearchNewTab
c:\programdata\SearchNewTab\518550336f5da.tlb
c:\programdata\SearchNewTab\settings.ini
c:\programdata\SearchNewTab\uninstall.exe
c:\windows\SysWow64\frapsvid.dll
c:\windows\SysWow64\muzapp.exe
.
c:\windows\explorer.exe . . . je infikován!!
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-05-28 do 2013-06-30 )))))))))))))))))))))))))))))))
.
.
2013-06-30 11:14 . 2013-06-30 11:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-06-30 10:46 . 2013-06-30 10:47 -------- d-----w- c:\users\Kropovez\AppData\Roaming\PerformerSoft
2013-06-30 10:46 . 2013-06-30 10:46 -------- d-----w- c:\programdata\IBUpdaterService
2013-06-30 10:46 . 2012-12-19 13:53 19632 ----a-w- c:\windows\system32\roboot64.exe
2013-06-30 10:45 . 2013-06-30 10:45 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-06-30 10:45 . 2013-06-30 10:47 -------- d-----w- c:\users\Kropovez\AppData\Roaming\DAEMON Tools Lite
2013-06-30 10:45 . 2013-06-30 10:45 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2013-06-30 10:45 . 2013-06-30 10:47 -------- d-----w- c:\programdata\DAEMON Tools Lite
2013-06-30 10:35 . 2013-06-30 10:35 -------- d-----w- c:\users\Kropovez\AppData\Local\AVG Secure Search
2013-06-30 10:23 . 2013-06-30 10:23 499712 ----a-w- c:\windows\SysWow64\phatk121016Pitcairnv1w256l4.bin
2013-06-30 10:23 . 2013-06-30 10:23 -------- d-----w- c:\users\Kropovez\AppData\Roaming\BANDISOFT
2013-06-30 10:22 . 2013-06-30 10:23 -------- d-----w- c:\program files (x86)\Bandicam
2013-06-30 10:22 . 2013-06-30 10:22 -------- d-----w- c:\program files (x86)\BandiMPEG1
2013-06-30 10:17 . 2013-06-30 10:17 -------- d-----w- c:\users\Kropovez\AppData\Local\ATI
2013-06-30 09:56 . 2013-06-30 09:56 -------- d-----w- c:\users\Kropovez\AppData\Roaming\Malwarebytes
2013-06-30 09:56 . 2013-06-30 09:56 -------- d-----w- c:\programdata\Malwarebytes
2013-06-30 09:56 . 2013-06-30 09:56 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-06-30 09:56 . 2013-04-04 12:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-06-29 14:27 . 2013-06-29 14:27 -------- d-----w- c:\program files (x86)\SweetIM
2013-06-29 14:26 . 2013-06-30 10:35 -------- d-----w- c:\windows\SysWow64\WNLT
2013-06-29 14:26 . 2013-06-29 14:26 -------- d-----w- c:\program files (x86)\sweetpacks bundle uninstaller
2013-06-29 14:26 . 2013-06-30 09:38 -------- d-----w- c:\program files (x86)\TornTV.com
2013-06-28 09:37 . 2013-06-28 09:37 -------- d-----w- c:\programdata\Blizzard Entertainment
2013-06-20 13:23 . 2013-06-20 13:23 -------- d-----w- c:\programdata\Uniblue
2013-06-20 13:18 . 2013-06-20 13:24 -------- d-----w- c:\program files\Core Temp
2013-06-20 13:17 . 2013-06-20 13:17 -------- d-----w- c:\programdata\APN
2013-06-17 16:46 . 2013-06-17 16:46 -------- d-----w- c:\users\Kropovez\AppData\Local\FLT
2013-06-17 13:27 . 2013-06-17 13:27 -------- d-----w- c:\users\Kropovez\AppData\Local\OCCT_-_Ocbase_-_Adrien_Me
2013-06-17 13:26 . 2013-06-17 13:26 -------- d-----w- c:\program files (x86)\OCCTPT
2013-06-07 21:48 . 2013-06-07 21:48 -------- d-----w- c:\program files (x86)\w
2013-06-07 21:16 . 2013-06-07 21:16 -------- d-----w- c:\program files\CPUID
2013-06-02 12:18 . 2013-06-02 12:18 -------- d-----w- c:\programdata\RELOADED
2013-06-02 09:26 . 2013-06-02 09:26 -------- d-----w- c:\users\Kropovez\AppData\Roaming\Leadertech
2013-06-02 09:19 . 2013-06-02 09:19 -------- d-----w- c:\program files (x86)\EA Sports
2013-06-01 16:48 . 2013-06-01 16:48 -------- d-----w- c:\program files (x86)\Codemasters
2013-06-01 16:48 . 2002-12-05 12:12 692224 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
2013-06-01 16:48 . 2002-12-05 12:10 155648 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2013-06-01 16:48 . 2002-12-02 13:22 5632 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2013-06-01 16:48 . 2002-12-02 11:33 57344 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2013-06-01 16:48 . 2002-12-02 11:33 32768 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2013-06-01 16:48 . 2002-12-02 11:33 237568 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2013-06-01 16:48 . 2013-06-01 16:48 282756 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2013-06-01 16:48 . 2013-06-01 16:48 163972 ----a-w- c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2013-06-01 10:29 . 2009-04-16 12:08 248320 ----a-w- c:\windows\system32\Spool\prtprocs\x64\hpfpp70v.dll
2013-06-01 10:27 . 2013-06-01 10:27 -------- d-----w- c:\program files (x86)\WinHTTrack
2013-06-01 10:22 . 2013-06-01 10:22 -------- d-----w- c:\program files (x86)\Common Files\HP
2013-06-01 10:22 . 2013-06-01 10:22 -------- d-----w- c:\program files (x86)\Common Files\Hewlett-Packard
2013-06-01 10:22 . 2009-04-16 12:08 136704 ----a-w- c:\windows\system32\hpf3l70v.dll
2013-06-01 10:22 . 2013-06-01 10:22 -------- d-----w- c:\program files (x86)\HP
2013-06-01 10:21 . 2013-06-01 10:21 -------- d-----w- c:\program files\HP
2013-06-01 10:21 . 2013-06-01 10:21 -------- d-----w- c:\programdata\HP
2013-06-01 10:21 . 2009-04-16 11:53 642360 ----a-w- c:\windows\system32\hpzids40.dll
2013-06-01 10:21 . 2009-02-11 11:03 880640 ----a-w- c:\windows\system32\hposwia_p02d.dll
2013-06-01 10:21 . 2009-02-11 11:03 515072 ----a-w- c:\windows\system32\hposc_p02a.dll
2013-06-01 10:21 . 2009-02-11 11:03 1403904 ----a-w- c:\windows\system32\hpost_p02d.dll
2013-06-01 10:21 . 2008-10-29 00:27 551424 ----a-w- c:\windows\system32\hppldcoi.dll
2013-05-31 18:03 . 2013-05-31 18:03 -------- d-----w- c:\programdata\ATI
2013-05-31 18:01 . 2013-05-31 18:01 -------- d-----w- c:\program files (x86)\AMD AVT
2013-05-31 18:01 . 2013-05-31 18:01 -------- d-----w- c:\program files\Common Files\ATI Technologies
2013-05-31 18:01 . 2013-05-31 18:01 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2013-05-31 17:59 . 2013-05-31 17:59 -------- d-----w- c:\program files (x86)\ATI Technologies
2013-05-31 17:59 . 2013-05-31 18:01 -------- d-----w- c:\program files\ATI Technologies
2013-05-31 17:59 . 2013-05-31 17:59 -------- d-----w- c:\program files\ATI
2013-05-31 17:29 . 2013-05-31 17:29 -------- d-----w- c:\program files (x86)\FinalWire
2013-05-31 17:26 . 2013-05-31 17:26 -------- d-----w- c:\program files (x86)\Lavalys
2013-05-31 17:26 . 2013-05-31 17:26 -------- d-----w- c:\program files (x86)\Geeks3D
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-26 14:12 . 2013-03-16 11:40 45856 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2013-06-12 18:04 . 2013-03-16 13:30 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-12 18:04 . 2013-03-16 13:30 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-07 11:45 . 2013-06-30 10:22 84992 --s-a-w- c:\windows\inf\mssjjpa\zlib1.dll
2013-06-07 11:45 . 2013-06-30 10:22 612352 --s-a-w- c:\windows\inf\mssjjpa\libcurl.dll
2013-06-07 11:45 . 2013-06-30 10:22 364544 --s-a-w- c:\windows\inf\mssjjpa\ssleay32.dll
2013-06-07 11:45 . 2013-06-30 10:22 279955 --s-a-w- c:\windows\inf\mssjjpa\libidn-11.dll
2013-06-07 11:45 . 2013-06-30 10:22 183382 --s-a-w- c:\windows\inf\mssjjpa\librtmp.dll
2013-06-07 11:45 . 2013-06-30 10:22 171008 --s-a-w- c:\windows\inf\mssjjpa\libssh2.dll
2013-06-07 11:45 . 2013-06-30 10:22 1704448 --s-a-w- c:\windows\inf\mssjjpa\libeay32.dll
2013-06-07 11:45 . 2013-06-30 10:22 110094 --s-a-w- c:\windows\inf\mssjjpa\libusb-1.0.dll
2013-05-05 09:24 . 2013-05-05 09:23 15823872 ----a-w- c:\users\Kropovez\AppData\Roaming\Microsoft\Windows\Templates\Office 2010 Toolkit.exe
2013-05-05 09:24 . 2013-05-05 09:23 786492 ----a-w- c:\users\Kropovez\AppData\Roaming\Microsoft\Windows\Templates\cryptedcybertoirrent.exe
2013-05-05 09:24 . 2013-05-05 09:23 107008 ----a-w- c:\users\Kropovez\AppData\Roaming\Microsoft\Windows\Templates\Torrant.exe
2013-04-28 08:54 . 2013-04-28 08:54 925184 ----a-w- c:\windows\expstart.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2013-03-14 . BFE76294E2F5500FB3850CFA91F71C1B . 2868224 . . [6.1.7600.16385] .. c:\windows\explorer.exe
[-] 2013-03-14 . BFE76294E2F5500FB3850CFA91F71C1B . 2868224 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GarenaPlus"="c:\program files (x86)\Garena Plus\GarenaMessenger.exe" [2013-06-06 9842992]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2012-08-09 5263504]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-04-28 4408368]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2013-06-26 2236080]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2013-02-13 310128]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-03-28 642656]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"NtVdmSrv"="c:\windows\inf\ntvdm.vbe" [2013-06-20 1219]
.
c:\users\Kropovez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
hemxccape.exe [2009-6-10 55632]
jafpdndnn.exe [2009-6-10 55632]
wtnwkloct.exe [2009-6-10 55632]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 FairplayKD;FairplayKD;c:\programdata\MTA San Andreas All\1.3\temp\FairplayKD.sys;c:\programdata\MTA San Andreas All\1.3\temp\FairplayKD.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0103.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S2 vToolbarUpdater15.3.0;vToolbarUpdater15.3.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2013-06-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-16 18:04]
.
2013-06-30 c:\windows\Tasks\schedule!3036567561.job
- c:\programdata\BetterSoft\OptimizerPro\OptimizerPro.exe [2013-05-04 19:58]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CmPCIaudio"="c:\windows\Syswow64\CMICNFG3.dll" [2009-10-30 8151040]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://websearch.youwillfind.info/?pid= ... g=EN&cc=CZ
mLocal Page = c:\windows\SysWOW64\blank.htm
mStart Page = hxxp://websearch.youwillfind.info/?pid= ... g=EN&cc=CZ
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MIF5BA~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.3.0\ViProtocol.dll
FF - ProfilePath - c:\users\Kropovez\AppData\Roaming\Mozilla\Firefox\Profiles\[ofr2][opt]rs0,[slws][slns]\
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
BHO-{0F7B7218-53EA-205C-D344-7E43188E5E9E} - (no file)
BHO-{3A041D7E-6008-DCA7-41A9-079CB373C79E} - (no file)
BHO-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
Toolbar-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
AddRemove-{C1C6816E-CBB3-A748-85F9-A8B47B68985B} - c:\programdata\continnuetosavve\uninstall.exe
AddRemove-{C3F3165C-74D3-6FDB-3274-14FDA8698CFA} - c:\programdata\BeraoywsE2save\uninstall.exe
AddRemove-{C670DCAE-E392-AA32-6F42-143C7FC4BDFD} - c:\programdata\SearchNewTab\uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-3446160199-3253471612-3850437206-1000_Classes\CLSID\{F8FF7BDD-BF62-B840-9E84-654C907F8425}]
@Denied: (A 4) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-06-30 13:17:04
ComboFix-quarantined-files.txt 2013-06-30 11:17
.
Před spuštěním: Volných bajtů: 26 398 560 256
Po spuštění: Volných bajtů: 28 585 828 352
.
- - End Of File - - 353209219B7FE38AB995861657A2003A
A36C5E4F47E84449FF07ED3517B43A31
Já jsem já a ty jseš ty.
"Milan Hvězda"

Uživatelský avatar
memphisto
Guru Level 13
Guru Level 13
Příspěvky: 21113
Registrován: září 06
Bydliště: Zlín - České Budějovice
Pohlaví: Muž
Stav:
Offline

Re: Kontrola PC

Příspěvekod memphisto » 30 čer 2013 15:39

Používáš Garenu?

Tohle znáš?
c:\users\Kropovez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
hemxccape.exe [2009-6-10 55632]
jafpdndnn.exe [2009-6-10 55632]
wtnwkloct.exe [2009-6-10 55632]
PRAVIDLA PC-HELP.CZ, PRAVIDLA sekce HijackThis, HijackThis návod, Memtest, CCleaner
Logy z programu HijackThis neposílejte prosím přes SZ, ale vkládejte je do patřičné sekce. Děkuji

Uživatelský avatar
kropovez
Level 4.5
Level 4.5
Příspěvky: 1540
Registrován: prosinec 10
Pohlaví: Muž
Stav:
Offline

Re: Kontrola PC

Příspěvekod kropovez » 30 čer 2013 17:35

Ano, garenu používám. Tamto neznám.
Já jsem já a ty jseš ty.
"Milan Hvězda"

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Kontrola PC

Příspěvekod jaro3 » 30 čer 2013 23:13

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::

KillAll::
Restore::
c:\windows\explorer.exe


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému

Toto otestuj na Virustotal
c:\users\Kropovez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hemxccape.exe

c:\users\Kropovez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\jafpdndnn.exe

c:\users\Kropovez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wtnwkloct.exe

Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.

Nebo na:
http://www.virscan.org/

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 12 hostů