- Logfile of random's system information tool 1.09 (written by random/random)
Run by Kvasna at 2012-04-22 23:53:38
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 13 GB (17%) free of 74 GB
Total RAM: 6069 MB (71% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:53:46, on 22.4.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\Net4Switch\Net4Switch.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Users\Kvasna\AppData\Local\Temp\svchost.exe
C:\Program Files (x86)\AVG\AVG2012\avgui.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\Kvasna.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
O2 - BHO: uTorrentControl2 - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\8.0.0.34\AVG Secure Search_toolbar.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: uTorrentControl2 Toolbar - {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\8.0.0.34\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [ATKOSD2] "C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
O4 - HKLM\..\Run: [ATKMEDIA] "C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
O4 - HKLM\..\Run: [HControlUser] "C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
O4 - HKLM\..\Run: [ADSMTray] "C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] "Cmd.exe" /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Windows Defender] "C:\Users\Kvasna\AppData\Roaming\WinDefender\windefender.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: spmgr - Unknown owner - C:\Program Files (x86)\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12599 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe /pipeName=dea0f30b-704e-445e-8f1f-ca3b927a374c /coreSdkOptions=286 /logConfFile="C:\ProgramData\AVG2012\temp\0d7fda00-f9bc-4f1d-b68d-5c3aabbaac23-1a4-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2012\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2012" /tempPath="C:\ProgramData\AVG2012\temp\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\ASUS\NB Probe\SPM\spmgr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe"
"C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe /pipeName=429db830-4083-4739-9527-5442bddf376d /coreSdkOptions=18 /logConfFile="C:\ProgramData\AVG2012\temp\3e97951f-33a8-4a6c-a761-4a0d65f28831-aa4-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2012\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2012" /tempPath="C:\ProgramData\AVG2012\temp\"
"C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
WLIDSvcM.exe 2988
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-c4b9c76a-f8ac-464e-8a1b-cf0d78c61058 -SystemEventPortName:HostProcess-613210ed-532b-494b-906b-f294e732cc29 -IoCancelEventPortName:HostProcess-07bce8d5-ffc8-4fe5-a729-222c8e595a75 -NonStateChangingEventPortName:HostProcess-15c6baa3-c27a-4ac8-be7e-cc1c8ab9109e -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:29d4f4e2-5512-4ea9-8df8-19cb7601eb9d
C:\Windows\system32\wbem\wmiprvse.exe
taskeng.exe {139A66EE-D4DB-4E39-8CD1-B3D4C1457835}
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Program Files (x86)\ASUS\Net4Switch\Net4Switch.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
ATKOSD.exe
WDC.exe
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
"C:\Program Files (x86)\AVG Secure Search\vprot.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Users\Kvasna\AppData\Local\Temp\svchost.exe
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\AVG\AVG2012\avgui.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe"
/SCANCFG:1 /SCANTYPE:2
\??\C:\Windows\system32\conhost.exe "-1396458598-1137278269-22780513-902338212-1542435835-814807001118779654-346611108
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe /pipeName=eb9d3674-1f1b-4255-a111-21070e101f70 /coreSdkOptions=0 /binaryPath="C:\Program Files (x86)\AVG\AVG2012\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2012" /dataPath="C:\ProgramData\AVG2012\"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=6104.b307a0.1071930730 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 6104 "\\.\pipe\gecko-crash-server-pipe.6104" plugin
"E:\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\SidebarExecute.job
=========Mozilla firefox=========
ProfilePath - C:\Users\Kvasna\AppData\Roaming\Mozilla\Firefox\Profiles\9y1p93c3.default
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.as ... ource=2&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.2.202.233 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.110.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.116.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.118.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.2.202.233 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_233.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
C:\Users\Kvasna\AppData\Roaming\Mozilla\Firefox\Profiles\9y1p93c3.default\extensions\
avg@toolbar
{687578b9-7132-4a7a-80e4-30ee31099e03}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll [2011-11-11 1942368]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 6721936]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-02-25 347424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-02-25 49440]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll [2011-11-11 1378144]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}]
uTorrentControl2 Toolbar - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll [2011-05-09 176936]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [2011-06-12 4221328]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-02-23 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\8.0.0.34\AVG Secure Search_toolbar.dll [2012-04-22 1451336]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL [2010-12-21 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-02-23 42272]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{687578b9-7132-4a7a-80e4-30ee31099e03} - uTorrentControl2 Toolbar - C:\Program Files (x86)\uTorrentControl2\prxtbuTor.dll [2011-05-09 176936]
{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\8.0.0.34\AVG Secure Search_toolbar.dll [2012-04-22 1451336]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-09-01 323584]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-05 2085160]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-02-22 500208]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-05-25 10816544]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-02-29 17148552]
"Windows Defender"=C:\Users\Kvasna\AppData\Roaming\WinDefender\windefender.exe [2012-04-22 2284544]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2009-10-26 6998656]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2009-08-19 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ADSMTray"=C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [2009-06-24 272952]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-03-09 636032]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"AVG_TRAY"=C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2012-01-24 2416480]
"vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2012-04-22 218440]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
FancyStart daemon.lnk - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
SRS Premium Sound.lnk - C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
C:\Users\Kvasna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.3.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 6721936]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL [2011-06-12 4221328]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MSIServer]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"VIDC.FPS1"=frapsv64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-04-22 23:53:39 ----D---- C:\Program Files\trend micro
2012-04-22 23:53:38 ----D---- C:\rsit
2012-04-22 23:24:39 ----HD---- C:\$AVG
2012-04-22 22:24:42 ----AD---- C:\Kaspersky Rescue Disk 10.0
2012-04-22 20:18:17 ----D---- C:\Users\Kvasna\AppData\Roaming\AVG2012
2012-04-22 20:17:23 ----D---- C:\Program Files (x86)\AVG Secure Search
2012-04-22 20:17:13 ----HD---- C:\ProgramData\Common Files
2012-04-22 20:17:05 ----D---- C:\Windows\SYSWOW64\drivers\AVG
2012-04-22 20:16:39 ----D---- C:\Windows\system32\drivers\AVG
2012-04-22 20:16:39 ----D---- C:\ProgramData\AVG2012
2012-04-22 20:16:30 ----D---- C:\Program Files (x86)\AVG
2012-04-22 20:15:01 ----D---- C:\ProgramData\MFAData
2012-04-22 20:11:22 ----D---- C:\Program Files (x86)\CodeStuff
2012-04-22 19:19:09 ----D---- C:\Users\Kvasna\AppData\Roaming\IObit
2012-04-22 19:19:06 ----D---- C:\Program Files (x86)\IObit
2012-04-22 18:08:00 ----A---- C:\Windows\ntbtlog.txt
2012-04-22 17:00:46 ----D---- C:\Program Files (x86)\MSSOAP
2012-04-22 17:00:25 ----D---- C:\Program Files (x86)\Webroot
2012-04-22 16:59:49 ----A---- C:\Windows\install.dat
2012-04-22 16:38:40 ----A---- C:\Users\Kvasna\AppData\Roaming\script.bat
2012-04-22 16:35:58 ----D---- C:\Program Files (x86)\Trend Micro
2012-04-22 15:30:59 ----D---- C:\Users\Kvasna\AppData\Roaming\dclogs
2012-04-22 15:30:58 ----D---- C:\Users\Kvasna\AppData\Roaming\WinDefender
2012-04-22 14:11:01 ----A---- C:\Users\Kvasna\AppData\Roaming\RSBot.db
2012-04-21 16:09:09 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2012-04-21 14:56:23 ----D---- C:\ProgramData\ATI
2012-04-21 14:56:19 ----D---- C:\ProgramData\AMD
2012-04-21 14:56:18 ----D---- C:\Program Files (x86)\AMD AVT
2012-04-21 14:56:14 ----D---- C:\Program Files (x86)\AMD APP
2012-04-21 09:56:00 ----D---- C:\.jagex_cache_32
2012-04-14 18:37:05 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2012-04-11 16:53:09 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-04-11 16:53:09 ----A---- C:\Windows\system32\mshtmled.dll
2012-04-11 16:53:09 ----A---- C:\Windows\system32\iertutil.dll
2012-04-11 16:53:08 ----A---- C:\Windows\SYSWOW64\url.dll
2012-04-11 16:53:08 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-04-11 16:53:08 ----A---- C:\Windows\system32\jscript9.dll
2012-04-11 16:53:07 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-04-11 16:53:07 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-04-11 16:53:07 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-04-11 16:53:07 ----A---- C:\Windows\system32\url.dll
2012-04-11 16:53:07 ----A---- C:\Windows\system32\ieui.dll
2012-04-11 16:53:06 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-04-11 16:53:06 ----A---- C:\Windows\system32\urlmon.dll
2012-04-11 16:53:06 ----A---- C:\Windows\system32\jsproxy.dll
2012-04-11 16:53:06 ----A---- C:\Windows\system32\jscript.dll
2012-04-11 16:53:05 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-04-11 16:53:05 ----A---- C:\Windows\system32\wininet.dll
2012-04-11 16:53:04 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-04-11 16:53:03 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-04-11 16:53:02 ----A---- C:\Windows\system32\mshtml.dll
2012-04-11 16:53:01 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-04-11 16:53:00 ----A---- C:\Windows\system32\ieframe.dll
2012-04-11 16:52:12 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-04-11 16:52:12 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-04-11 16:52:11 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-04-11 16:49:59 ----A---- C:\Windows\system32\drivers\fs_rec.sys
2012-04-11 16:49:58 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2012-04-11 16:49:58 ----A---- C:\Windows\system32\imagehlp.dll
2012-04-11 16:49:57 ----A---- C:\Windows\SYSWOW64\wmi.dll
2012-04-11 16:49:57 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2012-04-11 16:49:57 ----A---- C:\Windows\system32\wmi.dll
2012-04-11 16:49:57 ----A---- C:\Windows\system32\wintrust.dll
2012-04-10 10:32:30 ----D---- C:\Program Files (x86)\Fifa Master
2012-04-05 17:18:37 ----D---- C:\Users\Kvasna\AppData\Roaming\Ulozto File Manager
2012-04-05 17:18:35 ----D---- C:\Program Files (x86)\Uložto File Manager
2012-04-01 22:35:11 ----A---- C:\Windows\AutoKMS.ini
2012-04-01 22:30:35 ----D---- C:\Program Files\Common Files\DESIGNER
2012-04-01 22:29:55 ----D---- C:\Program Files\Microsoft Synchronization Services
2012-04-01 22:29:28 ----D---- C:\Windows\PCHEALTH
2012-04-01 22:29:28 ----D---- C:\Program Files\Microsoft Sync Framework
2012-04-01 22:29:28 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2012-04-01 22:28:07 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2012-04-01 22:27:30 ----D---- C:\Program Files\Microsoft Analysis Services
2012-04-01 22:27:30 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2012-04-01 22:27:08 ----D---- C:\Program Files (x86)\Microsoft Office
2012-04-01 22:26:55 ----D---- C:\Program Files\Microsoft Office
2012-04-01 22:26:54 ----D---- C:\ProgramData\Microsoft Help
2012-04-01 22:26:37 ----RHD---- C:\MSOCache
2012-04-01 20:06:02 ----A---- C:\Users\Kvasna\AppData\Roaming\room_v3.dat
2012-04-01 19:07:02 ----A---- C:\Windows\Eurobattle.net Setup Log.txt
2012-04-01 16:49:58 ----D---- C:\Users\Kvasna\AppData\Roaming\GarenaPlus
2012-04-01 16:49:31 ----D---- C:\Program Files (x86)\Garena Plus
2012-04-01 16:49:27 ----D---- C:\ProgramData\GarenaMessenger
2012-04-01 12:33:24 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-04-01 12:33:19 ----D---- C:\Windows\system32\Macromed
2012-03-31 22:29:54 ----D---- C:\Users\Kvasna\AppData\Roaming\BSplayer Pro
2012-03-31 22:29:54 ----D---- C:\Users\Kvasna\AppData\Roaming\BSplayer
2012-03-31 22:29:54 ----D---- C:\Program Files (x86)\Webteh
2012-03-30 14:25:13 ----D---- C:\Program Files\Paint.NET
======List of files/folders modified in the last 1 month======
2012-04-22 23:53:46 ----D---- C:\Windows\Temp
2012-04-22 23:53:39 ----RD---- C:\Program Files
2012-04-22 23:52:46 ----D---- C:\Windows\system32\config
2012-04-22 23:45:24 ----D---- C:\Windows\System32
2012-04-22 23:45:24 ----D---- C:\Windows\inf
2012-04-22 23:45:24 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-04-22 23:40:30 ----D---- C:\Users\Kvasna\AppData\Roaming\Skype
2012-04-22 23:38:33 ----A---- C:\Windows\SYSWOW64\log.txt
2012-04-22 23:38:14 ----SHD---- C:\Config.Msi
2012-04-22 23:38:14 ----D---- C:\Windows
2012-04-22 23:37:05 ----SHD---- C:\Windows\Installer
2012-04-22 23:36:01 ----D---- C:\Windows\system32\drivers
2012-04-22 23:34:00 ----HD---- C:\ProgramData
2012-04-22 23:34:00 ----D---- C:\Windows\SysWOW64
2012-04-22 23:33:57 ----RD---- C:\Users
2012-04-22 23:33:57 ----D---- C:\Windows\Tasks
2012-04-22 23:33:57 ----D---- C:\Windows\system32\Tasks
2012-04-22 23:24:52 ----D---- C:\Windows\system32\drivers\etc
2012-04-22 23:18:21 ----D---- C:\ProgramData\AVAST Software
2012-04-22 23:18:21 ----D---- C:\Program Files\AVAST Software
2012-04-22 20:17:24 ----D---- C:\Program Files (x86)\Common Files
2012-04-22 20:17:23 ----RD---- C:\Program Files (x86)
2012-04-22 20:17:05 ----D---- C:\Windows\SYSWOW64\drivers
2012-04-22 19:38:59 ----SD---- C:\Users\Kvasna\AppData\Roaming\Microsoft
2012-04-22 17:49:43 ----D---- C:\Windows\Microsoft.NET
2012-04-22 17:06:08 ----D---- C:\Users\Kvasna\AppData\Roaming\uTorrent
2012-04-22 17:01:25 ----A---- C:\Windows\win.ini
2012-04-22 17:00:57 ----D---- C:\Windows\winsxs
2012-04-22 16:35:37 ----SHD---- C:\System Volume Information
2012-04-22 16:19:20 ----D---- C:\Windows\Prefetch
2012-04-22 16:13:01 ----D---- C:\Windows\system32\catroot
2012-04-22 16:10:12 ----RSD---- C:\Windows\assembly
2012-04-21 16:23:57 ----D---- C:\Windows\SYSWOW64\en-US
2012-04-21 16:23:57 ----D---- C:\Windows\system32\en-US
2012-04-21 16:20:41 ----D---- C:\Windows\system32\catroot2
2012-04-21 16:07:42 ----D---- C:\Windows\SoftwareDistribution
2012-04-21 14:55:44 ----D---- C:\Program Files\ATI Technologies
2012-04-21 14:54:01 ----D---- C:\Windows\system32\DriverStore
2012-04-21 14:51:28 ----D---- C:\AMD
2012-04-21 14:21:15 ----D---- C:\ProgramData\Blizzard Entertainment
2012-04-21 14:20:12 ----D---- C:\ProgramData\PMB Files
2012-04-21 00:30:33 ----D---- C:\Users\Kvasna\AppData\Roaming\vlc
2012-04-20 17:49:06 ----D---- C:\Users\Kvasna\AppData\Roaming\Tropico 4
2012-04-19 14:41:29 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2012-04-11 21:16:04 ----D---- C:\Windows\SYSWOW64\migration
2012-04-11 21:16:04 ----D---- C:\Windows\system32\migration
2012-04-11 21:16:04 ----D---- C:\Program Files\Internet Explorer
2012-04-11 21:16:04 ----D---- C:\Program Files (x86)\Internet Explorer
2012-04-11 16:50:19 ----A---- C:\Windows\system32\MRT.exe
2012-04-11 11:57:24 ----D---- C:\Windows\system32\NDF
2012-04-11 11:56:52 ----D---- C:\ProgramData\ASUS
2012-04-03 07:38:49 ----D---- C:\Program Files\Common Files\System
2012-04-01 22:30:46 ----RSD---- C:\Windows\Fonts
2012-04-01 22:30:36 ----D---- C:\Windows\ShellNew
2012-04-01 22:30:35 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-04-01 22:30:35 ----D---- C:\Program Files\Common Files
2012-04-01 22:29:43 ----D---- C:\Program Files (x86)\MSBuild
2012-04-01 22:29:28 ----SD---- C:\ProgramData\Microsoft
2012-04-01 22:29:28 ----D---- C:\Program Files (x86)\Microsoft.NET
2012-04-01 11:01:46 ----D---- C:\Program Files (x86)\Battlelog Web Plugins
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSEH;AVGIDSEH; C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [2011-07-11 26704]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2011-09-13 37456]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2011-10-07 283728]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2011-08-08 46672]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2011-07-11 375376]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-02-24 283200]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 ghaio;ghaio; \??\C:\Program Files (x86)\ASUS\NB Probe\SPM\ghaio.sys [2007-08-03 17464]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-03-09 10857984]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-03-09 328704]
R3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-08-21 44032]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-03-02 1594368]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-02-23 95760]
R3 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [2011-07-11 120400]
R3 AVGIDSFilter;AVGIDSFilter; C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [2011-07-11 29776]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-05-25 2374560]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-04-21 76912]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-03-05 316464]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys []
S3 ipswuio;ipswuio; C:\Windows\System32\DRIVERS\ipswuio.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-23 154168]
S3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\Windows\system32\DRIVERS\xusb21.sys [2009-04-08 68992]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
R2 ADSMService;ADSM Service; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2008-03-31 225280]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-03-09 235520]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-11-09 96896]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 2343816]
R2 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2012-01-09 821592]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-09-30 262144]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-02-25 76888]
R2 spmgr;spmgr; C:\Program Files (x86)\ASUS\NB Probe\SPM\spmgr.exe [2007-08-03 125496]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2314240]
R2 vToolbarUpdater;vToolbarUpdater; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe [2012-04-22 246600]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-02-15 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-14 253088]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-03-24 489256]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-02-23 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Dnes jsem si zaviroval počítač a začalo to tímhle ˇˇ
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Dnes jsem si zaviroval počítač a začalo to tímhle ˇˇ
Jak jsem již naznačil v nadpise tématu. Nejde mi udělat ˇˇd ani ˇˇt, tak jsem se po tom začal hned pídit po googlu. No našel jsem pár téma na http://pc.poradna.net a zjistil jsem, že mám napadenej PC, poté jsem i zjistil, že nejspíš budu mít v PC Keylogger.Jelikož jsem našel cookie z atdmt.com. A začal jsem bejt hodně zoufalej... Poté mi najednou zmizela lišta startu, začal se mi vypínat firefox. na skypu to začalo rozesílat známejm, že jsem HOMO (ne všem jen pár lidem). Poté se mi otevřelo cmd a začalo si to se mnou psát. Zeptalo se mi to jestli mám paypal account odepsal jsem co mu je do toho. (vše bylo v angličtině), poté mi napsal, že jestli ho budu s tímhle provkovat tak mi totálně zničí PC, tak jsem mu psal aˇˇt mě nechá bejt a ono mi to odepsalo, že nikdy. Samo to ten cmd zavřelo a dál to bordelařilo, tak jsem odpojil PC od netu. Nevím co mám dělat. tady je mé téma na poradně - http://pc.poradna.net/q/view/808253-kli ... 85#r808485. Tak jsem to projel kasperskym recovery CD, nic nenašlo 2ma antivirákama a teˇˇd to projíždím AVGčkem. Zatím mi to našlo: Trojany v svchost.exe - Trojský kůn BackDoor.Generic15.AFAE a zde je můj log. Asi vás to nebude bavit číst... Je toho fakt moc.
-
Danstahr
- Přítel fóra
- Příspěvky: 1069
- Registrován: 28 říj 2006 20:23
- Bydliště: Londýn
- Kontaktovat uživatele:
Re: Dnes jsem si zaviroval počítač a začalo to tímhle ˇˇ
Dobrý večer 
,
udělejte ještě sken TDSSKillerem : (šablona © Vyosek)
Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe
,udělejte ještě sken TDSSKillerem : (šablona © Vyosek)
Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe
- Kliknete na volbu Change parametrs
- V obou oknech (Objects to scan i Additional Option) zakliknete vsechny moznosti - ve vsech ctvereccich musi mit fajecka
- Kliknete na OK
- Utilite prikazte, at skenuje - klik na Start Scan
- Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
- Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
- Pokud mate vsude Skip, kliknete na Continue
- Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte
Koupím trochu času, cenu respektuji.
-
Danstahr
- Přítel fóra
- Příspěvky: 1069
- Registrován: 28 říj 2006 20:23
- Bydliště: Londýn
- Kontaktovat uživatele:
Re: Dnes jsem si zaviroval počítač a začalo to tímhle ˇˇ
Ještě bych vás poprosil, abyste se držel postupů, které zde společně budeme provádět, a neaplikoval v průběhu léčby alternativní medicínu 
.
.Koupím trochu času, cenu respektuji.
Re: Dnes jsem si zaviroval počítač a začalo to tímhle ˇˇ
- 00:57:06.0385 6544 TDSS rootkit removing tool 2.7.31.0 Apr 20 2012 19:49:47
00:57:06.0920 6544 ============================================================
00:57:06.0920 6544 Current date / time: 2012/04/23 00:57:06.0920
00:57:06.0920 6544 SystemInfo:
00:57:06.0920 6544
00:57:06.0920 6544 OS Version: 6.1.7601 ServicePack: 1.0
00:57:06.0920 6544 Product type: Workstation
00:57:06.0920 6544 ComputerName: RAMBO-PC
00:57:06.0920 6544 UserName: Kvasna
00:57:06.0920 6544 Windows directory: C:\Windows
00:57:06.0920 6544 System windows directory: C:\Windows
00:57:06.0921 6544 Running under WOW64
00:57:06.0921 6544 Processor architecture: Intel x64
00:57:06.0921 6544 Number of processors: 8
00:57:06.0921 6544 Page size: 0x1000
00:57:06.0921 6544 Boot type: Normal boot
00:57:06.0921 6544 ============================================================
00:57:08.0196 6544 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:57:08.0418 6544 Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:57:08.0497 6544 Drive \Device\Harddisk3\DR3 - Size: 0x1D11B0000 (7.27 Gb), SectorSize: 0x200, Cylinders: 0x3B4, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
00:57:08.0501 6544 \Device\Harddisk0\DR0:
00:57:08.0502 6544 MBR partitions:
00:57:08.0502 6544 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
00:57:08.0502 6544 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x9150000
00:57:08.0502 6544 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x9182800, BlocksNum 0xC350000
00:57:08.0502 6544 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x154D2800, BlocksNum 0xFF5B800
00:57:08.0502 6544 \Device\Harddisk1\DR1:
00:57:08.0509 6544 MBR partitions:
00:57:08.0509 6544 \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2542D800
00:57:08.0509 6544 \Device\Harddisk3\DR3:
00:57:08.0510 6544 MBR partitions:
00:57:08.0510 6544 \Device\Harddisk3\DR3\Partition0: MBR, Type 0xC, StartLBA 0x1F80, BlocksNum 0xE86E00
00:57:08.0540 6544 C: <-> \Device\Harddisk0\DR0\Partition1
00:57:08.0585 6544 D: <-> \Device\Harddisk1\DR1\Partition0
00:57:08.0614 6544 E: <-> \Device\Harddisk0\DR0\Partition2
00:57:08.0710 6544 F: <-> \Device\Harddisk0\DR0\Partition3
00:57:08.0710 6544 Initialize success
00:57:08.0710 6544 ============================================================
00:57:35.0757 1304 ============================================================
00:57:35.0757 1304 Scan started
00:57:35.0757 1304 Mode: Manual; SigCheck; TDLFS;
00:57:35.0757 1304 ============================================================
00:57:36.0805 1304 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
00:57:36.0894 1304 1394ohci - ok
00:57:36.0964 1304 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
00:57:36.0982 1304 ACPI - ok
00:57:37.0001 1304 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
00:57:37.0086 1304 AcpiPmi - ok
00:57:37.0185 1304 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
00:57:37.0197 1304 AdobeARMservice - ok
00:57:37.0305 1304 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
00:57:37.0319 1304 AdobeFlashPlayerUpdateSvc - ok
00:57:37.0390 1304 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
00:57:37.0437 1304 adp94xx - ok
00:57:37.0643 1304 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
00:57:37.0661 1304 adpahci - ok
00:57:37.0690 1304 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
00:57:37.0719 1304 adpu320 - ok
00:57:37.0795 1304 ADSMService (c0bf554d2277f7a4c735d475ade2e3b2) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
00:57:37.0821 1304 ADSMService ( UnsignedFile.Multi.Generic ) - warning
00:57:37.0822 1304 ADSMService - detected UnsignedFile.Multi.Generic (1)
00:57:37.0863 1304 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
00:57:37.0988 1304 AeLookupSvc - ok
00:57:38.0055 1304 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
00:57:38.0090 1304 AFD - ok
00:57:38.0149 1304 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
00:57:38.0162 1304 agp440 - ok
00:57:38.0203 1304 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
00:57:38.0239 1304 ALG - ok
00:57:38.0253 1304 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
00:57:38.0277 1304 aliide - ok
00:57:38.0318 1304 AMD External Events Utility (2aed9a422ea1574c7d7ef9359a417718) C:\Windows\system32\atiesrxx.exe
00:57:38.0423 1304 AMD External Events Utility - ok
00:57:38.0471 1304 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
00:57:38.0485 1304 amdide - ok
00:57:38.0516 1304 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
00:57:38.0550 1304 AmdK8 - ok
00:57:38.0737 1304 amdkmdag (bfa5e854959d5546d8834ca61f4ad075) C:\Windows\system32\DRIVERS\atikmdag.sys
00:57:39.0055 1304 amdkmdag - ok
00:57:39.0085 1304 amdkmdap (92d664fffcd9e742fb25254f7f458d88) C:\Windows\system32\DRIVERS\atikmpag.sys
00:57:39.0149 1304 amdkmdap - ok
00:57:39.0184 1304 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
00:57:39.0221 1304 AmdPPM - ok
00:57:39.0273 1304 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
00:57:39.0292 1304 amdsata - ok
00:57:39.0312 1304 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
00:57:39.0342 1304 amdsbs - ok
00:57:39.0380 1304 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
00:57:39.0394 1304 amdxata - ok
00:57:39.0448 1304 AmUStor (9c7f164b49cadc658d1b3c575782f346) C:\Windows\system32\drivers\AmUStor.SYS
00:57:39.0496 1304 AmUStor - ok
00:57:39.0573 1304 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
00:57:39.0732 1304 AppID - ok
00:57:39.0759 1304 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
00:57:39.0803 1304 AppIDSvc - ok
00:57:39.0850 1304 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
00:57:39.0896 1304 Appinfo - ok
00:57:39.0940 1304 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
00:57:39.0972 1304 AppMgmt - ok
00:57:40.0021 1304 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
00:57:40.0035 1304 arc - ok
00:57:40.0062 1304 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
00:57:40.0075 1304 arcsas - ok
00:57:40.0150 1304 ASLDRService (18e5c2f937f9deb8c282df66a3761925) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
00:57:40.0171 1304 ASLDRService - ok
00:57:40.0209 1304 ASMMAP64 (4c016fd76ed5c05e84ca8cab77993961) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
00:57:40.0219 1304 ASMMAP64 - ok
00:57:40.0301 1304 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
00:57:40.0313 1304 aspnet_state - ok
00:57:40.0358 1304 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
00:57:40.0403 1304 AsyncMac - ok
00:57:40.0449 1304 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
00:57:40.0460 1304 atapi - ok
00:57:40.0515 1304 athr (f8633cdd09647a64ee8db550630427ff) C:\Windows\system32\DRIVERS\athrx.sys
00:57:40.0618 1304 athr - ok
00:57:40.0670 1304 AtiHDAudioService (24464b908e143d2561e9e452fee97309) C:\Windows\system32\drivers\AtihdW76.sys
00:57:40.0682 1304 AtiHDAudioService - ok
00:57:40.0753 1304 ATKGFNEXSrv (63f1212ffe13e62ca1e8d8ee19abd9a7) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
00:57:40.0765 1304 ATKGFNEXSrv - ok
00:57:40.0811 1304 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
00:57:40.0871 1304 AudioEndpointBuilder - ok
00:57:40.0881 1304 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
00:57:40.0915 1304 AudioSrv - ok
00:57:41.0184 1304 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
00:57:41.0239 1304 AVGIDSAgent - ok
00:57:41.0348 1304 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
00:57:41.0360 1304 AVGIDSDriver - ok
00:57:41.0416 1304 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
00:57:41.0427 1304 AVGIDSEH - ok
00:57:41.0455 1304 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
00:57:41.0465 1304 AVGIDSFilter - ok
00:57:41.0540 1304 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
00:57:41.0555 1304 Avgldx64 - ok
00:57:41.0638 1304 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
00:57:41.0649 1304 Avgmfx64 - ok
00:57:41.0706 1304 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
00:57:41.0718 1304 Avgrkx64 - ok
00:57:41.0771 1304 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
00:57:41.0787 1304 Avgtdia - ok
00:57:41.0971 1304 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
00:57:41.0984 1304 avgwd - ok
00:57:42.0092 1304 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
00:57:42.0170 1304 AxInstSV - ok
00:57:42.0245 1304 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
00:57:42.0291 1304 b06bdrv - ok
00:57:42.0345 1304 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
00:57:42.0372 1304 b57nd60a - ok
00:57:42.0429 1304 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
00:57:42.0464 1304 BDESVC - ok
00:57:42.0504 1304 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
00:57:42.0554 1304 Beep - ok
00:57:42.0648 1304 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
00:57:42.0710 1304 BFE - ok
00:57:42.0738 1304 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
00:57:42.0807 1304 BITS - ok
00:57:42.0856 1304 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
00:57:42.0878 1304 blbdrive - ok
00:57:42.0936 1304 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
00:57:42.0968 1304 bowser - ok
00:57:42.0990 1304 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
00:57:43.0043 1304 BrFiltLo - ok
00:57:43.0056 1304 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
00:57:43.0098 1304 BrFiltUp - ok
00:57:43.0139 1304 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
00:57:43.0180 1304 Browser - ok
00:57:43.0197 1304 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
00:57:43.0252 1304 Brserid - ok
00:57:43.0264 1304 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
00:57:43.0289 1304 BrSerWdm - ok
00:57:43.0301 1304 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
00:57:43.0346 1304 BrUsbMdm - ok
00:57:43.0357 1304 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
00:57:43.0385 1304 BrUsbSer - ok
00:57:43.0431 1304 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
00:57:43.0482 1304 BthEnum - ok
00:57:43.0500 1304 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
00:57:43.0530 1304 BTHMODEM - ok
00:57:43.0572 1304 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
00:57:43.0606 1304 BthPan - ok
00:57:43.0666 1304 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
00:57:43.0701 1304 BTHPORT - ok
00:57:43.0737 1304 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
00:57:43.0779 1304 bthserv - ok
00:57:43.0805 1304 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
00:57:43.0841 1304 BTHUSB - ok
00:57:43.0880 1304 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
00:57:43.0934 1304 cdfs - ok
00:57:43.0970 1304 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
00:57:44.0010 1304 cdrom - ok
00:57:44.0052 1304 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
00:57:44.0125 1304 CertPropSvc - ok
00:57:44.0164 1304 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
00:57:44.0196 1304 circlass - ok
00:57:44.0227 1304 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
00:57:44.0246 1304 CLFS - ok
00:57:44.0305 1304 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:57:44.0317 1304 clr_optimization_v2.0.50727_32 - ok
00:57:44.0356 1304 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:57:44.0368 1304 clr_optimization_v2.0.50727_64 - ok
00:57:44.0441 1304 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:57:44.0452 1304 clr_optimization_v4.0.30319_32 - ok
00:57:44.0481 1304 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:57:44.0494 1304 clr_optimization_v4.0.30319_64 - ok
00:57:44.0548 1304 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
00:57:44.0579 1304 CmBatt - ok
00:57:44.0624 1304 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
00:57:44.0650 1304 cmdide - ok
00:57:44.0723 1304 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
00:57:44.0758 1304 CNG - ok
00:57:44.0788 1304 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
00:57:44.0801 1304 Compbatt - ok
00:57:44.0843 1304 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
00:57:44.0860 1304 CompositeBus - ok
00:57:44.0869 1304 COMSysApp - ok
00:57:44.0889 1304 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
00:57:44.0912 1304 crcdisk - ok
00:57:44.0952 1304 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
00:57:45.0002 1304 CryptSvc - ok
00:57:45.0069 1304 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
00:57:45.0117 1304 CSC - ok
00:57:45.0156 1304 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
00:57:45.0200 1304 CscService - ok
00:57:45.0384 1304 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
00:57:45.0443 1304 DcomLaunch - ok
00:57:45.0484 1304 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
00:57:45.0519 1304 defragsvc - ok
00:57:45.0561 1304 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
00:57:45.0601 1304 DfsC - ok
00:57:45.0634 1304 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
00:57:45.0696 1304 Dhcp - ok
00:57:45.0732 1304 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
00:57:45.0780 1304 discache - ok
00:57:45.0815 1304 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
00:57:45.0829 1304 Disk - ok
00:57:45.0863 1304 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
00:57:45.0910 1304 Dnscache - ok
00:57:45.0948 1304 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
00:57:45.0988 1304 dot3svc - ok
00:57:46.0024 1304 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
00:57:46.0065 1304 DPS - ok
00:57:46.0087 1304 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
00:57:46.0110 1304 drmkaud - ok
00:57:46.0147 1304 dtsoftbus01 (46571ed73ae84469dca53081d33cf3c8) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
00:57:46.0162 1304 dtsoftbus01 - ok
00:57:46.0213 1304 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
00:57:46.0255 1304 DXGKrnl - ok
00:57:46.0294 1304 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
00:57:46.0333 1304 EapHost - ok
00:57:46.0409 1304 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
00:57:46.0509 1304 ebdrv - ok
00:57:46.0544 1304 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
00:57:46.0577 1304 EFS - ok
00:57:46.0638 1304 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
00:57:46.0694 1304 ehRecvr - ok
00:57:46.0721 1304 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
00:57:46.0775 1304 ehSched - ok
00:57:46.0835 1304 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
00:57:46.0857 1304 elxstor - ok
00:57:46.0899 1304 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
00:57:46.0921 1304 ErrDev - ok
00:57:46.0956 1304 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
00:57:47.0001 1304 EventSystem - ok
00:57:47.0026 1304 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
00:57:47.0069 1304 exfat - ok
00:57:47.0088 1304 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
00:57:47.0134 1304 fastfat - ok
00:57:47.0183 1304 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
00:57:47.0226 1304 Fax - ok
00:57:47.0242 1304 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
00:57:47.0269 1304 fdc - ok
00:57:47.0302 1304 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
00:57:47.0349 1304 fdPHost - ok
00:57:47.0366 1304 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
00:57:47.0407 1304 FDResPub - ok
00:57:47.0455 1304 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
00:57:47.0469 1304 FileInfo - ok
00:57:47.0563 1304 FileMonitor (060cc45cecae2feaff9c8c52d8fafaa8) C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys
00:57:47.0574 1304 FileMonitor - ok
00:57:47.0600 1304 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
00:57:47.0641 1304 Filetrace - ok
00:57:47.0660 1304 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
00:57:47.0674 1304 flpydisk - ok
00:57:47.0712 1304 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
00:57:47.0730 1304 FltMgr - ok
00:57:47.0794 1304 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
00:57:47.0861 1304 FontCache - ok
00:57:47.0916 1304 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:57:47.0928 1304 FontCache3.0.0.0 - ok
00:57:47.0950 1304 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
00:57:47.0964 1304 FsDepends - ok
00:57:48.0012 1304 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
00:57:48.0025 1304 Fs_Rec - ok
00:57:48.0077 1304 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
00:57:48.0096 1304 fvevol - ok
00:57:48.0124 1304 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
00:57:48.0146 1304 gagp30kx - ok
00:57:48.0229 1304 GGSAFERDriver - ok
00:57:48.0290 1304 ghaio (7d66ebde8b7f9b4e00beefeee82670d4) C:\Program Files (x86)\ASUS\NB Probe\SPM\ghaio.sys
00:57:48.0301 1304 ghaio - ok
00:57:48.0382 1304 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
00:57:48.0464 1304 gpsvc - ok
00:57:48.0517 1304 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
00:57:48.0528 1304 hamachi - ok
00:57:48.0626 1304 Hamachi2Svc (d483dbaef409e8ab7477c28615fcd853) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
00:57:48.0692 1304 Hamachi2Svc - ok
00:57:48.0725 1304 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
00:57:48.0778 1304 hcw85cir - ok
00:57:48.0838 1304 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
00:57:48.0869 1304 HdAudAddService - ok
00:57:48.0904 1304 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
00:57:48.0931 1304 HDAudBus - ok
00:57:48.0961 1304 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
00:57:48.0973 1304 HECIx64 - ok
00:57:48.0992 1304 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
00:57:49.0018 1304 HidBatt - ok
00:57:49.0045 1304 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
00:57:49.0070 1304 HidBth - ok
00:57:49.0105 1304 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
00:57:49.0122 1304 HidIr - ok
00:57:49.0154 1304 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
00:57:49.0191 1304 hidserv - ok
00:57:49.0226 1304 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
00:57:49.0241 1304 HidUsb - ok
00:57:49.0282 1304 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
00:57:49.0327 1304 hkmsvc - ok
00:57:49.0372 1304 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
00:57:49.0418 1304 HomeGroupListener - ok
00:57:49.0452 1304 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
00:57:49.0480 1304 HomeGroupProvider - ok
00:57:49.0538 1304 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
00:57:49.0552 1304 HpSAMD - ok
00:57:49.0612 1304 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
00:57:49.0669 1304 HTTP - ok
00:57:49.0708 1304 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
00:57:49.0721 1304 hwpolicy - ok
00:57:49.0758 1304 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
00:57:49.0773 1304 i8042prt - ok
00:57:49.0839 1304 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
00:57:49.0859 1304 iaStorV - ok
00:57:49.0954 1304 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
00:57:49.0971 1304 IDriverT ( UnsignedFile.Multi.Generic ) - warning
00:57:49.0971 1304 IDriverT - detected UnsignedFile.Multi.Generic (1)
00:57:50.0043 1304 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:57:50.0083 1304 idsvc - ok
00:57:50.0162 1304 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
00:57:50.0175 1304 iirsp - ok
00:57:50.0240 1304 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
00:57:50.0303 1304 IKEEXT - ok
00:57:50.0399 1304 IMFservice (8ae99ebe30e8338907361018d9030835) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
00:57:50.0432 1304 IMFservice - ok
00:57:50.0521 1304 IntcAzAudAddService (b88e24bd77a0ce2cffee2facf1151be0) C:\Windows\system32\drivers\RTKVHD64.sys
00:57:50.0646 1304 IntcAzAudAddService - ok
00:57:50.0683 1304 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
00:57:50.0695 1304 intelide - ok
00:57:50.0743 1304 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
00:57:50.0768 1304 intelppm - ok
00:57:50.0798 1304 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
00:57:50.0837 1304 IPBusEnum - ok
00:57:50.0890 1304 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:57:50.0935 1304 IpFilterDriver - ok
00:57:50.0979 1304 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
00:57:51.0030 1304 iphlpsvc - ok
00:57:51.0062 1304 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
00:57:51.0087 1304 IPMIDRV - ok
00:57:51.0114 1304 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
00:57:51.0161 1304 IPNAT - ok
00:57:51.0170 1304 ipswuio - ok
00:57:51.0201 1304 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
00:57:51.0266 1304 IRENUM - ok
00:57:51.0300 1304 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
00:57:51.0314 1304 isapnp - ok
00:57:51.0344 1304 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
00:57:51.0363 1304 iScsiPrt - ok
00:57:51.0388 1304 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
00:57:51.0403 1304 kbdclass - ok
00:57:51.0423 1304 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
00:57:51.0448 1304 kbdhid - ok
00:57:51.0481 1304 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
00:57:51.0493 1304 kbfiltr - ok
00:57:51.0527 1304 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
00:57:51.0542 1304 KeyIso - ok
00:57:51.0561 1304 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
00:57:51.0576 1304 KSecDD - ok
00:57:51.0600 1304 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
00:57:51.0616 1304 KSecPkg - ok
00:57:51.0644 1304 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
00:57:51.0684 1304 ksthunk - ok
00:57:51.0711 1304 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
00:57:51.0779 1304 KtmRm - ok
00:57:51.0805 1304 L1C (9ddc68b87a9b837736a2b193ee14a4a5) C:\Windows\system32\DRIVERS\L1C62x64.sys
00:57:51.0817 1304 L1C - ok
00:57:51.0870 1304 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
00:57:51.0926 1304 LanmanServer - ok
00:57:51.0983 1304 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
00:57:52.0028 1304 LanmanWorkstation - ok
00:57:52.0077 1304 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
00:57:52.0112 1304 lltdio - ok
00:57:52.0136 1304 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
00:57:52.0185 1304 lltdsvc - ok
00:57:52.0208 1304 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
00:57:52.0239 1304 lmhosts - ok
00:57:52.0288 1304 LMS (a1c148801b4af64847aeb9f3ad9594ef) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
00:57:52.0308 1304 LMS ( UnsignedFile.Multi.Generic ) - warning
00:57:52.0308 1304 LMS - detected UnsignedFile.Multi.Generic (1)
00:57:52.0353 1304 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
00:57:52.0370 1304 LSI_FC - ok
00:57:52.0396 1304 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
00:57:52.0410 1304 LSI_SAS - ok
00:57:52.0434 1304 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
00:57:52.0459 1304 LSI_SAS2 - ok
00:57:52.0478 1304 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
00:57:52.0493 1304 LSI_SCSI - ok
00:57:52.0514 1304 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
00:57:52.0560 1304 luafv - ok
00:57:52.0598 1304 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
00:57:52.0625 1304 Mcx2Svc - ok
00:57:52.0649 1304 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
00:57:52.0663 1304 megasas - ok
00:57:52.0685 1304 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
00:57:52.0702 1304 MegaSR - ok
00:57:52.0777 1304 Microsoft SharePoint Workspace Audit Service - ok
00:57:52.0811 1304 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
00:57:52.0867 1304 MMCSS - ok
00:57:52.0889 1304 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
00:57:52.0945 1304 Modem - ok
00:57:52.0972 1304 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
00:57:52.0996 1304 monitor - ok
00:57:53.0027 1304 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
00:57:53.0042 1304 mouclass - ok
00:57:53.0080 1304 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
00:57:53.0104 1304 mouhid - ok
00:57:53.0140 1304 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
00:57:53.0155 1304 mountmgr - ok
00:57:53.0194 1304 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
00:57:53.0210 1304 mpio - ok
00:57:53.0226 1304 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
00:57:53.0271 1304 mpsdrv - ok
00:57:53.0314 1304 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
00:57:53.0375 1304 MpsSvc - ok
00:57:53.0413 1304 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
00:57:53.0447 1304 MRxDAV - ok
00:57:53.0473 1304 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
00:57:53.0510 1304 mrxsmb - ok
00:57:53.0532 1304 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:57:53.0562 1304 mrxsmb10 - ok
00:57:53.0583 1304 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:57:53.0600 1304 mrxsmb20 - ok
00:57:53.0639 1304 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
00:57:53.0654 1304 msahci - ok
00:57:53.0677 1304 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
00:57:53.0695 1304 msdsm - ok
00:57:53.0729 1304 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
00:57:53.0758 1304 MSDTC - ok
00:57:53.0794 1304 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
00:57:53.0827 1304 Msfs - ok
00:57:53.0841 1304 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
00:57:53.0880 1304 mshidkmdf - ok
00:57:53.0897 1304 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
00:57:53.0910 1304 msisadrv - ok
00:57:53.0965 1304 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
00:57:54.0014 1304 MSiSCSI - ok
00:57:54.0022 1304 msiserver - ok
00:57:54.0044 1304 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
00:57:54.0084 1304 MSKSSRV - ok
00:57:54.0100 1304 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
00:57:54.0132 1304 MSPCLOCK - ok
00:57:54.0153 1304 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
00:57:54.0196 1304 MSPQM - ok
00:57:54.0233 1304 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
00:57:54.0251 1304 MsRPC - ok
00:57:54.0273 1304 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
00:57:54.0287 1304 mssmbios - ok
00:57:54.0310 1304 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
00:57:54.0341 1304 MSTEE - ok
00:57:54.0360 1304 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
00:57:54.0392 1304 MTConfig - ok
00:57:54.0429 1304 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys
00:57:54.0441 1304 MTsensor - ok
00:57:54.0473 1304 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
00:57:54.0487 1304 Mup - ok
00:57:54.0534 1304 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
00:57:54.0577 1304 napagent - ok
00:57:54.0622 1304 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
00:57:54.0657 1304 NativeWifiP - ok
00:57:54.0701 1304 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
00:57:54.0745 1304 NDIS - ok
00:57:54.0777 1304 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
00:57:54.0817 1304 NdisCap - ok
00:57:54.0849 1304 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
00:57:54.0885 1304 NdisTapi - ok
00:57:54.0926 1304 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
00:57:54.0958 1304 Ndisuio - ok
00:57:55.0009 1304 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
00:57:55.0051 1304 NdisWan - ok
00:57:55.0107 1304 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
00:57:55.0155 1304 NDProxy - ok
00:57:55.0172 1304 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
00:57:55.0212 1304 NetBIOS - ok
00:57:55.0243 1304 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
00:57:55.0281 1304 NetBT - ok
00:57:55.0305 1304 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
00:57:55.0319 1304 Netlogon - ok
00:57:55.0364 1304 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
00:57:55.0411 1304 Netman - ok
00:57:55.0489 1304 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:57:55.0503 1304 NetMsmqActivator - ok
00:57:55.0507 1304 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:57:55.0518 1304 NetPipeActivator - ok
00:57:55.0546 1304 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
00:57:55.0593 1304 netprofm - ok
00:57:55.0613 1304 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:57:55.0624 1304 NetTcpActivator - ok
00:57:55.0627 1304 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:57:55.0639 1304 NetTcpPortSharing - ok
00:57:55.0691 1304 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
00:57:55.0705 1304 nfrd960 - ok
00:57:55.0753 1304 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
00:57:55.0806 1304 NlaSvc - ok
00:57:55.0829 1304 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
00:57:55.0871 1304 Npfs - ok
00:57:55.0895 1304 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
00:57:55.0939 1304 nsi - ok
00:57:55.0958 1304 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
00:57:56.0002 1304 nsiproxy - ok
00:57:56.0057 1304 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
00:57:56.0114 1304 Ntfs - ok
00:57:56.0138 1304 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
00:57:56.0183 1304 Null - ok
00:57:56.0229 1304 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
00:57:56.0246 1304 nvraid - ok
00:57:56.0266 1304 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
00:57:56.0282 1304 nvstor - ok
00:57:56.0328 1304 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
00:57:56.0343 1304 nv_agp - ok
00:57:56.0368 1304 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
00:57:56.0389 1304 ohci1394 - ok
00:57:56.0459 1304 ose64 (4965b005492cba7719e82b71e3245495) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:57:56.0475 1304 ose64 - ok
00:57:56.0598 1304 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
00:57:56.0738 1304 osppsvc - ok
00:57:56.0772 1304 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
00:57:56.0807 1304 p2pimsvc - ok
00:57:56.0831 1304 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
00:57:56.0852 1304 p2psvc - ok
00:57:56.0879 1304 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
00:57:56.0895 1304 Parport - ok
00:57:56.0934 1304 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
00:57:56.0950 1304 partmgr - ok
00:57:56.0970 1304 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
00:57:57.0003 1304 PcaSvc - ok
00:57:57.0059 1304 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
00:57:57.0077 1304 pci - ok
00:57:57.0099 1304 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
00:57:57.0112 1304 pciide - ok
00:57:57.0136 1304 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
00:57:57.0154 1304 pcmcia - ok
00:57:57.0176 1304 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
00:57:57.0190 1304 pcw - ok
00:57:57.0223 1304 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
00:57:57.0286 1304 PEAUTH - ok
00:57:57.0321 1304 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
00:57:57.0382 1304 PeerDistSvc - ok
00:57:57.0442 1304 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
00:57:57.0464 1304 PerfHost - ok
00:57:57.0528 1304 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
00:57:57.0603 1304 pla - ok
00:57:57.0643 1304 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
00:57:57.0679 1304 PlugPlay - ok
00:57:57.0695 1304 PnkBstrA - ok
00:57:57.0717 1304 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
00:57:57.0752 1304 PNRPAutoReg - ok
00:57:57.0771 1304 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
00:57:57.0786 1304 PNRPsvc - ok
00:57:57.0837 1304 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
00:57:57.0885 1304 PolicyAgent - ok
00:57:57.0927 1304 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
00:57:57.0967 1304 Power - ok
00:57:58.0020 1304 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
00:57:58.0064 1304 PptpMiniport - ok
00:57:58.0089 1304 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
00:57:58.0119 1304 Processor - ok
00:57:58.0161 1304 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
00:57:58.0211 1304 ProfSvc - ok
00:57:58.0242 1304 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
00:57:58.0267 1304 ProtectedStorage - ok
00:57:58.0307 1304 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
00:57:58.0351 1304 Psched - ok
00:57:58.0404 1304 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
00:57:58.0463 1304 ql2300 - ok
00:57:58.0484 1304 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
00:57:58.0499 1304 ql40xx - ok
00:57:58.0531 1304 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
00:57:58.0553 1304 QWAVE - ok
00:57:58.0576 1304 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
00:57:58.0602 1304 QWAVEdrv - ok
00:57:58.0625 1304 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
00:57:58.0663 1304 RasAcd - ok
00:57:58.0696 1304 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
00:57:58.0728 1304 RasAgileVpn - ok
00:57:58.0751 1304 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
00:57:58.0789 1304 RasAuto - ok
00:57:58.0826 1304 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
00:57:58.0869 1304 Rasl2tp - ok
00:57:58.0913 1304 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
00:57:58.0950 1304 RasMan - ok
00:57:58.0969 1304 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
00:57:59.0002 1304 RasPppoe - ok
00:57:59.0033 1304 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
00:57:59.0074 1304 RasSstp - ok
00:57:59.0126 1304 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
00:57:59.0173 1304 rdbss - ok
00:57:59.0198 1304 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
00:57:59.0215 1304 rdpbus - ok
00:57:59.0231 1304 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
00:57:59.0266 1304 RDPCDD - ok
00:57:59.0306 1304 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
00:57:59.0341 1304 RDPDR - ok
00:57:59.0356 1304 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
00:57:59.0397 1304 RDPENCDD - ok
00:57:59.0435 1304 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
00:57:59.0475 1304 RDPREFMP - ok
00:57:59.0529 1304 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
00:57:59.0550 1304 RdpVideoMiniport - ok
00:57:59.0592 1304 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
00:57:59.0632 1304 RDPWD - ok
00:57:59.0654 1304 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
00:57:59.0671 1304 rdyboost - ok
00:57:59.0778 1304 RegFilter (c7de6f41b1a734ea70bd2dc67235becc) C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys
00:57:59.0789 1304 RegFilter - ok
00:57:59.0818 1304 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
00:57:59.0854 1304 RemoteAccess - ok
00:57:59.0884 1304 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
00:57:59.0924 1304 RemoteRegistry - ok
00:57:59.0973 1304 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
00:57:59.0998 1304 RFCOMM - ok
00:58:00.0047 1304 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
00:58:00.0093 1304 RpcEptMapper - ok
00:58:00.0171 1304 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
00:58:00.0204 1304 RpcLocator - ok
00:58:00.0300 1304 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
00:58:00.0333 1304 RpcSs - ok
00:58:00.0371 1304 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
00:58:00.0404 1304 rspndr - ok
00:58:00.0424 1304 RTHDMIAzAudService - ok
00:58:00.0461 1304 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
00:58:00.0495 1304 s3cap - ok
00:58:00.0528 1304 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
00:58:00.0541 1304 SamSs - ok
00:58:00.0596 1304 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
00:58:00.0611 1304 sbp2port - ok
00:58:00.0646 1304 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
00:58:00.0682 1304 SCardSvr - ok
00:58:00.0722 1304 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
00:58:00.0766 1304 scfilter - ok
00:58:00.0821 1304 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
00:58:00.0892 1304 Schedule - ok
00:58:00.0924 1304 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
00:58:00.0955 1304 SCPolicySvc - ok
00:58:00.0986 1304 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
00:58:01.0027 1304 SDRSVC - ok
00:58:01.0060 1304 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
00:58:01.0092 1304 secdrv - ok
00:58:01.0134 1304 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
00:58:01.0192 1304 seclogon - ok
00:58:01.0230 1304 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
00:58:01.0264 1304 SENS - ok
00:58:01.0284 1304 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
00:58:01.0305 1304 SensrSvc - ok
00:58:01.0331 1304 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
00:58:01.0350 1304 Serenum - ok
00:58:01.0377 1304 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
00:58:01.0393 1304 Serial - ok
00:58:01.0424 1304 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
00:58:01.0445 1304 sermouse - ok
00:58:01.0486 1304 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
00:58:01.0519 1304 SessionEnv - ok
00:58:01.0552 1304 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
00:58:01.0579 1304 sffdisk - ok
00:58:01.0599 1304 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
00:58:01.0624 1304 sffp_mmc - ok
00:58:01.0648 1304 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
00:58:01.0679 1304 sffp_sd - ok
00:58:01.0705 1304 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
00:58:01.0732 1304 sfloppy - ok
00:58:01.0767 1304 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
00:58:01.0819 1304 SharedAccess - ok
00:58:01.0858 1304 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
00:58:01.0906 1304 ShellHWDetection - ok
00:58:01.0939 1304 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
00:58:01.0967 1304 SiSRaid2 - ok
00:58:01.0993 1304 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
00:58:02.0010 1304 SiSRaid4 - ok
00:58:02.0051 1304 SkypeUpdate (db0405d9aad62f0762e0876ac142b7e1) C:\Program Files (x86)\Skype\Updater\Updater.exe
00:58:02.0065 1304 SkypeUpdate - ok
00:58:02.0091 1304 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
00:58:02.0129 1304 Smb - ok
00:58:02.0185 1304 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
00:58:02.0207 1304 SNMPTRAP - ok
00:58:02.0226 1304 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
00:58:02.0241 1304 spldr - ok
00:58:02.0296 1304 spmgr (739db668dbd812285ecc553e64a5e212) C:\Program Files (x86)\ASUS\NB Probe\SPM\spmgr.exe
00:58:02.0309 1304 spmgr - ok
00:58:02.0351 1304 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
00:58:02.0391 1304 Spooler - ok
00:58:02.0481 1304 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
00:58:02.0590 1304 sppsvc - ok
00:58:02.0611 1304 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
00:58:02.0656 1304 sppuinotify - ok
00:58:02.0694 1304 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
00:58:02.0735 1304 srv - ok
00:58:02.0763 1304 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
00:58:02.0783 1304 srv2 - ok
00:58:02.0805 1304 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
00:58:02.0830 1304 srvnet - ok
00:58:02.0864 1304 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
00:58:02.0913 1304 SSDPSRV - ok
00:58:02.0924 1304 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
00:58:02.0956 1304 SstpSvc - ok
00:58:02.0993 1304 Steam Client Service - ok
00:58:03.0024 1304 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
00:58:03.0040 1304 stexstor - ok
00:58:03.0095 1304 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
00:58:03.0137 1304 stisvc - ok
00:58:03.0172 1304 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
00:58:03.0187 1304 storflt - ok
00:58:03.0245 1304 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
00:58:03.0259 1304 storvsc - ok
00:58:03.0288 1304 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
00:58:03.0303 1304 swenum - ok
00:58:03.0386 1304 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
00:58:03.0415 1304 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
00:58:03.0415 1304 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
00:58:03.0460 1304 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
00:58:03.0507 1304 swprv - ok
00:58:03.0524 1304 Synth3dVsc - ok
00:58:03.0567 1304 SynTP (01a658167619075baad31c96074c0b38) C:\Windows\system32\DRIVERS\SynTP.sys
00:58:03.0586 1304 SynTP - ok
00:58:03.0642 1304 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
00:58:03.0710 1304 SysMain - ok
00:58:03.0745 1304 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
00:58:03.0773 1304 TabletInputService - ok
00:58:03.0814 1304 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
00:58:03.0859 1304 TapiSrv - ok
00:58:03.0899 1304 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
00:58:03.0938 1304 TBS - ok
00:58:04.0005 1304 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
00:58:04.0063 1304 Tcpip - ok
00:58:04.0120 1304 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
00:58:04.0154 1304 TCPIP6 - ok
00:58:04.0193 1304 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
00:58:04.0240 1304 tcpipreg - ok
00:58:04.0273 1304 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
00:58:04.0310 1304 TDPIPE - ok
00:58:04.0349 1304 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
00:58:04.0375 1304 TDTCP - ok
00:58:04.0419 1304 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
00:58:04.0468 1304 tdx - ok
00:58:04.0523 1304 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
00:58:04.0540 1304 TermDD - ok
00:58:04.0583 1304 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
00:58:04.0644 1304 TermService - ok
00:58:04.0671 1304 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
00:58:04.0695 1304 Themes - ok
00:58:04.0716 1304 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
00:58:04.0750 1304 THREADORDER - ok
00:58:04.0768 1304 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
00:58:04.0811 1304 TrkWks - ok
00:58:04.0843 1304 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
00:58:04.0878 1304 TrustedInstaller - ok
00:58:04.0917 1304 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
00:58:04.0954 1304 tssecsrv - ok
00:58:04.0993 1304 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
00:58:05.0044 1304 TsUsbFlt - ok
00:58:05.0055 1304 tsusbhub - ok
00:58:05.0098 1304 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
00:58:05.0138 1304 tunnel - ok
00:58:05.0169 1304 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
00:58:05.0185 1304 uagp35 - ok
00:58:05.0225 1304 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
00:58:05.0264 1304 udfs - ok
00:58:05.0302 1304 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
00:58:05.0322 1304 UI0Detect - ok
00:58:05.0376 1304 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
00:58:05.0392 1304 uliagpkx - ok
00:58:05.0412 1304 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
00:58:05.0438 1304 umbus - ok
00:58:05.0469 1304 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
00:58:05.0495 1304 UmPass - ok
00:58:05.0536 1304 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
00:58:05.0554 1304 UmRdpService - ok
00:58:05.0645 1304 UNS (41118d920b2b268c0adc36421248cdcf) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
00:58:05.0688 1304 UNS ( UnsignedFile.Multi.Generic ) - warning
00:58:05.0688 1304 UNS - detected UnsignedFile.Multi.Generic (1)
00:58:05.0727 1304 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
00:58:05.0777 1304 upnphost - ok
00:58:05.0879 1304 UrlFilter (82520fe7a49765e76281dcc7d90c09f6) C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys
00:58:05.0891 1304 UrlFilter - ok
00:58:05.0941 1304 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
00:58:05.0974 1304 usbccgp - ok
00:58:06.0023 1304 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
00:58:06.0064 1304 usbcir - ok
00:58:06.0095 1304 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
00:58:06.0125 1304 usbehci - ok
00:58:06.0151 1304 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
00:58:06.0185 1304 usbhub - ok
00:58:06.0216 1304 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
00:58:06.0236 1304 usbohci - ok
00:58:06.0304 1304 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
00:58:06.0322 1304 usbprint - ok
00:58:06.0369 1304 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
00:58:06.0398 1304 usbscan - ok
00:58:06.0417 1304 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:58:06.0457 1304 USBSTOR - ok
00:58:06.0476 1304 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
00:58:06.0497 1304 usbuhci - ok
00:58:06.0531 1304 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
00:58:06.0564 1304 usbvideo - ok
00:58:06.0596 1304 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
00:58:06.0640 1304 UxSms - ok
00:58:06.0667 1304 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
00:58:06.0691 1304 VaultSvc - ok
00:58:06.0725 1304 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
00:58:06.0741 1304 vdrvroot - ok
00:58:06.0781 1304 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
00:58:06.0819 1304 vds - ok
00:58:06.0855 1304 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
00:58:06.0872 1304 vga - ok
00:58:06.0896 1304 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
00:58:06.0940 1304 VgaSave - ok
00:58:06.0962 1304 VGPU - ok
00:58:07.0005 1304 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
00:58:07.0024 1304 vhdmp - ok
00:58:07.0053 1304 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
00:58:07.0068 1304 viaide - ok
00:58:07.0102 1304 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
00:58:07.0120 1304 vmbus - ok
00:58:07.0160 1304 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
00:58:07.0188 1304 VMBusHID - ok
00:58:07.0216 1304 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
00:58:07.0233 1304 volmgr - ok
00:58:07.0277 1304 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
00:58:07.0299 1304 volmgrx - ok
00:58:07.0337 1304 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
00:58:07.0357 1304 volsnap - ok
00:58:07.0403 1304 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
00:58:07.0428 1304 vsmraid - ok
00:58:07.0485 1304 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
00:58:07.0566 1304 VSS - ok
00:58:07.0643 1304 vToolbarUpdater (69869a0e6380831d8582378cc5e46e7e) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe
00:58:07.0660 1304 vToolbarUpdater - ok
00:58:07.0692 1304 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
00:58:07.0719 1304 vwifibus - ok
00:58:07.0741 1304 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
00:58:07.0771 1304 vwififlt - ok
00:58:07.0807 1304 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
00:58:07.0858 1304 W32Time - ok
00:58:07.0880 1304 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
00:58:07.0910 1304 WacomPen - ok
00:58:07.0944 1304 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
00:58:07.0992 1304 WANARP - ok
00:58:07.0996 1304 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
00:58:08.0032 1304 Wanarpv6 - ok
00:58:08.0101 1304 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
00:58:08.0148 1304 WatAdminSvc - ok
00:58:08.0197 1304 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
00:58:08.0270 1304 wbengine - ok
00:58:08.0299 1304 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
00:58:08.0321 1304 WbioSrvc - ok
00:58:08.0417 1304 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
00:58:08.0491 1304 wcncsvc - ok
00:58:08.0530 1304 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
00:58:08.0562 1304 WcsPlugInService - ok
00:58:08.0598 1304 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
00:58:08.0612 1304 Wd - ok
00:58:08.0639 1304 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
00:58:08.0667 1304 Wdf01000 - ok
00:58:08.0684 1304 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
00:58:08.0768 1304 WdiServiceHost - ok
00:58:08.0772 1304 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
00:58:08.0792 1304 WdiSystemHost - ok
00:58:08.0818 1304 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
00:58:08.0851 1304 WebClient - ok
00:58:08.0878 1304 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
00:58:08.0929 1304 Wecsvc - ok
00:58:08.0954 1304 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
00:58:08.0992 1304 wercplsupport - ok
00:58:09.0011 1304 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
00:58:09.0054 1304 WerSvc - ok
00:58:09.0092 1304 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
00:58:09.0134 1304 WfpLwf - ok
00:58:09.0166 1304 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
00:58:09.0185 1304 WimFltr - ok
00:58:09.0202 1304 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
00:58:09.0217 1304 WIMMount - ok
00:58:09.0238 1304 WinDefend - ok
00:58:09.0253 1304 WinHttpAutoProxySvc - ok
00:58:09.0306 1304 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
00:58:09.0355 1304 Winmgmt - ok
00:58:09.0447 1304 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
00:58:09.0519 1304 WinRM - ok
00:58:09.0573 1304 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
00:58:09.0624 1304 Wlansvc - ok
00:58:09.0732 1304 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:58:09.0802 1304 wlidsvc - ok
00:58:09.0852 1304 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
00:58:09.0874 1304 WmiAcpi - ok
00:58:09.0932 1304 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
00:58:09.0956 1304 wmiApSrv - ok
00:58:09.0979 1304 WMPNetworkSvc - ok
00:58:10.0010 1304 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
00:58:10.0032 1304 WPCSvc - ok
00:58:10.0069 1304 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
00:58:10.0104 1304 WPDBusEnum - ok
00:58:10.0140 1304 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
00:58:10.0173 1304 ws2ifsl - ok
00:58:10.0190 1304 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
00:58:10.0220 1304 wscsvc - ok
00:58:10.0230 1304 WSearch - ok
00:58:10.0295 1304 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
00:58:10.0389 1304 wuauserv - ok
00:58:10.0448 1304 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
00:58:10.0491 1304 WudfPf - ok
00:58:10.0526 1304 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
00:58:10.0565 1304 WUDFRd - ok
00:58:10.0604 1304 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
00:58:10.0638 1304 wudfsvc - ok
00:58:10.0669 1304 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
00:58:10.0701 1304 WwanSvc - ok
00:58:10.0755 1304 xusb21 (38f55d07b1d3391065c40ec065f984e2) C:\Windows\system32\DRIVERS\xusb21.sys
00:58:10.0775 1304 xusb21 - ok
00:58:10.0809 1304 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
00:58:10.0999 1304 \Device\Harddisk0\DR0 - ok
00:58:11.0001 1304 MBR (0x1B8) (64b1e91c5c6c2157642651010728f90f) \Device\Harddisk1\DR1
00:58:11.0412 1304 \Device\Harddisk1\DR1 - ok
00:58:11.0416 1304 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk3\DR3
00:58:13.0840 1304 \Device\Harddisk3\DR3 - ok
00:58:13.0842 1304 Boot (0x1200) (5e5e8befb00ed9d5917167ab6ae85572) \Device\Harddisk0\DR0\Partition0
00:58:13.0843 1304 \Device\Harddisk0\DR0\Partition0 - ok
00:58:13.0854 1304 Boot (0x1200) (97fbe6979e662c0336d2854c355c6b5d) \Device\Harddisk0\DR0\Partition1
00:58:13.0857 1304 \Device\Harddisk0\DR0\Partition1 - ok
00:58:13.0873 1304 Boot (0x1200) (4597783de3c9f812c600260ab5f080b0) \Device\Harddisk0\DR0\Partition2
00:58:13.0875 1304 \Device\Harddisk0\DR0\Partition2 - ok
00:58:13.0895 1304 Boot (0x1200) (a6092264279fde55e5f5ac807f1bb767) \Device\Harddisk0\DR0\Partition3
00:58:13.0897 1304 \Device\Harddisk0\DR0\Partition3 - ok
00:58:13.0899 1304 Boot (0x1200) (5aebdb76ba818b6be09cfa42d9907a2d) \Device\Harddisk1\DR1\Partition0
00:58:13.0901 1304 \Device\Harddisk1\DR1\Partition0 - ok
00:58:13.0904 1304 Boot (0x1200) (005ef38ec1c8bd4e40ad6c8a6cbc4740) \Device\Harddisk3\DR3\Partition0
00:58:13.0905 1304 \Device\Harddisk3\DR3\Partition0 - ok
00:58:13.0905 1304 ============================================================
00:58:13.0905 1304 Scan finished
00:58:13.0905 1304 ============================================================
00:58:13.0912 7140 Detected object count: 5
00:58:13.0912 7140 Actual detected object count: 5
00:58:29.0439 7140 ADSMService ( UnsignedFile.Multi.Generic ) - skipped by user
00:58:29.0439 7140 ADSMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:58:29.0440 7140 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
00:58:29.0440 7140 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:58:29.0441 7140 LMS ( UnsignedFile.Multi.Generic ) - skipped by user
00:58:29.0441 7140 LMS ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:58:29.0442 7140 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
00:58:29.0442 7140 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:58:29.0443 7140 UNS ( UnsignedFile.Multi.Generic ) - skipped by user
00:58:29.0443 7140 UNS ( UnsignedFile.Multi.Generic ) - User select action: Skip
-
Danstahr
- Přítel fóra
- Příspěvky: 1069
- Registrován: 28 říj 2006 20:23
- Bydliště: Londýn
- Kontaktovat uživatele:
Re: Dnes jsem si zaviroval počítač a začalo to tímhle ˇˇ
Pozor! Tato utilita má velkou schopnost mazat a její použití je určeno výhradně členům týmu tohoto fóra. Svévolné použití může vést ke zboření a reinstalaci systému Stáhněte ComboFix a uložte jej na Plochu. Vypněte všechny rezidentní štíty antivirů a všechny programy běžící na pozadí. Spusťte ComboFix s administrátorským oprávněním. Potvrďte licenční podmínky a případně i instalaci konzoly pro zotavení Během skenu nechte počítač naprosto v klidu. Sken trvá zhruba 15 minut, ale doba se může lišit v závislosti na stavu systému Po dokončení skenu se zobrazí log (pokud by se neotevřel, lze jej nalézt na systémovém disku jako ComboFix.txt), obsah logu vložte sem ComboFixu si do dalšího pokynu nevšímejte Koupím trochu času, cenu respektuji.
Re: Dnes jsem si zaviroval počítač a začalo to tímhle ˇˇ
- ComboFix 12-04-22.02 - Kvasna 23.04.2012 14:56:34.1.8 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.6069.4279 [GMT 2:00]
Spuštěný z: e:\downloads\ComboFix.exe
AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Common Files\Net4Switch.ico
c:\program files\Common Files\Net4Switch.ico
c:\users\Kvasna\AppData\Local\assembly\tmp
c:\users\Kvasna\AppData\Roaming\Mozilla\Firefox\Profiles\9y1p93c3.default\weave\toFetch
c:\windows\msxml4-KB954430-enu.LOG
c:\windows\msxml4-KB973688-enu.LOG
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-03-23 do 2012-04-23 )))))))))))))))))))))))))))))))
.
.
2012-04-23 13:00 . 2012-04-23 13:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-23 12:11 . 2012-04-23 12:11 -------- d-----w- c:\program files (x86)\MSXML 4.0
2012-04-22 21:53 . 2012-04-22 21:53 -------- d-----w- c:\program files\trend micro
2012-04-22 21:53 . 2012-04-22 21:53 -------- d-----w- C:\rsit
2012-04-22 21:24 . 2012-04-22 21:24 -------- d-----w- C:\$AVG
2012-04-22 20:24 . 2012-04-22 23:13 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0
2012-04-22 18:18 . 2012-04-22 18:18 -------- d-----w- c:\users\Kvasna\AppData\Roaming\AVG2012
2012-04-22 18:17 . 2012-04-22 18:17 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search
2012-04-22 18:17 . 2012-04-22 18:17 -------- d-----w- c:\program files (x86)\AVG Secure Search
2012-04-22 18:17 . 2012-04-22 18:17 -------- d--h--w- c:\programdata\Common Files
2012-04-22 18:17 . 2012-04-22 18:17 -------- d-----w- c:\windows\SysWow64\drivers\AVG
2012-04-22 18:16 . 2012-04-23 11:28 -------- d-----w- c:\windows\system32\drivers\AVG
2012-04-22 18:16 . 2012-04-22 21:31 -------- d-----w- c:\programdata\AVG2012
2012-04-22 18:16 . 2012-04-22 18:16 -------- d-----w- c:\program files (x86)\AVG
2012-04-22 18:15 . 2012-04-23 11:28 -------- d-----w- c:\programdata\MFAData
2012-04-22 18:11 . 2012-04-22 18:11 -------- d-----w- c:\program files (x86)\CodeStuff
2012-04-22 17:19 . 2012-04-22 17:19 -------- d-----w- c:\users\Kvasna\AppData\Roaming\IObit
2012-04-22 17:19 . 2012-04-22 17:19 -------- d-----w- c:\program files (x86)\IObit
2012-04-22 15:00 . 2012-04-22 15:00 -------- d-----w- c:\program files (x86)\MSSOAP
2012-04-22 15:00 . 2012-04-22 15:00 -------- d-----w- c:\program files (x86)\Webroot
2012-04-22 14:38 . 2012-04-22 14:39 87 ----a-w- c:\users\Kvasna\AppData\Roaming\script.bat
2012-04-22 14:35 . 2012-04-22 14:35 388096 ----a-r- c:\users\Kvasna\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-04-22 14:35 . 2012-04-22 14:35 -------- d-----w- c:\program files (x86)\Trend Micro
2012-04-22 13:43 . 2012-04-22 13:43 -------- d-----w- c:\users\Kvasna\jagexcache1
2012-04-22 13:30 . 2012-04-22 13:31 -------- d-----w- c:\users\Kvasna\AppData\Roaming\dclogs
2012-04-21 14:17 . 2012-04-21 14:17 -------- d-----w- c:\users\Kvasna\AppData\Local\FalloutNV
2012-04-21 12:56 . 2012-04-21 12:56 -------- d-----w- c:\programdata\ATI
2012-04-21 12:56 . 2012-04-21 12:56 -------- d-----w- c:\programdata\AMD
2012-04-21 12:56 . 2012-04-21 12:56 -------- d-----w- c:\program files (x86)\AMD AVT
2012-04-21 12:56 . 2012-04-21 12:56 -------- d-----w- c:\program files (x86)\AMD APP
2012-04-21 07:56 . 2012-04-21 07:56 -------- d-----w- C:\.jagex_cache_32
2012-04-20 13:10 . 2012-04-13 08:46 8917360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0A847A82-BCE4-4139-BDB4-B868E13D9EAD}\mpengine.dll
2012-04-14 16:37 . 2012-04-14 16:37 8741536 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-11 14:52 . 2012-03-06 06:53 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-11 14:52 . 2012-03-06 05:59 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-04-11 14:52 . 2012-03-06 05:59 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-04-11 14:49 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-04-11 14:49 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-04-11 14:49 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-04-11 14:49 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-04-11 14:49 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2012-04-11 14:49 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-04-11 14:49 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-04-11 09:56 . 2012-04-11 09:56 -------- d-----w- c:\users\Kvasna\AppData\Local\ASUS
2012-04-10 08:32 . 2012-04-10 08:32 -------- d-----w- c:\program files (x86)\Fifa Master
2012-04-05 15:18 . 2012-04-05 20:03 -------- d-----w- c:\users\Kvasna\AppData\Roaming\Ulozto File Manager
2012-04-05 15:18 . 2012-04-05 15:18 -------- d-----w- c:\program files (x86)\Uložto File Manager
2012-04-03 05:38 . 2012-04-03 05:38 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2012-04-01 20:29 . 2012-04-01 20:29 -------- d-----w- c:\program files\Microsoft Synchronization Services
2012-04-01 20:29 . 2012-04-01 20:29 -------- d-----w- c:\windows\PCHEALTH
2012-04-01 20:29 . 2012-04-01 20:29 -------- d-----w- c:\program files\Microsoft Sync Framework
2012-04-01 20:29 . 2012-04-01 20:29 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2012-04-01 20:28 . 2012-04-01 20:28 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2012-04-01 20:27 . 2012-04-01 20:27 -------- d-----w- c:\program files\Microsoft Analysis Services
2012-04-01 20:27 . 2012-04-01 20:27 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2012-04-01 20:27 . 2012-04-01 20:27 -------- d-----w- c:\users\Kvasna\AppData\Local\Microsoft Help
2012-04-01 20:26 . 2012-04-11 14:54 -------- d-----w- c:\programdata\Microsoft Help
2012-04-01 20:26 . 2012-04-01 20:26 -------- d-----r- C:\MSOCache
2012-04-01 14:49 . 2012-04-02 11:43 -------- d-----w- c:\users\Kvasna\AppData\Roaming\GarenaPlus
2012-04-01 14:49 . 2012-04-01 14:49 -------- d-----w- c:\program files (x86)\Garena Plus
2012-04-01 14:49 . 2012-04-02 11:43 -------- d-----w- c:\programdata\GarenaMessenger
2012-04-01 10:33 . 2012-04-14 16:37 418464 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-04-01 10:33 . 2012-04-01 10:33 -------- d-----w- c:\windows\system32\Macromed
2012-03-31 20:29 . 2012-04-04 13:46 -------- d-----w- c:\users\Kvasna\AppData\Roaming\BSplayer
2012-03-31 20:29 . 2012-03-31 20:29 -------- d-----w- c:\users\Kvasna\AppData\Roaming\BSplayer Pro
2012-03-31 20:29 . 2012-03-31 20:29 -------- d-----w- c:\program files (x86)\Webteh
2012-03-30 12:25 . 2012-03-30 12:25 -------- d-----w- c:\program files\Paint.NET
2012-03-30 12:24 . 2012-03-30 12:26 -------- d-----w- c:\users\Kvasna\AppData\Local\Paint.NET
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-19 12:41 . 2012-02-25 01:59 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-04-19 12:41 . 2012-02-23 08:56 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-04-19 12:40 . 2012-02-23 08:56 282864 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-04-14 16:37 . 2012-02-22 23:10 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-09 06:28 . 2012-03-09 06:28 10857984 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-03-09 05:16 . 2012-03-09 05:16 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2012-03-09 05:16 . 2011-09-08 17:34 791552 ----a-w- c:\windows\SysWow64\aticfx32.dll
2012-03-09 05:14 . 2011-09-08 17:32 958464 ----a-w- c:\windows\system32\aticfx64.dll
2012-03-09 05:11 . 2011-09-08 17:30 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-03-09 05:11 . 2012-03-09 05:11 496128 ----a-w- c:\windows\system32\atieclxx.exe
2012-03-09 05:10 . 2012-03-09 05:10 235520 ----a-w- c:\windows\system32\atiesrxx.exe
2012-03-09 05:08 . 2012-03-09 05:08 120320 ----a-w- c:\windows\system32\atitmm64.dll
2012-03-09 05:08 . 2012-03-09 05:08 21504 ----a-w- c:\windows\system32\atimuixx.dll
2012-03-09 05:07 . 2012-03-09 05:07 59392 ----a-w- c:\windows\system32\atiedu64.dll
2012-03-09 05:07 . 2012-03-09 05:07 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2012-03-09 05:04 . 2012-03-09 05:04 6200320 ----a-w- c:\windows\SysWow64\atidxx32.dll
2012-03-09 05:03 . 2012-03-09 05:03 26166784 ----a-w- c:\windows\system32\atio6axx.dll
2012-03-09 04:45 . 2011-09-08 17:16 7646208 ----a-w- c:\windows\system32\atidxx64.dll
2012-03-09 04:39 . 2012-03-09 04:39 19739136 ----a-w- c:\windows\SysWow64\atioglxx.dll
2012-03-09 04:36 . 2012-03-09 04:36 1113088 ----a-w- c:\windows\system32\atiumd6v.dll
2012-03-09 04:36 . 2012-03-09 04:36 1828864 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2012-03-09 04:35 . 2011-09-08 17:18 4958208 ----a-w- c:\windows\system32\atiumd6a.dll
2012-03-09 04:23 . 2011-09-08 17:08 5062656 ----a-w- c:\windows\SysWow64\atiumdva.dll
2012-03-09 04:23 . 2011-09-08 17:05 5954048 ----a-w- c:\windows\SysWow64\atiumdag.dll
2012-03-09 04:18 . 2012-03-09 04:18 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2012-03-09 04:18 . 2012-03-09 04:18 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2012-03-09 04:18 . 2012-03-09 04:18 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2012-03-09 04:18 . 2012-03-09 04:18 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2012-03-09 04:17 . 2012-03-09 04:17 16069632 ----a-w- c:\windows\system32\aticaldd64.dll
2012-03-09 04:12 . 2012-03-09 04:12 13715968 ----a-w- c:\windows\SysWow64\aticaldd.dll
2012-03-09 04:11 . 2011-09-08 17:00 7552000 ----a-w- c:\windows\system32\atiumd64.dll
2012-03-09 04:05 . 2012-03-09 04:05 54784 ----a-w- c:\windows\system32\atimpc64.dll
2012-03-09 04:05 . 2012-03-09 04:05 54784 ----a-w- c:\windows\system32\amdpcom64.dll
2012-03-09 04:05 . 2012-03-09 04:05 53760 ----a-w- c:\windows\SysWow64\atimpc32.dll
2012-03-09 04:05 . 2012-03-09 04:05 53760 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2012-03-09 03:58 . 2011-09-08 16:53 512000 ----a-w- c:\windows\system32\atiadlxx.dll
2012-03-09 03:58 . 2012-03-09 03:58 356352 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2012-03-09 03:58 . 2012-03-09 03:58 17408 ----a-w- c:\windows\system32\atig6pxx.dll
2012-03-09 03:58 . 2012-03-09 03:58 14336 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2012-03-09 03:58 . 2012-03-09 03:58 14336 ----a-w- c:\windows\system32\atiglpxx.dll
2012-03-09 03:58 . 2012-03-09 03:58 39936 ----a-w- c:\windows\system32\atig6txx.dll
2012-03-09 03:58 . 2012-03-09 03:58 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2012-03-09 03:58 . 2012-03-09 03:58 328704 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-03-09 03:57 . 2011-09-08 16:52 43008 ----a-w- c:\windows\system32\atiuxp64.dll
2012-03-09 03:56 . 2012-03-09 03:56 33280 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2012-03-09 03:56 . 2011-09-08 16:51 39936 ----a-w- c:\windows\system32\atiu9p64.dll
2012-03-09 03:56 . 2011-09-08 16:51 30208 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2012-03-09 03:55 . 2012-03-09 03:55 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-03-09 03:47 . 2011-09-08 16:59 58880 ----a-w- c:\windows\system32\coinst.dll
2012-03-08 23:26 . 2012-03-08 23:26 74752 ----a-w- c:\windows\system32\OpenVideo64.dll
2012-03-08 23:26 . 2012-03-08 23:26 64512 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2012-03-08 23:26 . 2012-03-08 23:26 61952 ----a-w- c:\windows\system32\OVDecode64.dll
2012-03-08 23:26 . 2012-03-08 23:26 54784 ----a-w- c:\windows\SysWow64\OVDecode.dll
2012-03-08 23:26 . 2012-03-08 23:26 16507392 ----a-w- c:\windows\system32\amdocl64.dll
2012-03-08 23:25 . 2012-03-08 23:25 13238272 ----a-w- c:\windows\SysWow64\amdocl.dll
2012-03-08 23:24 . 2012-03-08 23:24 54272 ----a-w- c:\windows\system32\OpenCL.dll
2012-03-08 23:24 . 2012-03-08 23:24 48128 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-03-07 00:15 . 2012-03-15 14:15 41184 ----a-w- c:\windows\avastSS.scr
2012-03-07 00:15 . 2012-03-15 14:15 201352 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-03-07 00:02 . 2012-03-15 14:15 53080 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-03-02 23:12 . 2012-03-02 23:12 743262 ----a-w- c:\windows\unins000.exe
2012-02-26 12:26 . 2012-02-26 12:26 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-02-26 12:26 . 2012-02-26 12:26 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-02-26 12:26 . 2012-02-26 12:26 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-02-26 12:26 . 2012-02-26 12:26 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-02-26 12:26 . 2012-02-26 12:26 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-02-26 12:26 . 2012-02-26 12:26 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-02-26 12:26 . 2012-02-26 12:26 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-02-26 12:26 . 2012-02-26 12:26 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-02-26 12:26 . 2012-02-26 12:26 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-02-26 12:26 . 2012-02-26 12:26 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-02-26 12:26 . 2012-02-26 12:26 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-02-26 12:26 . 2012-02-26 12:26 448512 ----a-w- c:\windows\system32\html.iec
2012-02-26 12:26 . 2012-02-26 12:26 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-02-26 12:26 . 2012-02-26 12:26 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-02-26 12:26 . 2012-02-26 12:26 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-02-26 12:26 . 2012-02-26 12:26 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-02-26 12:26 . 2012-02-26 12:26 222208 ----a-w- c:\windows\system32\msls31.dll
2012-02-26 12:26 . 2012-02-26 12:26 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-02-26 12:26 . 2012-02-26 12:26 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-02-26 12:26 . 2012-02-26 12:26 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-02-26 12:26 . 2012-02-26 12:26 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-02-26 12:26 . 2012-02-26 12:26 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-02-26 12:26 . 2012-02-26 12:26 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-02-26 12:26 . 2012-02-26 12:26 12288 ----a-w- c:\windows\system32\mshta.exe
2012-02-26 12:26 . 2012-02-26 12:26 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-02-26 12:26 . 2012-02-26 12:26 114176 ----a-w- c:\windows\system32\admparse.dll
2012-02-26 12:26 . 2012-02-26 12:26 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-02-26 12:26 . 2012-02-26 12:26 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-02-26 12:26 . 2012-02-26 12:26 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-02-26 12:26 . 2012-02-26 12:26 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-02-26 12:26 . 2012-02-26 12:26 603648 ----a-w- c:\windows\system32\vbscript.dll
2012-02-26 12:26 . 2012-02-26 12:26 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-02-26 12:26 . 2012-02-26 12:26 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-02-26 12:26 . 2012-02-26 12:26 160256 ----a-w- c:\windows\system32\wextract.exe
2012-02-26 12:12 . 2010-12-21 14:07 10463744 ----a-w- c:\windows\system32\BCC7_3DObjects_AE.dll
2012-02-26 12:11 . 2010-12-20 13:14 22771200 ----a-w- c:\windows\system32\BCC7_AE_16Bit.dll
2012-02-26 12:02 . 2010-12-20 13:23 22737920 ----a-w- c:\windows\system32\BCC7_AE_8Bit.dll
2012-02-25 12:06 . 2012-02-25 12:07 525544 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-25 10:59 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{687578b9-7132-4a7a-80e4-30ee31099e03}"= "c:\program files (x86)\uTorrentControl2\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}]
2011-05-09 08:49 176936 ----a-w- c:\program files (x86)\uTorrentControl2\prxtbuTor.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-04-22 18:17 1451336 ----a-w- c:\program files (x86)\AVG Secure Search\8.0.0.34\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{687578b9-7132-4a7a-80e4-30ee31099e03}"= "c:\program files (x86)\uTorrentControl2\prxtbuTor.dll" [2011-05-09 176936]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\8.0.0.34\AVG Secure Search_toolbar.dll" [2012-04-22 1451336]
.
[HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 16:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-02-23 740216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2009-10-26 6998656]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2009-08-19 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ADSMTray"="c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe" [2009-06-24 272952]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-03-09 636032]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-04-22 218440]
"IObit Malware Fighter"="c:\program files (x86)\IObit\IObit Malware Fighter\IMF.exe" [2012-01-12 4453208]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2012-2-23 12862]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2012-2-23 156952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-15 158856]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-14 253088]
R3 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x]
R3 ipswuio;ipswuio;c:\windows\system32\DRIVERS\ipswuio.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 UrlFilter;UrlFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2011-09-20 21872]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 FileMonitor;FileMonitor;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2012-01-05 21384]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 2343816]
S2 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2012-01-09 821592]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2314240]
S2 vToolbarUpdater;vToolbarUpdater;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe [2012-04-22 246600]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 RegFilter;RegFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2011-09-20 33184]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-04-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 16:37]
.
2012-04-22 c:\windows\Tasks\SidebarExecute.job
- c:\program files\Windows Sidebar\sidebar.exe [2012-02-25 13:25]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 15:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-01 323584]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-02-22 500208]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-05-25 10816544]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll
FF - ProfilePath - c:\users\Kvasna\AppData\Roaming\Mozilla\Firefox\Profiles\9y1p93c3.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{687578B9-7132-4A7A-80E4-30EE31099E03} - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Eurobattle.net1.26 - d:\warcraft iii\uninstall.exe
AddRemove-Eurobattle.net2.0 - d:\warcraft iii\uninstall.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_bc2.exe
AddRemove-NCsoft-Aion - f:\ncsoft\launcher\NCLauncher.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1407730729-757819813-2124692152-1000\Software\SecuROM\License information*]
"datasecu"=hex:d5,bb,cb,a4,37,de,a9,e8,6a,c5,03,9b,09,50,95,62,7e,cf,76,8d,47,
e9,5a,cb,57,ea,72,9f,fe,cf,7c,46,ff,5f,66,28,e2,9f,a8,3c,da,b1,a7,d2,9d,81,\
"rkeysecu"=hex:33,94,93,1f,15,d3,6b,1c,c9,f3,92,4f,79,4c,96,5d
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG*]
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-04-23 15:02:38
ComboFix-quarantined-files.txt 2012-04-23 13:02
.
Před spuštěním: Volných bajtů: 15 507 181 568
Po spuštění: Volných bajtů: 15 675 789 312
.
- - End Of File - - 3BADC610D188B2D21D49C79CCAA0D416
Re: Dnes jsem si zaviroval počítač a začalo to tímhle ˇˇ
jinak rád bych dodal, že po dnešku mi zatím ď jde 
=P, ale jestli tam je něco pořád proti gustu tak díky předem =)
=P, ale jestli tam je něco pořád proti gustu tak díky předem =)-
Danstahr
- Přítel fóra
- Příspěvky: 1069
- Registrován: 28 říj 2006 20:23
- Bydliště: Londýn
- Kontaktovat uživatele:
Re: Dnes jsem si zaviroval počítač a začalo to tímhle ˇˇ
Dobrý den, omlouvám se za pozdní reakci.
Ještě neutíkejte, napíšu dočišťovací skript.
Ještě neutíkejte, napíšu dočišťovací skript.
Koupím trochu času, cenu respektuji.
-
Danstahr
- Přítel fóra
- Příspěvky: 1069
- Registrován: 28 říj 2006 20:23
- Bydliště: Londýn
- Kontaktovat uživatele:
Re: Dnes jsem si zaviroval počítač a začalo to tímhle ˇˇ
Přesuňte ComboFix na Plochu. Otevřete Poznámkový blok, vložte do něj následující text a uložte soubor na Plochu jako CFScript.txt. Pak soubor přetáhněte na ikonu ComboFixu. Po restartu se otevře log, ten sem vložte.Kód: Vybrat vše
killall::
folder::
c:\program files (x86)\uTorrentControl2
file::
c:\users\Kvasna\AppData\Roaming\script.bat
c:\windows\Tasks\Adobe Flash Player Updater.job
registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{687578b9-7132-4a7a-80e4-30ee31099e03}"=-
[-HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{687578b9-7132-4a7a-80e4-30ee31099e03}]
[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{687578b9-7132-4a7a-80e4-30ee31099e03}"=-
"{95B7759C-8C7F-4BF1-B163-73684A933233}"=-
[-HKEY_CLASSES_ROOT\clsid\{687578b9-7132-4a7a-80e4-30ee31099e03}]
[-HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[-HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[-HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"=-
"IObit Malware Fighter"=-
"Adobe ARM"=-
"StartCCC"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=-
driver::
SkypeUpdate
AdobeFlashPlayerUpdateSvc
AdobeARMservice
vToolbarUpdater
RegLock::
[HKEY_USERS\S-1-5-21-1407730729-757819813-2124692152-1000\Software\SecuROM\License information*]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG*]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
reboot::Koupím trochu času, cenu respektuji.
Re: Dnes jsem si zaviroval počítač a začalo to tímhle ˇˇ
- ComboFix 12-04-22.02 - Kvasna 24.04.2012 17:10:34.4.8 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.6069.4345 [GMT 2:00]
Spuštěný z: c:\users\Kvasna\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Kvasna\Desktop\CFScript.txt
AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\users\Kvasna\AppData\Roaming\script.bat"
"c:\windows\Tasks\Adobe Flash Player Updater.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\uTorrentControl2
c:\program files (x86)\uTorrentControl2\GottenAppsContextMenu.xml
c:\program files (x86)\uTorrentControl2\ldrtbuTor.dll
c:\program files (x86)\uTorrentControl2\OtherAppsContextMenu.xml
c:\program files (x86)\uTorrentControl2\prxtbuTor.dll
c:\program files (x86)\uTorrentControl2\SharedAppsContextMenu.xml
c:\program files (x86)\uTorrentControl2\tbuTor.dll
c:\program files (x86)\uTorrentControl2\toolbar.cfg
c:\program files (x86)\uTorrentControl2\ToolbarContextMenu.xml
c:\program files (x86)\uTorrentControl2\uninstall.exe
c:\program files (x86)\uTorrentControl2\uTorrentControl2ToolbarHelper.exe
c:\users\Kvasna\AppData\Roaming\script.bat
c:\windows\Tasks\Adobe Flash Player Updater.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_AdobeARMservice
-------\Service_AdobeFlashPlayerUpdateSvc
-------\Service_SkypeUpdate
-------\Service_vToolbarUpdater
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-03-24 do 2012-04-24 )))))))))))))))))))))))))))))))
.
.
2012-04-24 15:14 . 2012-04-24 15:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-23 12:11 . 2012-04-23 12:11 -------- d-----w- c:\program files (x86)\MSXML 4.0
2012-04-22 21:53 . 2012-04-22 21:53 -------- d-----w- c:\program files\trend micro
2012-04-22 21:53 . 2012-04-22 21:53 -------- d-----w- C:\rsit
2012-04-22 21:24 . 2012-04-22 21:24 -------- d-----w- C:\$AVG
2012-04-22 20:24 . 2012-04-22 23:13 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0
2012-04-22 18:18 . 2012-04-22 18:18 -------- d-----w- c:\users\Kvasna\AppData\Roaming\AVG2012
2012-04-22 18:17 . 2012-04-22 18:17 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search
2012-04-22 18:17 . 2012-04-22 18:17 -------- d-----w- c:\program files (x86)\AVG Secure Search
2012-04-22 18:17 . 2012-04-22 18:17 -------- d--h--w- c:\programdata\Common Files
2012-04-22 18:17 . 2012-04-22 18:17 -------- d-----w- c:\windows\SysWow64\drivers\AVG
2012-04-22 18:16 . 2012-04-24 14:11 -------- d-----w- c:\windows\system32\drivers\AVG
2012-04-22 18:16 . 2012-04-22 21:31 -------- d-----w- c:\programdata\AVG2012
2012-04-22 18:16 . 2012-04-22 18:16 -------- d-----w- c:\program files (x86)\AVG
2012-04-22 18:15 . 2012-04-24 14:11 -------- d-----w- c:\programdata\MFAData
2012-04-22 18:11 . 2012-04-22 18:11 -------- d-----w- c:\program files (x86)\CodeStuff
2012-04-22 17:19 . 2012-04-22 17:19 -------- d-----w- c:\users\Kvasna\AppData\Roaming\IObit
2012-04-22 17:19 . 2012-04-22 17:19 -------- d-----w- c:\program files (x86)\IObit
2012-04-22 15:00 . 2012-04-22 15:00 -------- d-----w- c:\program files (x86)\MSSOAP
2012-04-22 15:00 . 2012-04-22 15:00 -------- d-----w- c:\program files (x86)\Webroot
2012-04-22 14:35 . 2012-04-22 14:35 388096 ----a-r- c:\users\Kvasna\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-04-22 14:35 . 2012-04-22 14:35 -------- d-----w- c:\program files (x86)\Trend Micro
2012-04-22 13:43 . 2012-04-22 13:43 -------- d-----w- c:\users\Kvasna\jagexcache1
2012-04-22 13:30 . 2012-04-22 13:31 -------- d-----w- c:\users\Kvasna\AppData\Roaming\dclogs
2012-04-21 14:17 . 2012-04-21 14:17 -------- d-----w- c:\users\Kvasna\AppData\Local\FalloutNV
2012-04-21 12:56 . 2012-04-21 12:56 -------- d-----w- c:\programdata\ATI
2012-04-21 12:56 . 2012-04-21 12:56 -------- d-----w- c:\programdata\AMD
2012-04-21 12:56 . 2012-04-21 12:56 -------- d-----w- c:\program files (x86)\AMD AVT
2012-04-21 12:56 . 2012-04-21 12:56 -------- d-----w- c:\program files (x86)\AMD APP
2012-04-21 07:56 . 2012-04-21 07:56 -------- d-----w- C:\.jagex_cache_32
2012-04-20 13:10 . 2012-04-13 08:46 8917360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0A847A82-BCE4-4139-BDB4-B868E13D9EAD}\mpengine.dll
2012-04-14 16:37 . 2012-04-14 16:37 8741536 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-11 14:52 . 2012-03-06 06:53 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-11 14:52 . 2012-03-06 05:59 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-04-11 14:52 . 2012-03-06 05:59 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-04-11 14:49 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-04-11 14:49 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-04-11 14:49 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-04-11 14:49 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-04-11 14:49 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2012-04-11 14:49 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-04-11 14:49 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-04-11 09:56 . 2012-04-11 09:56 -------- d-----w- c:\users\Kvasna\AppData\Local\ASUS
2012-04-10 08:32 . 2012-04-10 08:32 -------- d-----w- c:\program files (x86)\Fifa Master
2012-04-05 15:18 . 2012-04-05 20:03 -------- d-----w- c:\users\Kvasna\AppData\Roaming\Ulozto File Manager
2012-04-05 15:18 . 2012-04-05 15:18 -------- d-----w- c:\program files (x86)\Uložto File Manager
2012-04-03 05:38 . 2012-04-03 05:38 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2012-04-01 20:29 . 2012-04-01 20:29 -------- d-----w- c:\program files\Microsoft Synchronization Services
2012-04-01 20:29 . 2012-04-01 20:29 -------- d-----w- c:\windows\PCHEALTH
2012-04-01 20:29 . 2012-04-01 20:29 -------- d-----w- c:\program files\Microsoft Sync Framework
2012-04-01 20:29 . 2012-04-01 20:29 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2012-04-01 20:28 . 2012-04-01 20:28 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2012-04-01 20:27 . 2012-04-01 20:27 -------- d-----w- c:\program files\Microsoft Analysis Services
2012-04-01 20:27 . 2012-04-01 20:27 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2012-04-01 20:27 . 2012-04-01 20:27 -------- d-----w- c:\users\Kvasna\AppData\Local\Microsoft Help
2012-04-01 20:26 . 2012-04-11 14:54 -------- d-----w- c:\programdata\Microsoft Help
2012-04-01 20:26 . 2012-04-01 20:26 -------- d-----r- C:\MSOCache
2012-04-01 14:49 . 2012-04-02 11:43 -------- d-----w- c:\users\Kvasna\AppData\Roaming\GarenaPlus
2012-04-01 14:49 . 2012-04-01 14:49 -------- d-----w- c:\program files (x86)\Garena Plus
2012-04-01 14:49 . 2012-04-02 11:43 -------- d-----w- c:\programdata\GarenaMessenger
2012-04-01 10:33 . 2012-04-14 16:37 418464 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-04-01 10:33 . 2012-04-01 10:33 -------- d-----w- c:\windows\system32\Macromed
2012-03-31 20:29 . 2012-04-04 13:46 -------- d-----w- c:\users\Kvasna\AppData\Roaming\BSplayer
2012-03-31 20:29 . 2012-03-31 20:29 -------- d-----w- c:\users\Kvasna\AppData\Roaming\BSplayer Pro
2012-03-31 20:29 . 2012-03-31 20:29 -------- d-----w- c:\program files (x86)\Webteh
2012-03-30 12:25 . 2012-03-30 12:25 -------- d-----w- c:\program files\Paint.NET
2012-03-30 12:24 . 2012-03-30 12:26 -------- d-----w- c:\users\Kvasna\AppData\Local\Paint.NET
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-19 12:41 . 2012-02-25 01:59 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-04-19 12:41 . 2012-02-23 08:56 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-04-19 12:40 . 2012-02-23 08:56 282864 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-04-14 16:37 . 2012-02-22 23:10 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-09 06:28 . 2012-03-09 06:28 10857984 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-03-09 05:16 . 2012-03-09 05:16 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2012-03-09 05:16 . 2011-09-08 17:34 791552 ----a-w- c:\windows\SysWow64\aticfx32.dll
2012-03-09 05:14 . 2011-09-08 17:32 958464 ----a-w- c:\windows\system32\aticfx64.dll
2012-03-09 05:11 . 2011-09-08 17:30 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-03-09 05:11 . 2012-03-09 05:11 496128 ----a-w- c:\windows\system32\atieclxx.exe
2012-03-09 05:10 . 2012-03-09 05:10 235520 ----a-w- c:\windows\system32\atiesrxx.exe
2012-03-09 05:08 . 2012-03-09 05:08 120320 ----a-w- c:\windows\system32\atitmm64.dll
2012-03-09 05:08 . 2012-03-09 05:08 21504 ----a-w- c:\windows\system32\atimuixx.dll
2012-03-09 05:07 . 2012-03-09 05:07 59392 ----a-w- c:\windows\system32\atiedu64.dll
2012-03-09 05:07 . 2012-03-09 05:07 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2012-03-09 05:04 . 2012-03-09 05:04 6200320 ----a-w- c:\windows\SysWow64\atidxx32.dll
2012-03-09 05:03 . 2012-03-09 05:03 26166784 ----a-w- c:\windows\system32\atio6axx.dll
2012-03-09 04:45 . 2011-09-08 17:16 7646208 ----a-w- c:\windows\system32\atidxx64.dll
2012-03-09 04:39 . 2012-03-09 04:39 19739136 ----a-w- c:\windows\SysWow64\atioglxx.dll
2012-03-09 04:36 . 2012-03-09 04:36 1113088 ----a-w- c:\windows\system32\atiumd6v.dll
2012-03-09 04:36 . 2012-03-09 04:36 1828864 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2012-03-09 04:35 . 2011-09-08 17:18 4958208 ----a-w- c:\windows\system32\atiumd6a.dll
2012-03-09 04:23 . 2011-09-08 17:08 5062656 ----a-w- c:\windows\SysWow64\atiumdva.dll
2012-03-09 04:23 . 2011-09-08 17:05 5954048 ----a-w- c:\windows\SysWow64\atiumdag.dll
2012-03-09 04:18 . 2012-03-09 04:18 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2012-03-09 04:18 . 2012-03-09 04:18 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2012-03-09 04:18 . 2012-03-09 04:18 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2012-03-09 04:18 . 2012-03-09 04:18 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2012-03-09 04:17 . 2012-03-09 04:17 16069632 ----a-w- c:\windows\system32\aticaldd64.dll
2012-03-09 04:12 . 2012-03-09 04:12 13715968 ----a-w- c:\windows\SysWow64\aticaldd.dll
2012-03-09 04:11 . 2011-09-08 17:00 7552000 ----a-w- c:\windows\system32\atiumd64.dll
2012-03-09 04:05 . 2012-03-09 04:05 54784 ----a-w- c:\windows\system32\atimpc64.dll
2012-03-09 04:05 . 2012-03-09 04:05 54784 ----a-w- c:\windows\system32\amdpcom64.dll
2012-03-09 04:05 . 2012-03-09 04:05 53760 ----a-w- c:\windows\SysWow64\atimpc32.dll
2012-03-09 04:05 . 2012-03-09 04:05 53760 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2012-03-09 03:58 . 2011-09-08 16:53 512000 ----a-w- c:\windows\system32\atiadlxx.dll
2012-03-09 03:58 . 2012-03-09 03:58 356352 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2012-03-09 03:58 . 2012-03-09 03:58 17408 ----a-w- c:\windows\system32\atig6pxx.dll
2012-03-09 03:58 . 2012-03-09 03:58 14336 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2012-03-09 03:58 . 2012-03-09 03:58 14336 ----a-w- c:\windows\system32\atiglpxx.dll
2012-03-09 03:58 . 2012-03-09 03:58 39936 ----a-w- c:\windows\system32\atig6txx.dll
2012-03-09 03:58 . 2012-03-09 03:58 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2012-03-09 03:58 . 2012-03-09 03:58 328704 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-03-09 03:57 . 2011-09-08 16:52 43008 ----a-w- c:\windows\system32\atiuxp64.dll
2012-03-09 03:56 . 2012-03-09 03:56 33280 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2012-03-09 03:56 . 2011-09-08 16:51 39936 ----a-w- c:\windows\system32\atiu9p64.dll
2012-03-09 03:56 . 2011-09-08 16:51 30208 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2012-03-09 03:55 . 2012-03-09 03:55 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-03-09 03:47 . 2011-09-08 16:59 58880 ----a-w- c:\windows\system32\coinst.dll
2012-03-08 23:26 . 2012-03-08 23:26 74752 ----a-w- c:\windows\system32\OpenVideo64.dll
2012-03-08 23:26 . 2012-03-08 23:26 64512 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2012-03-08 23:26 . 2012-03-08 23:26 61952 ----a-w- c:\windows\system32\OVDecode64.dll
2012-03-08 23:26 . 2012-03-08 23:26 54784 ----a-w- c:\windows\SysWow64\OVDecode.dll
2012-03-08 23:26 . 2012-03-08 23:26 16507392 ----a-w- c:\windows\system32\amdocl64.dll
2012-03-08 23:25 . 2012-03-08 23:25 13238272 ----a-w- c:\windows\SysWow64\amdocl.dll
2012-03-08 23:24 . 2012-03-08 23:24 54272 ----a-w- c:\windows\system32\OpenCL.dll
2012-03-08 23:24 . 2012-03-08 23:24 48128 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-03-07 00:15 . 2012-03-15 14:15 41184 ----a-w- c:\windows\avastSS.scr
2012-03-07 00:15 . 2012-03-15 14:15 201352 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-03-07 00:02 . 2012-03-15 14:15 53080 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-03-02 23:12 . 2012-03-02 23:12 743262 ----a-w- c:\windows\unins000.exe
2012-02-26 12:26 . 2012-02-26 12:26 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-02-26 12:26 . 2012-02-26 12:26 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-02-26 12:26 . 2012-02-26 12:26 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-02-26 12:26 . 2012-02-26 12:26 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-02-26 12:26 . 2012-02-26 12:26 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-02-26 12:26 . 2012-02-26 12:26 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-02-26 12:26 . 2012-02-26 12:26 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-02-26 12:26 . 2012-02-26 12:26 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-02-26 12:26 . 2012-02-26 12:26 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-02-26 12:26 . 2012-02-26 12:26 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-02-26 12:26 . 2012-02-26 12:26 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-02-26 12:26 . 2012-02-26 12:26 448512 ----a-w- c:\windows\system32\html.iec
2012-02-26 12:26 . 2012-02-26 12:26 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-02-26 12:26 . 2012-02-26 12:26 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-02-26 12:26 . 2012-02-26 12:26 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-02-26 12:26 . 2012-02-26 12:26 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-02-26 12:26 . 2012-02-26 12:26 222208 ----a-w- c:\windows\system32\msls31.dll
2012-02-26 12:26 . 2012-02-26 12:26 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-02-26 12:26 . 2012-02-26 12:26 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-02-26 12:26 . 2012-02-26 12:26 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-02-26 12:26 . 2012-02-26 12:26 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-02-26 12:26 . 2012-02-26 12:26 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-02-26 12:26 . 2012-02-26 12:26 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-02-26 12:26 . 2012-02-26 12:26 12288 ----a-w- c:\windows\system32\mshta.exe
2012-02-26 12:26 . 2012-02-26 12:26 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-02-26 12:26 . 2012-02-26 12:26 114176 ----a-w- c:\windows\system32\admparse.dll
2012-02-26 12:26 . 2012-02-26 12:26 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-02-26 12:26 . 2012-02-26 12:26 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-02-26 12:26 . 2012-02-26 12:26 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-02-26 12:26 . 2012-02-26 12:26 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-02-26 12:26 . 2012-02-26 12:26 603648 ----a-w- c:\windows\system32\vbscript.dll
2012-02-26 12:26 . 2012-02-26 12:26 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-02-26 12:26 . 2012-02-26 12:26 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-02-26 12:26 . 2012-02-26 12:26 160256 ----a-w- c:\windows\system32\wextract.exe
2012-02-26 12:12 . 2010-12-21 14:07 10463744 ----a-w- c:\windows\system32\BCC7_3DObjects_AE.dll
2012-02-26 12:11 . 2010-12-20 13:14 22771200 ----a-w- c:\windows\system32\BCC7_AE_16Bit.dll
2012-02-26 12:02 . 2010-12-20 13:23 22737920 ----a-w- c:\windows\system32\BCC7_AE_8Bit.dll
2012-02-25 12:06 . 2012-02-25 12:07 525544 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-25 10:59 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-04-23_13.00.51 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 04:54 . 2012-04-24 14:47 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-04-23 10:24 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-04-23 10:24 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-04-24 14:47 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-04-23 10:24 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-04-24 14:47 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 05:10 . 2012-04-24 14:15 36796 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 04:46 . 2012-04-24 14:18 88560 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2012-02-22 22:26 . 2012-04-24 14:15 8106 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1407730729-757819813-2124692152-1000_UserData.bin
+ 2012-04-23 19:53 . 2012-04-23 19:53 8192 c:\windows\system32\Microsoft\Protect\Recovery\Recovery.dat
+ 2012-04-24 15:15 . 2012-04-24 15:15 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-04-23 12:45 . 2012-04-23 12:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-04-23 12:45 . 2012-04-23 12:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-04-24 15:15 . 2012-04-24 15:15 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-02-23 08:45 . 2012-04-24 12:54 342194 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2012-02-23 06:04 . 2012-04-24 14:09 333530 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2009-07-14 02:36 . 2012-04-23 12:51 652360 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-04-24 10:39 652360 c:\windows\system32\perfh009.dat
- 2009-07-26 18:41 . 2012-04-23 12:51 666656 c:\windows\system32\perfh005.dat
+ 2009-07-26 18:41 . 2012-04-24 10:39 666656 c:\windows\system32\perfh005.dat
+ 2009-07-14 02:36 . 2012-04-24 10:39 121292 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2012-04-23 12:51 121292 c:\windows\system32\perfc009.dat
+ 2009-07-26 18:41 . 2012-04-24 10:39 140320 c:\windows\system32\perfc005.dat
- 2009-07-26 18:41 . 2012-04-23 12:51 140320 c:\windows\system32\perfc005.dat
+ 2012-02-22 23:15 . 2012-04-24 15:14 5997392 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2012-02-22 23:15 . 2012-04-23 12:16 5997392 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2009-07-14 05:01 . 2012-04-23 12:16 1139408 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-04-24 15:14 1139408 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2012-02-23 19:55 . 2012-04-23 12:16 8739300 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1407730729-757819813-2124692152-1000-12288.dat
+ 2012-02-23 19:55 . 2012-04-24 15:14 8739300 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1407730729-757819813-2124692152-1000-12288.dat
+ 2012-02-22 23:15 . 2012-04-24 15:14 38876516 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1407730729-757819813-2124692152-1000-8192.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 16:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RGSC"="f:\rockstar games\Rockstar Games Social Club\RGSCLauncher.exe" [2008-11-14 305064]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2009-10-26 6998656]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2009-08-19 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ADSMTray"="c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe" [2009-06-24 272952]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-04-22 218440]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2012-2-23 12862]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2012-2-23 156952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x]
R3 ipswuio;ipswuio;c:\windows\system32\DRIVERS\ipswuio.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 RegFilter;RegFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2011-09-20 33184]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 UrlFilter;UrlFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2011-09-20 21872]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 FileMonitor;FileMonitor;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2012-01-05 21384]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 2343816]
S2 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2012-01-09 821592]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2314240]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-04-22 c:\windows\Tasks\SidebarExecute.job
- c:\program files\Windows Sidebar\sidebar.exe [2012-02-25 13:25]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 15:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-01 323584]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-02-22 500208]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-05-25 10816544]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
"combofix"="c:\combofix\CF25400.3XE" [2010-11-20 345088]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll
FF - ProfilePath - c:\users\Kvasna\AppData\Roaming\Mozilla\Firefox\Profiles\9y1p93c3.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
AddRemove-uTorrentControl2 Toolbar - c:\program files (x86)\uTorrentControl2\uninstall.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1407730729-757819813-2124692152-1000\Software\SecuROM\License information*]
"datasecu"=hex:d5,bb,cb,a4,37,de,a9,e8,6a,c5,03,9b,09,50,95,62,7e,cf,76,8d,47,
e9,5a,cb,57,ea,72,9f,fe,cf,7c,46,ff,5f,66,28,e2,9f,a8,3c,da,b1,a7,d2,9d,81,\
"rkeysecu"=hex:33,94,93,1f,15,d3,6b,1c,c9,f3,92,4f,79,4c,96,5d
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG*]
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\ASUS\NB Probe\SPM\spmgr.exe
c:\program files (x86)\ASUS\Net4Switch\Net4Switch.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeck.exe
.
**************************************************************************
.
Celkový čas: 2012-04-24 17:19:23 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-04-24 15:19
ComboFix2.txt 2012-04-24 15:08
ComboFix3.txt 2012-04-23 13:02
.
Před spuštěním: Volných bajtů: 15 098 564 608
Po spuštění: Volných bajtů: 14 805 872 640
.
- - End Of File - - DB2265A7237A07CA9F5EBADFF4D028F8
-
Danstahr
- Přítel fóra
- Příspěvky: 1069
- Registrován: 28 říj 2006 20:23
- Bydliště: Londýn
- Kontaktovat uživatele:
Re: Dnes jsem si zaviroval počítač a začalo to tímhle ˇˇ
Opakujte prosím ještě jednou předchozí krok s tímto skriptem :
Kód: Vybrat vše
killall::
Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=-
"combofix"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RGSC"=-
reboot::Koupím trochu času, cenu respektuji.
Re: Dnes jsem si zaviroval počítač a začalo to tímhle ˇˇ
Strašně moc si vážím práce, kterou pro mne vykonáváte =) a strašně vám za to děkuji =)
- ComboFix 12-04-22.02 - Kvasna 24.04.2012 21:26:28.5.8 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.6069.4441 [GMT 2:00]
Spuštěný z: c:\users\Kvasna\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Kvasna\Desktop\CFScript.txt
AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-03-24 do 2012-04-24 )))))))))))))))))))))))))))))))
.
.
2012-04-24 19:30 . 2012-04-24 19:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-23 12:11 . 2012-04-23 12:11 -------- d-----w- c:\program files (x86)\MSXML 4.0
2012-04-22 21:53 . 2012-04-22 21:53 -------- d-----w- c:\program files\trend micro
2012-04-22 21:53 . 2012-04-22 21:53 -------- d-----w- C:\rsit
2012-04-22 21:24 . 2012-04-22 21:24 -------- d-----w- C:\$AVG
2012-04-22 20:24 . 2012-04-22 23:13 -------- d---a-w- C:\Kaspersky Rescue Disk 10.0
2012-04-22 18:18 . 2012-04-22 18:18 -------- d-----w- c:\users\Kvasna\AppData\Roaming\AVG2012
2012-04-22 18:17 . 2012-04-22 18:17 -------- d-----w- c:\program files (x86)\Common Files\AVG Secure Search
2012-04-22 18:17 . 2012-04-22 18:17 -------- d-----w- c:\program files (x86)\AVG Secure Search
2012-04-22 18:17 . 2012-04-22 18:17 -------- d--h--w- c:\programdata\Common Files
2012-04-22 18:17 . 2012-04-22 18:17 -------- d-----w- c:\windows\SysWow64\drivers\AVG
2012-04-22 18:16 . 2012-04-24 14:11 -------- d-----w- c:\windows\system32\drivers\AVG
2012-04-22 18:16 . 2012-04-22 21:31 -------- d-----w- c:\programdata\AVG2012
2012-04-22 18:16 . 2012-04-22 18:16 -------- d-----w- c:\program files (x86)\AVG
2012-04-22 18:15 . 2012-04-24 14:11 -------- d-----w- c:\programdata\MFAData
2012-04-22 18:11 . 2012-04-22 18:11 -------- d-----w- c:\program files (x86)\CodeStuff
2012-04-22 17:19 . 2012-04-22 17:19 -------- d-----w- c:\users\Kvasna\AppData\Roaming\IObit
2012-04-22 17:19 . 2012-04-22 17:19 -------- d-----w- c:\program files (x86)\IObit
2012-04-22 15:00 . 2012-04-22 15:00 -------- d-----w- c:\program files (x86)\MSSOAP
2012-04-22 15:00 . 2012-04-22 15:00 -------- d-----w- c:\program files (x86)\Webroot
2012-04-22 14:35 . 2012-04-22 14:35 388096 ----a-r- c:\users\Kvasna\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-04-22 14:35 . 2012-04-22 14:35 -------- d-----w- c:\program files (x86)\Trend Micro
2012-04-22 13:43 . 2012-04-22 13:43 -------- d-----w- c:\users\Kvasna\jagexcache1
2012-04-22 13:30 . 2012-04-22 13:31 -------- d-----w- c:\users\Kvasna\AppData\Roaming\dclogs
2012-04-21 14:17 . 2012-04-21 14:17 -------- d-----w- c:\users\Kvasna\AppData\Local\FalloutNV
2012-04-21 12:56 . 2012-04-21 12:56 -------- d-----w- c:\programdata\ATI
2012-04-21 12:56 . 2012-04-21 12:56 -------- d-----w- c:\programdata\AMD
2012-04-21 12:56 . 2012-04-21 12:56 -------- d-----w- c:\program files (x86)\AMD AVT
2012-04-21 12:56 . 2012-04-21 12:56 -------- d-----w- c:\program files (x86)\AMD APP
2012-04-21 07:56 . 2012-04-24 15:41 -------- d-----w- C:\.jagex_cache_32
2012-04-20 13:10 . 2012-04-13 08:46 8917360 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0A847A82-BCE4-4139-BDB4-B868E13D9EAD}\mpengine.dll
2012-04-14 16:37 . 2012-04-14 16:37 8741536 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-11 14:52 . 2012-03-06 06:53 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-11 14:52 . 2012-03-06 05:59 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-04-11 14:52 . 2012-03-06 05:59 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-04-11 14:49 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-04-11 14:49 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-04-11 14:49 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-04-11 14:49 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-04-11 14:49 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2012-04-11 14:49 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-04-11 14:49 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-04-11 09:56 . 2012-04-11 09:56 -------- d-----w- c:\users\Kvasna\AppData\Local\ASUS
2012-04-10 08:32 . 2012-04-10 08:32 -------- d-----w- c:\program files (x86)\Fifa Master
2012-04-05 15:18 . 2012-04-05 20:03 -------- d-----w- c:\users\Kvasna\AppData\Roaming\Ulozto File Manager
2012-04-05 15:18 . 2012-04-05 15:18 -------- d-----w- c:\program files (x86)\Uložto File Manager
2012-04-03 05:38 . 2012-04-03 05:38 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2012-04-01 20:29 . 2012-04-01 20:29 -------- d-----w- c:\program files\Microsoft Synchronization Services
2012-04-01 20:29 . 2012-04-01 20:29 -------- d-----w- c:\windows\PCHEALTH
2012-04-01 20:29 . 2012-04-01 20:29 -------- d-----w- c:\program files\Microsoft Sync Framework
2012-04-01 20:29 . 2012-04-01 20:29 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2012-04-01 20:28 . 2012-04-01 20:28 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2012-04-01 20:27 . 2012-04-01 20:27 -------- d-----w- c:\program files\Microsoft Analysis Services
2012-04-01 20:27 . 2012-04-01 20:27 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2012-04-01 20:27 . 2012-04-01 20:27 -------- d-----w- c:\users\Kvasna\AppData\Local\Microsoft Help
2012-04-01 20:26 . 2012-04-11 14:54 -------- d-----w- c:\programdata\Microsoft Help
2012-04-01 20:26 . 2012-04-01 20:26 -------- d-----r- C:\MSOCache
2012-04-01 14:49 . 2012-04-02 11:43 -------- d-----w- c:\users\Kvasna\AppData\Roaming\GarenaPlus
2012-04-01 14:49 . 2012-04-01 14:49 -------- d-----w- c:\program files (x86)\Garena Plus
2012-04-01 14:49 . 2012-04-02 11:43 -------- d-----w- c:\programdata\GarenaMessenger
2012-04-01 10:33 . 2012-04-14 16:37 418464 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-04-01 10:33 . 2012-04-01 10:33 -------- d-----w- c:\windows\system32\Macromed
2012-03-31 20:29 . 2012-04-04 13:46 -------- d-----w- c:\users\Kvasna\AppData\Roaming\BSplayer
2012-03-31 20:29 . 2012-03-31 20:29 -------- d-----w- c:\users\Kvasna\AppData\Roaming\BSplayer Pro
2012-03-31 20:29 . 2012-03-31 20:29 -------- d-----w- c:\program files (x86)\Webteh
2012-03-30 12:25 . 2012-03-30 12:25 -------- d-----w- c:\program files\Paint.NET
2012-03-30 12:24 . 2012-03-30 12:26 -------- d-----w- c:\users\Kvasna\AppData\Local\Paint.NET
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-19 12:41 . 2012-02-25 01:59 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2012-04-19 12:41 . 2012-02-23 08:56 283304 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2012-04-19 12:40 . 2012-02-23 08:56 282864 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2012-04-14 16:37 . 2012-02-22 23:10 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-03-09 06:28 . 2012-03-09 06:28 10857984 ----a-w- c:\windows\system32\drivers\atikmdag.sys
2012-03-09 05:16 . 2012-03-09 05:16 159744 ----a-w- c:\windows\system32\atiapfxx.exe
2012-03-09 05:16 . 2011-09-08 17:34 791552 ----a-w- c:\windows\SysWow64\aticfx32.dll
2012-03-09 05:14 . 2011-09-08 17:32 958464 ----a-w- c:\windows\system32\aticfx64.dll
2012-03-09 05:11 . 2011-09-08 17:30 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll
2012-03-09 05:11 . 2012-03-09 05:11 496128 ----a-w- c:\windows\system32\atieclxx.exe
2012-03-09 05:10 . 2012-03-09 05:10 235520 ----a-w- c:\windows\system32\atiesrxx.exe
2012-03-09 05:08 . 2012-03-09 05:08 120320 ----a-w- c:\windows\system32\atitmm64.dll
2012-03-09 05:08 . 2012-03-09 05:08 21504 ----a-w- c:\windows\system32\atimuixx.dll
2012-03-09 05:07 . 2012-03-09 05:07 59392 ----a-w- c:\windows\system32\atiedu64.dll
2012-03-09 05:07 . 2012-03-09 05:07 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll
2012-03-09 05:04 . 2012-03-09 05:04 6200320 ----a-w- c:\windows\SysWow64\atidxx32.dll
2012-03-09 05:03 . 2012-03-09 05:03 26166784 ----a-w- c:\windows\system32\atio6axx.dll
2012-03-09 04:45 . 2011-09-08 17:16 7646208 ----a-w- c:\windows\system32\atidxx64.dll
2012-03-09 04:39 . 2012-03-09 04:39 19739136 ----a-w- c:\windows\SysWow64\atioglxx.dll
2012-03-09 04:36 . 2012-03-09 04:36 1113088 ----a-w- c:\windows\system32\atiumd6v.dll
2012-03-09 04:36 . 2012-03-09 04:36 1828864 ----a-w- c:\windows\SysWow64\atiumdmv.dll
2012-03-09 04:35 . 2011-09-08 17:18 4958208 ----a-w- c:\windows\system32\atiumd6a.dll
2012-03-09 04:23 . 2011-09-08 17:08 5062656 ----a-w- c:\windows\SysWow64\atiumdva.dll
2012-03-09 04:23 . 2011-09-08 17:05 5954048 ----a-w- c:\windows\SysWow64\atiumdag.dll
2012-03-09 04:18 . 2012-03-09 04:18 51200 ----a-w- c:\windows\system32\aticalrt64.dll
2012-03-09 04:18 . 2012-03-09 04:18 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll
2012-03-09 04:18 . 2012-03-09 04:18 44544 ----a-w- c:\windows\system32\aticalcl64.dll
2012-03-09 04:18 . 2012-03-09 04:18 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll
2012-03-09 04:17 . 2012-03-09 04:17 16069632 ----a-w- c:\windows\system32\aticaldd64.dll
2012-03-09 04:12 . 2012-03-09 04:12 13715968 ----a-w- c:\windows\SysWow64\aticaldd.dll
2012-03-09 04:11 . 2011-09-08 17:00 7552000 ----a-w- c:\windows\system32\atiumd64.dll
2012-03-09 04:05 . 2012-03-09 04:05 54784 ----a-w- c:\windows\system32\atimpc64.dll
2012-03-09 04:05 . 2012-03-09 04:05 54784 ----a-w- c:\windows\system32\amdpcom64.dll
2012-03-09 04:05 . 2012-03-09 04:05 53760 ----a-w- c:\windows\SysWow64\atimpc32.dll
2012-03-09 04:05 . 2012-03-09 04:05 53760 ----a-w- c:\windows\SysWow64\amdpcom32.dll
2012-03-09 03:58 . 2011-09-08 16:53 512000 ----a-w- c:\windows\system32\atiadlxx.dll
2012-03-09 03:58 . 2012-03-09 03:58 356352 ----a-w- c:\windows\SysWow64\atiadlxy.dll
2012-03-09 03:58 . 2012-03-09 03:58 17408 ----a-w- c:\windows\system32\atig6pxx.dll
2012-03-09 03:58 . 2012-03-09 03:58 14336 ----a-w- c:\windows\SysWow64\atiglpxx.dll
2012-03-09 03:58 . 2012-03-09 03:58 14336 ----a-w- c:\windows\system32\atiglpxx.dll
2012-03-09 03:58 . 2012-03-09 03:58 39936 ----a-w- c:\windows\system32\atig6txx.dll
2012-03-09 03:58 . 2012-03-09 03:58 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll
2012-03-09 03:58 . 2012-03-09 03:58 328704 ----a-w- c:\windows\system32\drivers\atikmpag.sys
2012-03-09 03:57 . 2011-09-08 16:52 43008 ----a-w- c:\windows\system32\atiuxp64.dll
2012-03-09 03:56 . 2012-03-09 03:56 33280 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2012-03-09 03:56 . 2011-09-08 16:51 39936 ----a-w- c:\windows\system32\atiu9p64.dll
2012-03-09 03:56 . 2011-09-08 16:51 30208 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2012-03-09 03:55 . 2012-03-09 03:55 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll
2012-03-09 03:47 . 2011-09-08 16:59 58880 ----a-w- c:\windows\system32\coinst.dll
2012-03-08 23:26 . 2012-03-08 23:26 74752 ----a-w- c:\windows\system32\OpenVideo64.dll
2012-03-08 23:26 . 2012-03-08 23:26 64512 ----a-w- c:\windows\SysWow64\OpenVideo.dll
2012-03-08 23:26 . 2012-03-08 23:26 61952 ----a-w- c:\windows\system32\OVDecode64.dll
2012-03-08 23:26 . 2012-03-08 23:26 54784 ----a-w- c:\windows\SysWow64\OVDecode.dll
2012-03-08 23:26 . 2012-03-08 23:26 16507392 ----a-w- c:\windows\system32\amdocl64.dll
2012-03-08 23:25 . 2012-03-08 23:25 13238272 ----a-w- c:\windows\SysWow64\amdocl.dll
2012-03-08 23:24 . 2012-03-08 23:24 54272 ----a-w- c:\windows\system32\OpenCL.dll
2012-03-08 23:24 . 2012-03-08 23:24 48128 ----a-w- c:\windows\SysWow64\OpenCL.dll
2012-03-07 00:15 . 2012-03-15 14:15 41184 ----a-w- c:\windows\avastSS.scr
2012-03-07 00:15 . 2012-03-15 14:15 201352 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-03-07 00:02 . 2012-03-15 14:15 53080 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-03-02 23:12 . 2012-03-02 23:12 743262 ----a-w- c:\windows\unins000.exe
2012-02-26 12:26 . 2012-02-26 12:26 91648 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2012-02-26 12:26 . 2012-02-26 12:26 89088 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2012-02-26 12:26 . 2012-02-26 12:26 86528 ----a-w- c:\windows\SysWow64\iesysprep.dll
2012-02-26 12:26 . 2012-02-26 12:26 76800 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2012-02-26 12:26 . 2012-02-26 12:26 76800 ----a-w- c:\windows\system32\tdc.ocx
2012-02-26 12:26 . 2012-02-26 12:26 74752 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2012-02-26 12:26 . 2012-02-26 12:26 74752 ----a-w- c:\windows\SysWow64\iesetup.dll
2012-02-26 12:26 . 2012-02-26 12:26 63488 ----a-w- c:\windows\SysWow64\tdc.ocx
2012-02-26 12:26 . 2012-02-26 12:26 49664 ----a-w- c:\windows\system32\imgutil.dll
2012-02-26 12:26 . 2012-02-26 12:26 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2012-02-26 12:26 . 2012-02-26 12:26 48640 ----a-w- c:\windows\system32\mshtmler.dll
2012-02-26 12:26 . 2012-02-26 12:26 448512 ----a-w- c:\windows\system32\html.iec
2012-02-26 12:26 . 2012-02-26 12:26 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-02-26 12:26 . 2012-02-26 12:26 367104 ----a-w- c:\windows\SysWow64\html.iec
2012-02-26 12:26 . 2012-02-26 12:26 35840 ----a-w- c:\windows\SysWow64\imgutil.dll
2012-02-26 12:26 . 2012-02-26 12:26 23552 ----a-w- c:\windows\SysWow64\licmgr10.dll
2012-02-26 12:26 . 2012-02-26 12:26 222208 ----a-w- c:\windows\system32\msls31.dll
2012-02-26 12:26 . 2012-02-26 12:26 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-02-26 12:26 . 2012-02-26 12:26 161792 ----a-w- c:\windows\SysWow64\msls31.dll
2012-02-26 12:26 . 2012-02-26 12:26 152064 ----a-w- c:\windows\SysWow64\wextract.exe
2012-02-26 12:26 . 2012-02-26 12:26 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2012-02-26 12:26 . 2012-02-26 12:26 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-02-26 12:26 . 2012-02-26 12:26 135168 ----a-w- c:\windows\system32\IEAdvpack.dll
2012-02-26 12:26 . 2012-02-26 12:26 12288 ----a-w- c:\windows\system32\mshta.exe
2012-02-26 12:26 . 2012-02-26 12:26 11776 ----a-w- c:\windows\SysWow64\mshta.exe
2012-02-26 12:26 . 2012-02-26 12:26 114176 ----a-w- c:\windows\system32\admparse.dll
2012-02-26 12:26 . 2012-02-26 12:26 111616 ----a-w- c:\windows\system32\iesysprep.dll
2012-02-26 12:26 . 2012-02-26 12:26 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2012-02-26 12:26 . 2012-02-26 12:26 101888 ----a-w- c:\windows\SysWow64\admparse.dll
2012-02-26 12:26 . 2012-02-26 12:26 85504 ----a-w- c:\windows\system32\iesetup.dll
2012-02-26 12:26 . 2012-02-26 12:26 603648 ----a-w- c:\windows\system32\vbscript.dll
2012-02-26 12:26 . 2012-02-26 12:26 30720 ----a-w- c:\windows\system32\licmgr10.dll
2012-02-26 12:26 . 2012-02-26 12:26 165888 ----a-w- c:\windows\system32\iexpress.exe
2012-02-26 12:26 . 2012-02-26 12:26 160256 ----a-w- c:\windows\system32\wextract.exe
2012-02-26 12:12 . 2010-12-21 14:07 10463744 ----a-w- c:\windows\system32\BCC7_3DObjects_AE.dll
2012-02-26 12:11 . 2010-12-20 13:14 22771200 ----a-w- c:\windows\system32\BCC7_AE_16Bit.dll
2012-02-26 12:02 . 2010-12-20 13:23 22737920 ----a-w- c:\windows\system32\BCC7_AE_8Bit.dll
2012-02-25 12:06 . 2012-02-25 12:07 525544 ----a-w- c:\windows\system32\deployJava1.dll
2012-02-25 10:59 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-04-23_13.00.51 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2012-04-23 10:24 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-04-24 14:47 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-04-23 10:24 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-04-24 14:47 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-04-24 14:47 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-04-23 10:24 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-02-22 23:17 . 2012-04-24 15:23 33380 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-04-24 15:23 36956 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 04:46 . 2012-04-24 14:18 88560 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2012-02-22 22:26 . 2012-04-24 15:23 8414 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1407730729-757819813-2124692152-1000_UserData.bin
+ 2012-04-23 19:53 . 2012-04-23 19:53 8192 c:\windows\system32\Microsoft\Protect\Recovery\Recovery.dat
- 2012-04-23 12:45 . 2012-04-23 12:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-04-24 19:31 . 2012-04-24 19:31 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-04-24 19:31 . 2012-04-24 19:31 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-04-23 12:45 . 2012-04-23 12:45 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-02-23 08:45 . 2012-04-24 12:54 342194 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2012-02-23 06:04 . 2012-04-24 14:09 333530 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2009-07-14 02:36 . 2012-04-23 12:51 652360 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-04-24 10:39 652360 c:\windows\system32\perfh009.dat
+ 2009-07-26 18:41 . 2012-04-24 10:39 666656 c:\windows\system32\perfh005.dat
- 2009-07-26 18:41 . 2012-04-23 12:51 666656 c:\windows\system32\perfh005.dat
+ 2009-07-14 02:36 . 2012-04-24 10:39 121292 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2012-04-23 12:51 121292 c:\windows\system32\perfc009.dat
+ 2009-07-26 18:41 . 2012-04-24 10:39 140320 c:\windows\system32\perfc005.dat
- 2009-07-26 18:41 . 2012-04-23 12:51 140320 c:\windows\system32\perfc005.dat
+ 2012-02-22 23:15 . 2012-04-24 19:31 5997392 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2012-02-22 23:15 . 2012-04-23 12:16 5997392 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
- 2009-07-14 05:01 . 2012-04-23 12:16 1139408 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-04-24 19:31 1139408 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-02-23 19:55 . 2012-04-24 19:31 8739300 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1407730729-757819813-2124692152-1000-12288.dat
- 2012-02-23 19:55 . 2012-04-23 12:16 8739300 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1407730729-757819813-2124692152-1000-12288.dat
+ 2012-02-22 23:15 . 2012-04-24 19:31 38999608 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1407730729-757819813-2124692152-1000-8192.dat
+ 2012-04-24 15:27 . 2012-04-24 15:27 23642112 c:\windows\Installer\6bc01.msi
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 16:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2009-10-26 6998656]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2009-08-19 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ADSMTray"="c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe" [2009-06-24 272952]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-01-24 2416480]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-04-22 218440]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe [2012-2-23 12862]
SRS Premium Sound.lnk - c:\windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2012-2-23 156952]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x]
R3 ipswuio;ipswuio;c:\windows\system32\DRIVERS\ipswuio.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
R3 RegFilter;RegFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2011-09-20 33184]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 UrlFilter;UrlFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [2011-09-20 21872]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 FileMonitor;FileMonitor;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [2012-01-05 21384]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 2343816]
S2 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2012-01-09 821592]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2314240]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-04-22 c:\windows\Tasks\SidebarExecute.job
- c:\program files\Windows Sidebar\sidebar.exe [2012-02-25 13:25]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 15:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-01 323584]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-05-25 10816544]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.0.0.138
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll
FF - ProfilePath - c:\users\Kvasna\AppData\Roaming\Mozilla\Firefox\Profiles\9y1p93c3.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.cz/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q=
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1407730729-757819813-2124692152-1000\Software\SecuROM\License information*]
"datasecu"=hex:d5,bb,cb,a4,37,de,a9,e8,6a,c5,03,9b,09,50,95,62,7e,cf,76,8d,47,
e9,5a,cb,57,ea,72,9f,fe,cf,7c,46,ff,5f,66,28,e2,9f,a8,3c,da,b1,a7,d2,9d,81,\
"rkeysecu"=hex:33,94,93,1f,15,d3,6b,1c,c9,f3,92,4f,79,4c,96,5d
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG*]
"Seed"=hex:49,31,f4,88,04,28,01,14,c5,ca,fa,5f,f5,cf,66,6e,1f,6c,42,48,3b,1d,
bb,84,6e,c3,98,a3,07,68,b8,a1,8e,3f,71,ca,a8,53,6d,af,a8,e5,29,51,a3,e5,99,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\ASUS\NB Probe\SPM\spmgr.exe
c:\program files (x86)\ASUS\Net4Switch\Net4Switch.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ControlDeck\ControlDeck.exe
.
**************************************************************************
.
Celkový čas: 2012-04-24 21:36:17 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-04-24 19:36
ComboFix2.txt 2012-04-24 15:19
ComboFix3.txt 2012-04-24 15:08
ComboFix4.txt 2012-04-23 13:02
.
Před spuštěním: Volných bajtů: 15 721 967 616
Po spuštění: Volných bajtů: 15 645 687 808
.
- - End Of File - - B9EDD0EA5461C6573F18A510B48EE60E
-
Danstahr
- Přítel fóra
- Příspěvky: 1069
- Registrován: 28 říj 2006 20:23
- Bydliště: Londýn
- Kontaktovat uživatele:
Re: Dnes jsem si zaviroval počítač a začalo to tímhle ˇˇ
Dejte ještě kontrolní log z RSIT.
Koupím trochu času, cenu respektuji.
Přispějete na provoz fóra?