Prosba o kontrolu logu.

Zpráva

polhrad · #1 Příspěvek od **polhrad** » 10 kvě 2014 05:27

Prosím o kontrolu. Antivir mi blokuje soubor installer.exe, který se snaží po staru spouštět. Je to v adresáři software602/print2pdf. Je to divné, proč by se měl spouštět. Zkusil jsem to dát do kontroly na virustotal.com abytehero mi našlo toto:

Trojan-Downloader.win32.Small.gen.105

Co s tím? Díky. Posílám log z RSITu:

Logfile of random's system information tool 1.09 (written by random/random)
Run by Radek at 2014-05-10 06:20:39
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 145 GB (25%) free of 588 GB
Total RAM: 4030 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:20:46, on 10.5.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe
C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\O2\Strazce internetu\fshoster32.exe
C:\Program Files (x86)\O2\Strazce internetu\apps\ComputerSecurity\Common\FSM32.EXE
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
C:\Program Files (x86)\totalcmd\TOTALCMD.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Radek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [DTRun] c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Print2PDF Print Monitor] "C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe" /server
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [F-Secure Hoster (39109)] "C:\Program Files (x86)\O2\Strazce internetu\fshoster32.exe" -app -hosterid:1
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\O2\Strazce internetu\apps\ComputerSecurity\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: @C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: F-Secure Dll Hoster (fshoster) - F-Secure Corporation - C:\Program Files (x86)\O2\Strazce internetu\fshoster32.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files (x86)\O2\Strazce internetu\apps\ComputerSecurity\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\O2\Strazce internetu\apps\CCF_Reputation\fsorsp.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\windows\system32\HPSIsvc.exe (file missing)
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Endpoint Encryption Agent - Unknown owner - C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Realtek11nSU - Realtek - C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XobniService - Xobni Corporation - C:\Program Files (x86)\Xobni\XobniService.exe

--
End of file - 15126 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\Hpservice.exe
C:\windows\system32\vcsFPService.exe
C:\windows\system32\svchost.exe -k NetworkService
atieclxx
C:\windows\system32\WLANExt.exe 38107392
\??\C:\windows\system32\conhost.exe "-188507757157612090113264088518316186653594412017973911-12173382671849423057
C:\windows\System32\spoolsv.exe
"C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\O2\Strazce internetu\fshoster32.exe" -hosterid:0
"C:\Program Files (x86)\O2\Strazce internetu\apps\CCF_Reputation\fsorsp.exe"
"c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe"
C:\windows\system32\HPSIsvc.exe
"C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe"
"C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe"
"C:\Program Files (x86)\O2\Strazce internetu\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE" /service /stopevent=644 /ipcexch=948
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe"
"C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe"
"C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe"
C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
WLIDSvcM.exe 2596
"C:\Program Files (x86)\O2\Strazce internetu\apps\ComputerSecurity\Common\FSMA32.EXE"
oid 1.3.6.1.4.1.2213.11.1.27.64 HosterGroupType 0
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files (x86)\O2\Strazce internetu\apps\ComputerSecurity\Anti-Virus\fssm32.exe" 3 820 824 828
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"taskhost.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWlan.exe" /H
"C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe" /server
"C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
"C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
-Minimized
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" /start
"C:\Program Files (x86)\O2\Strazce internetu\fshoster32.exe" -app -hosterid:1
"C:\Program Files (x86)\O2\Strazce internetu\apps\ComputerSecurity\Common\FSM32.EXE" /splash
ArcCon.ac 66220 0
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
"C:\Program Files (x86)\Opera\opera.exe"
"C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" /hidden
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe" -Embedding
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSdkHelperx64.exe"
C:\windows\system32\igfxext.exe -Embedding
C:\windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\totalcmd\TOTALCMD.EXE" c: c:
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Users\Radek\Desktop\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job
C:\windows\tasks\HPCeeScheduleForHPPB4730S-RADEK$.job
C:\windows\tasks\HPCeeScheduleForRadek.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\9leixagk.default-1366659333013

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.206 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.17.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\Sony\Media Go\npmediago.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.206 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-25 49440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2011-02-07 117248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-06 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-01-07 60576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-06 170912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-01-07 615584]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-01-07 379040]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-01-27 167960]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-01-27 391704]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-01-27 418328]
"MfeEpePcMonitor"=C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [2011-08-22 200704]
"HPPowerAssistant"=C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe [2011-08-17 14904]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-06-06 1664000]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-10-30 2804976]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"=C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2014-04-22 21720]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"File Sanitizer"=C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2011-02-07 12274688]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-01-26 283160]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2011-11-26 113288]
"DTRun"=c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [2010-11-24 517456]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]
"Print2PDF Print Monitor"=C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe [2011-10-04 220992]
"HPConnectionManager"=C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2011-05-23 103992]
"HPQuickWebProxy"=C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [2011-11-26 169528]
"ArcSoft Connection Service"=C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-28 207424]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2012-06-20 333728]
"F-Secure Hoster (39109)"=C:\Program Files (x86)\O2\Strazce internetu\fshoster32.exe [2013-05-15 191424]
"F-Secure Manager"=C:\Program Files (x86)\O2\Strazce internetu\apps\ComputerSecurity\Common\FSM32.EXE [2013-08-14 310208]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2011-01-27 385024]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
EpePcNp64
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=0
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-05-07 01:07:09 ----SD---- C:\windows\system32\CompatTel
2014-05-06 19:21:44 ----A---- C:\windows\system32\aepdu.dll
2014-05-06 19:21:38 ----A---- C:\windows\system32\aeinv.dll
2014-05-04 18:38:10 ----D---- C:\serialy
2014-05-04 02:28:14 ----D---- C:\Users\Radek\AppData\Roaming\123 Free Solitaire
2014-05-04 02:28:03 ----D---- C:\Program Files (x86)\123 Free Solitaire
2014-05-04 02:26:54 ----D---- C:\Program Files (x86)\SuDoku
2014-05-03 15:37:57 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-05-03 03:02:05 ----A---- C:\windows\system32\mshtml.dll
2014-05-03 03:02:02 ----A---- C:\windows\SYSWOW64\mshtml.dll
2014-04-16 18:25:42 ----D---- C:\Users\Radek\AppData\Roaming\Maxthon3
2014-04-16 18:24:52 ----D---- C:\Program Files (x86)\Maxthon
2014-04-11 20:49:32 ----A---- C:\windows\SYSWOW64\mstscax.dll
2014-04-11 20:49:32 ----A---- C:\windows\system32\mstscax.dll

======List of files/folders modified in the last 1 month======

2014-05-10 06:20:47 ----D---- C:\windows\Prefetch
2014-05-10 06:20:42 ----D---- C:\Program Files\trend micro
2014-05-10 06:20:35 ----D---- C:\windows\Temp
2014-05-10 05:58:09 ----D---- C:\windows\System32
2014-05-10 05:58:09 ----D---- C:\windows\inf
2014-05-10 05:58:09 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-05-10 00:12:06 ----D---- C:\windows\system32\config
2014-05-10 00:04:05 ----A---- C:\windows\SYSWOW64\log.txt
2014-05-10 00:02:02 ----D---- C:\ProgramData\PDFC
2014-05-10 00:01:36 ----D---- C:\windows\SysWOW64
2014-05-09 20:57:07 ----D---- C:\Foto nikon
2014-05-09 19:03:21 ----D---- C:\fotky
2014-05-09 19:02:43 ----D---- C:\obr
2014-05-09 19:00:56 ----D---- C:\Foto samsung Radek
2014-05-08 13:31:53 ----A---- C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-05-07 23:51:12 ----SHD---- C:\windows\Installer
2014-05-07 23:51:12 ----SHD---- C:\Config.Msi
2014-05-07 23:45:08 ----D---- C:\Program Files (x86)
2014-05-07 01:07:21 ----D---- C:\windows\winsxs
2014-05-07 01:06:47 ----SHD---- C:\System Volume Information
2014-05-06 19:12:39 ----D---- C:\windows\system32\catroot
2014-05-04 11:30:17 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-04 02:30:08 ----D---- C:\hry
2014-05-01 13:05:39 ----D---- C:\windows\Tasks
2014-05-01 13:05:39 ----D---- C:\windows\system32\Tasks
2014-05-01 10:09:45 ----D---- C:\Users\Radek\AppData\Roaming\602Installer
2014-04-29 12:45:42 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2014-04-28 21:32:01 ----D---- C:\Radek
2014-04-28 18:10:48 ----D---- C:\Users\Radek\AppData\Roaming\vlc
2014-04-28 16:47:18 ----D---- C:\mp3
2014-04-27 23:07:23 ----D---- C:\windows\system32\catroot2
2014-04-27 20:05:21 ----D---- C:\Windows
2014-04-26 14:29:45 ----D---- C:\windows\debug
2014-04-26 14:28:18 ----D---- C:\Program Files\CCleaner
2014-04-23 15:59:29 ----D---- C:\Program Files (x86)\Opera
2014-04-16 18:26:01 ----RSD---- C:\windows\Fonts
2014-04-12 21:09:44 ----D---- C:\windows\rescache
2014-04-11 23:59:03 ----D---- C:\windows\SYSWOW64\cs-CZ
2014-04-11 23:59:03 ----D---- C:\windows\system32\cs-CZ
2014-04-11 01:53:16 ----D---- C:\windows\system32\NDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 fsbts;fsbts; C:\windows\system32\Drivers\fsbts.sys [2013-10-12 56016]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2012-02-28 29976]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-01-13 439320]
R0 MfeEpeOpal;MfeEpeOpal; C:\windows\system32\drivers\MfeEpeOpal.sys [2011-08-22 100808]
R0 MfeEpePc;MfeEpePc; C:\windows\system32\drivers\MfeEpePc.sys [2011-08-22 158920]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 F-Secure HIPS;F-Secure HIPS Driver; \??\C:\Program Files (x86)\O2\Strazce internetu\apps\ComputerSecurity\HIPS\drivers\fshs.sys [2014-03-05 69480]
R1 fsvista;F-Secure Vista Support Driver; \??\C:\Program Files (x86)\O2\Strazce internetu\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [2013-08-14 13248]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2012-02-28 43800]
R3 Afc;PPdus ASPI Shell; C:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2011-03-28 9319424]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2011-03-28 303616]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2010-11-11 32192]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2012-12-20 3837440]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\windows\system32\DRIVERS\btath_bus.sys [2011-01-07 28832]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper; \??\C:\Program Files (x86)\O2\Strazce internetu\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [2014-04-23 203304]
R3 fsni;fsni; \??\C:\Program Files (x86)\O2\Strazce internetu\apps\CCF_Scanning\fsni64.sys [2013-04-25 80832]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2010-12-03 25912]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 intelkmd;intelkmd; C:\windows\system32\DRIVERS\igdpmd64.sys [2011-01-27 12273408]
R3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2013-06-06 175928]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [2011-11-26 91648]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [2011-11-26 208896]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2013-06-06 708200]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\windows\system32\DRIVERS\snp2uvc.sys [2012-11-28 1866080]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\windows\system32\DRIVERS\stwrt64.sys [2013-06-06 543744]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2013-10-30 549104]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 a016bus;Sony Ericsson Device A016 driver (WDM); C:\windows\system32\DRIVERS\a016bus.sys [2008-01-18 109096]
S3 a016mdfl;Sony Ericsson Device A016 USB WMC Modeme Filter; C:\windows\system32\DRIVERS\a016mdfl.sys [2008-01-18 19496]
S3 a016mdm;Sony Ericsson Device A016 USB WMC Modem Driver; C:\windows\system32\DRIVERS\a016mdm.sys [2008-01-18 146472]
S3 a016mgmt;Sony Ericsson Device A016 USB WMC Device Management Drivers (WDM); C:\windows\system32\DRIVERS\a016mgmt.sys [2008-01-18 130600]
S3 a016obex;Sony Ericsson Device A016 USB WMC OBEX Interface; C:\windows\system32\DRIVERS\a016obex.sys [2008-01-18 125480]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\windows\system32\DRIVERS\btath_flt.sys [2011-01-07 36000]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\windows\system32\drivers\btath_a2dp.sys [2011-01-07 298144]
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\windows\system32\DRIVERS\btath_hcrp.sys [2011-01-07 201376]
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\windows\system32\DRIVERS\btath_lwflt.sys [2011-01-07 55456]
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\windows\system32\DRIVERS\btath_rcp.sys [2011-01-07 154272]
S3 BtFilter;BtFilter; C:\windows\system32\DRIVERS\btfilter.sys [2011-01-07 279200]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2011-02-07 63336]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2013-10-28 107288]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [2014-04-05 119512]
S3 mvusbews;USB EWS Device; C:\windows\System32\Drivers\mvusbews.sys [2012-12-24 20480]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\windows\system32\DRIVERS\RTL8192su.sys [2010-03-10 687136]
S3 sdbus;sdbus; C:\windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\windows\system32\DRIVERS\ss_bus.sys [2013-05-02 127488]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\windows\system32\DRIVERS\ss_mdfl.sys [2013-05-02 18944]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\windows\system32\DRIVERS\ss_mdm.sys [2013-05-02 161280]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2013-10-28 204568]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2013-06-06 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2011-03-28 203264]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-01-07 138400]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-01-07 53920]
R2 DpHost;@C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2011-08-24 486224]
R2 fshoster;F-Secure Dll Hoster; C:\Program Files (x86)\O2\Strazce internetu\fshoster32.exe [2013-05-15 191424]
R2 FSORSPClient;F-Secure ORSP Client; C:\Program Files (x86)\O2\Strazce internetu\apps\CCF_Reputation\fsorsp.exe [2012-08-06 61176]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-08-17 133176]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]
R2 HPDayStarterService;HP DayStarter Service; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [2011-01-28 133688]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2013-05-13 270624]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2011-02-07 320000]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2012-06-20 523680]
R2 HPSIService;HP SI Service; C:\windows\system32\HPSIsvc.exe [2012-11-08 126856]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2012-02-28 31000]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-26 13336]
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service; C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-01-17 326168]
R2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2011-08-22 1318912]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-02-01 1127448]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-03-16 113264]
R2 Realtek11nSU;Realtek11nSU; C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [2010-01-21 45056]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [2005-08-08 167936]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2013-06-06 323072]
R2 uArcCapture;ArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2010-11-11 502464]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-01-17 2656280]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2011-01-22 3154224]
R3 FSMA;F-Secure Management Agent; C:\Program Files (x86)\O2\Strazce internetu\apps\ComputerSecurity\Common\FSMA32.EXE [2013-08-14 216000]
R3 hpCMSrv;HP Connection Manager 4 Service; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-05-23 1098296]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-07 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-29 257712]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\SysWOW64\flcdlock.exe [2011-09-05 476728]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-07 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-03-06 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-05-03 119408]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-11-23 1255736]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 11 kvě 2014 11:06

Zdravim

Udelejte !!!kompletni!!! kontrolu s MBAM http://forum.viry.cz/viewtopic.php?f=29&t=115222 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

polhrad · #3 Příspěvek od **polhrad** » 11 kvě 2014 12:37

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 11.5.2014
Scan Time: 13:35:04
Logfile: mbam log 11 05 2014.txt
Administrator: No

Version: 2.00.1.1004
Malware Database: v2014.05.11.03
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Radek

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 275027
Time Elapsed: 54 min, 34 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 1
Adware.TryMedia, C:\$Recycle.Bin\S-1-5-21-1173953602-3365374468-4114211599-1002\$R9N9IKD.exe, , [9b84a4acc3b8d26480ad9c52778c56aa],

Physical Sectors: 0
(No malicious items detected)

(end)

#4 Příspěvek od **Márty84** » 11 kvě 2014 12:43

Nalez nechte odstranit, pak MBAM odinstalujte.

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

polhrad · #5 Příspěvek od **polhrad** » 11 kvě 2014 14:04

# AdwCleaner v3.207 - Report created 11/05/2014 at 14:45:01
# Updated 05/05/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Radek - HPPB4730S-RADEK
# Running from : C:\Users\Radek\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1CCCE0D-AE21-42A2-BE58-8E6109410995}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041

-\\ Mozilla Firefox v29.0.1 (cs)

[ File : C:\Users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\9leixagk.default-1366659333013\prefs.js ]

-\\ Google Chrome v34.0.1847.131

[ File : C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://isearch.avg.com/search?cid={6FB0F288-9B9A-499F-99D2-F953CEAF2C08}&mid=42a3106b414047d0a28b0196dc4c8158-0dcf999c80123ba9470686f4659e863c30bd3af3&lang=en&ds=qw011&pr=sa&d=2012-12-26 10:53:42&v=13.2.0.5&sap=dsp&q={searchTerms}

*************************

AdwCleaner[R0].txt - [1947 octets] - [11/05/2014 14:43:42]
AdwCleaner[S0].txt - [1890 octets] - [11/05/2014 14:45:01]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1950 octets] ##########

#6 Příspěvek od **Márty84** » 11 kvě 2014 14:09

Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe , ulozte ho na plochu, kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Probehne kratoucky testik a pak se zpristupni vpravo nahore tlacitko Prohledat. Na to kliknete a probehne dalsi test.
Po dokonceni kliknete na napis Zprava a objevi se log. Ten mi sem vlozte

polhrad · #7 Příspěvek od **polhrad** » 11 kvě 2014 14:26

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Radek [Práva správce]
Mód : Kontrola -- Datum : 05/11/2014 15:17:00
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

ÿþ1

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) SAMSUNG HM641JI +++++
--- User ---
[MBR] 4d03127019e76ee52d130522fc468cf0
[BSP] d4065d26e0ae07e47fc70680adf8d2e7 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 300 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 616448 | Size: 587798 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1204426752 | Size: 17258 MB
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 1239771136 | Size: 5115 MB
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] 8d7c17ec0ab52f8d4bc5cb08cd1bc581
[BSP] d4065d26e0ae07e47fc70680adf8d2e7 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 300 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 616448 | Size: 61440 MB
2 - [ACTIVE] FAT16 (0x06) [VISIBLE] Offset (sectors): 167999488 | Size: 1001 MB
3 - [XXXXXX] FAT16 (0x06) [VISIBLE] Offset (sectors): 171999232 | Size: 2000 MB

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) WD Elements 1078 USB Device +++++
--- User ---
[MBR] e92eed2953b1b4e1a72defa0836020dc
[BSP] 6cd6d2fae07241d1d0d39261a9a86537 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953836 MB
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Po?adavek není podporován. )

Dokončeno : << RKreport[0]_S_05112014_151700.txt >>

#8 Příspěvek od **Márty84** » 11 kvě 2014 15:26

Postupujte podle navodu kolegy

vyosek píše: Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe
Kliknete na volbu Change parametrs

V okne Additional Option zakliknete vsechny moznosti

Kliknete na OK

Utilite prikazte, at skenuje - klik na Start Scan

Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip

Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip

Pokud mate vsude Skip, kliknete na Continue

Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte

Postupujte podle navodu kolegy

vyosek píše: Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/
Ulozte nejlepe na Plochu a rozbalte

Spustte kliknutim na mbar

Nyni postupne kliknete na Next a Update

Po dokonceni update (aktualizace) databaze kliknete opet na Next

Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC

Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko

Tez zkontrolujte, jetsli je zatrzitko u Create Restore point

Nyni kliknete na CleanUp cimz nalezenou infekci odstranime

PC bude restartovan

Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte

polhrad · #9 Příspěvek od **polhrad** » 11 kvě 2014 15:37

16:30:41.0102 1700 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
16:30:43.0522 1700 ============================================================
16:30:43.0522 1700 Current date / time: 2014/05/11 16:30:43.0522
16:30:43.0522 1700 SystemInfo:
16:30:43.0522 1700
16:30:43.0522 1700 OS Version: 6.1.7601 ServicePack: 1.0
16:30:43.0522 1700 Product type: Workstation
16:30:43.0523 1700 ComputerName: HPPB4730S-RADEK
16:30:43.0523 1700 UserName: Radek
16:30:43.0523 1700 Windows directory: C:\windows
16:30:43.0523 1700 System windows directory: C:\windows
16:30:43.0523 1700 Running under WOW64
16:30:43.0523 1700 Processor architecture: Intel x64
16:30:43.0523 1700 Number of processors: 4
16:30:43.0523 1700 Page size: 0x1000
16:30:43.0523 1700 Boot type: Normal boot
16:30:43.0523 1700 ============================================================
16:30:43.0923 1700 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:30:43.0925 1700 Drive \Device\Harddisk1\DR1 - Size: 0xE8DED00000 (931.48 Gb), SectorSize: 0x200, Cylinders: 0x1DAFD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:31:44.0498 1700 ============================================================
16:31:44.0498 1700 \Device\Harddisk0\DR0:
16:31:44.0523 1700 MBR partitions:
16:31:44.0523 1700 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x96000
16:31:44.0523 1700 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x96800, BlocksNum 0x47C0B000
16:31:44.0523 1700 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x47CA1800, BlocksNum 0x21B5000
16:31:44.0523 1700 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x49E56800, BlocksNum 0x9FD800
16:31:44.0523 1700 \Device\Harddisk1\DR1:
16:31:44.0523 1700 MBR partitions:
16:31:44.0523 1700 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x746F6000
16:31:44.0523 1700 ============================================================
16:31:44.0568 1700 C: <-> \Device\Harddisk0\DR0\Partition2
16:31:44.0613 1700 E: <-> \Device\Harddisk0\DR0\Partition3
16:31:44.0623 1700 F: <-> \Device\Harddisk0\DR0\Partition4
16:31:44.0643 1700 D: <-> \Device\Harddisk1\DR1\Partition1
16:31:44.0643 1700 ============================================================
16:31:44.0643 1700 Initialize success
16:31:44.0643 1700 ============================================================
16:32:51.0716 7784 ============================================================
16:32:51.0716 7784 Scan started
16:32:51.0716 7784 Mode: Manual; SigCheck; TDLFS;
16:32:51.0716 7784 ============================================================
16:32:51.0911 7784 ================ Scan system memory ========================
16:32:51.0911 7784 System memory - ok
16:32:51.0911 7784 ================ Scan services =============================
16:32:52.0126 7784 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
16:32:52.0261 7784 1394ohci - ok
16:32:52.0366 7784 [ EBD7BD25C1D33B10D2251194C300EE85 ] 602XML Updater C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
16:32:52.0386 7784 602XML Updater ( UnsignedFile.Multi.Generic ) - warning
16:32:52.0386 7784 602XML Updater - detected UnsignedFile.Multi.Generic (1)
16:32:52.0454 7784 [ 25E6C904B273F97A5E6E2D16E859A70D ] a016bus C:\windows\system32\DRIVERS\a016bus.sys
16:32:52.0486 7784 a016bus - ok
16:32:52.0529 7784 [ 8676AAEDEA6E1BCC4B7D050A62EC0ED3 ] a016mdfl C:\windows\system32\DRIVERS\a016mdfl.sys
16:32:52.0556 7784 a016mdfl - ok
16:32:52.0609 7784 [ 451B692665E0A3D90A7C583D98A0FC47 ] a016mdm C:\windows\system32\DRIVERS\a016mdm.sys
16:32:52.0639 7784 a016mdm - ok
16:32:52.0689 7784 [ 1971B457B64377FA6243FC69B837C214 ] a016mgmt C:\windows\system32\DRIVERS\a016mgmt.sys
16:32:52.0731 7784 a016mgmt - ok
16:32:52.0756 7784 [ 6042FC874CCB746173B80D73DF293FD6 ] a016obex C:\windows\system32\DRIVERS\a016obex.sys
16:32:52.0776 7784 a016obex - ok
16:32:52.0859 7784 [ A3D3A95303269011060BBCFB97CA1DD5 ] Accelerometer C:\windows\system32\DRIVERS\Accelerometer.sys
16:32:52.0919 7784 Accelerometer - ok
16:32:52.0991 7784 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
16:32:53.0066 7784 ACDaemon - ok
16:32:53.0139 7784 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
16:32:53.0194 7784 ACPI - ok
16:32:53.0274 7784 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
16:32:53.0381 7784 AcpiPmi - ok
16:32:53.0461 7784 [ B362181ED3771DC03B4141927C80F801 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:32:53.0519 7784 AdobeARMservice - ok
16:32:53.0649 7784 [ 7C7E868E1D8096ED08D80FF7712BB9D8 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:32:53.0724 7784 AdobeFlashPlayerUpdateSvc - ok
16:32:53.0786 7784 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
16:32:53.0841 7784 adp94xx - ok
16:32:53.0889 7784 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
16:32:53.0939 7784 adpahci - ok
16:32:53.0956 7784 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
16:32:53.0976 7784 adpu320 - ok
16:32:54.0039 7784 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
16:32:54.0131 7784 AeLookupSvc - ok
16:32:54.0274 7784 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
16:32:54.0326 7784 AESTFilters - ok
16:32:54.0406 7784 [ 6CCD1135320109D6B219F1A6E04AD9F6 ] Afc C:\windows\syswow64\drivers\Afc.sys
16:32:54.0456 7784 Afc - ok
16:32:54.0506 7784 [ 79059559E89D06E8B80CE2944BE20228 ] AFD C:\windows\system32\drivers\afd.sys
16:32:54.0591 7784 AFD - ok
16:32:54.0651 7784 [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem C:\windows\system32\DRIVERS\agrsm64.sys
16:32:54.0824 7784 AgereSoftModem - ok
16:32:54.0876 7784 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
16:32:54.0916 7784 agp440 - ok
16:32:54.0949 7784 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
16:32:55.0044 7784 ALG - ok
16:32:55.0104 7784 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
16:32:55.0124 7784 aliide - ok
16:32:55.0184 7784 [ D5518E3BBFD69520FA3BDD3D05B5B458 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
16:32:55.0339 7784 AMD External Events Utility - ok
16:32:55.0379 7784 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
16:32:55.0401 7784 amdide - ok
16:32:55.0431 7784 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
16:32:55.0496 7784 AmdK8 - ok
16:32:55.0729 7784 [ BE85FDC481F3BFBC036BB5D96DBBD12D ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
16:32:56.0029 7784 amdkmdag - ok
16:32:56.0111 7784 [ 8E0146E61409C46855F1DD008EAEDD5D ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
16:32:56.0186 7784 amdkmdap - ok
16:32:56.0254 7784 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
16:32:56.0311 7784 AmdPPM - ok
16:32:56.0399 7784 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
16:32:56.0441 7784 amdsata - ok
16:32:56.0474 7784 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
16:32:56.0491 7784 amdsbs - ok
16:32:56.0536 7784 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
16:32:56.0556 7784 amdxata - ok
16:32:56.0624 7784 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
16:32:56.0771 7784 AppID - ok
16:32:56.0809 7784 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
16:32:56.0896 7784 AppIDSvc - ok
16:32:56.0964 7784 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\windows\System32\appinfo.dll
16:32:57.0059 7784 Appinfo - ok
16:32:57.0101 7784 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys
16:32:57.0131 7784 arc - ok
16:32:57.0164 7784 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
16:32:57.0186 7784 arcsas - ok
16:32:57.0266 7784 [ 357635F16D28558C50870F4EF8AA4712 ] ARCVCAM C:\windows\system32\DRIVERS\ArcSoftVCapture.sys
16:32:57.0324 7784 ARCVCAM - ok
16:32:57.0454 7784 [ 9A262EDD17F8473B91B333D6B031A901 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:32:57.0536 7784 aspnet_state - ok
16:32:57.0569 7784 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
16:32:57.0624 7784 AsyncMac - ok
16:32:57.0664 7784 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
16:32:57.0679 7784 atapi - ok
16:32:57.0699 7784 [ CBE61B4494165F458BD87E37181EE934 ] AthBTPort C:\windows\system32\DRIVERS\btath_flt.sys
16:32:57.0784 7784 AthBTPort - ok
16:32:57.0854 7784 [ 4C4A576818EA028257C624AE36FF7A03 ] Atheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
16:32:57.0891 7784 Atheros Bt&Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - warning
16:32:57.0891 7784 Atheros Bt&Wlan Coex Agent - detected UnsignedFile.Multi.Generic (1)
16:32:57.0924 7784 [ 684B36CA4067DA7000CF95771A3CF0E7 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
16:32:57.0946 7784 AtherosSvc ( UnsignedFile.Multi.Generic ) - warning
16:32:57.0946 7784 AtherosSvc - detected UnsignedFile.Multi.Generic (1)
16:32:58.0079 7784 [ CE197ECAA255ACC7A7765DC24FAB3A0D ] athr C:\windows\system32\DRIVERS\athrx.sys
16:32:58.0271 7784 athr - ok
16:32:58.0354 7784 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
16:32:58.0506 7784 AudioEndpointBuilder - ok
16:32:58.0516 7784 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
16:32:58.0566 7784 AudioSrv - ok
16:32:58.0639 7784 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
16:32:58.0696 7784 AxInstSV - ok
16:32:58.0759 7784 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
16:32:58.0861 7784 b06bdrv - ok
16:32:58.0924 7784 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
16:32:58.0991 7784 b57nd60a - ok
16:32:59.0051 7784 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
16:32:59.0121 7784 BDESVC - ok
16:32:59.0154 7784 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
16:32:59.0229 7784 Beep - ok
16:32:59.0329 7784 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
16:32:59.0451 7784 BFE - ok
16:32:59.0504 7784 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll
16:32:59.0566 7784 BITS - ok
16:32:59.0619 7784 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
16:32:59.0671 7784 blbdrive - ok
16:32:59.0714 7784 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
16:32:59.0789 7784 bowser - ok
16:32:59.0821 7784 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
16:32:59.0869 7784 BrFiltLo - ok
16:32:59.0889 7784 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
16:32:59.0936 7784 BrFiltUp - ok
16:32:59.0984 7784 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
16:33:00.0071 7784 Browser - ok
16:33:00.0116 7784 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
16:33:00.0204 7784 Brserid - ok
16:33:00.0231 7784 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
16:33:00.0274 7784 BrSerWdm - ok
16:33:00.0306 7784 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
16:33:00.0344 7784 BrUsbMdm - ok
16:33:00.0371 7784 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
16:33:00.0394 7784 BrUsbSer - ok
16:33:00.0451 7784 [ 227C8F308DE4AF4808E587465CEAB838 ] BTATH_A2DP C:\windows\system32\drivers\btath_a2dp.sys
16:33:00.0546 7784 BTATH_A2DP - ok
16:33:00.0574 7784 [ A83A91D07D1FE6BBE7A9DB46CA00434B ] BTATH_BUS C:\windows\system32\DRIVERS\btath_bus.sys
16:33:00.0646 7784 BTATH_BUS - ok
16:33:00.0666 7784 [ C864FF85EE16D61C2BDD5EF76824625F ] BTATH_HCRP C:\windows\system32\DRIVERS\btath_hcrp.sys
16:33:00.0706 7784 BTATH_HCRP - ok
16:33:00.0771 7784 [ 0DEA505EFB5D771826D177EF8B8A208F ] BTATH_LWFLT C:\windows\system32\DRIVERS\btath_lwflt.sys
16:33:00.0821 7784 BTATH_LWFLT - ok
16:33:00.0841 7784 [ 724C8088C96EFE7A3E63FEC21D4681C0 ] BTATH_RCP C:\windows\system32\DRIVERS\btath_rcp.sys
16:33:00.0914 7784 BTATH_RCP - ok
16:33:00.0966 7784 [ FF8B065F96E4D9525AA7227299FBD05C ] BtFilter C:\windows\system32\DRIVERS\btfilter.sys
16:33:01.0044 7784 BtFilter - ok
16:33:01.0101 7784 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
16:33:01.0194 7784 BthEnum - ok
16:33:01.0229 7784 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
16:33:01.0299 7784 BTHMODEM - ok
16:33:01.0344 7784 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
16:33:01.0391 7784 BthPan - ok
16:33:01.0484 7784 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
16:33:01.0594 7784 BTHPORT - ok
16:33:01.0646 7784 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
16:33:01.0739 7784 bthserv - ok
16:33:01.0771 7784 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
16:33:01.0801 7784 BTHUSB - ok
16:33:01.0834 7784 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
16:33:01.0869 7784 cdfs - ok
16:33:01.0934 7784 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
16:33:02.0011 7784 cdrom - ok
16:33:02.0061 7784 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
16:33:02.0126 7784 CertPropSvc - ok
16:33:02.0189 7784 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys
16:33:02.0241 7784 circlass - ok
16:33:02.0276 7784 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
16:33:02.0321 7784 CLFS - ok
16:33:02.0396 7784 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:33:02.0439 7784 clr_optimization_v2.0.50727_32 - ok
16:33:02.0494 7784 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:33:02.0524 7784 clr_optimization_v2.0.50727_64 - ok
16:33:02.0616 7784 [ E87213F37A13E2B54391E40934F071D0 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:33:02.0736 7784 clr_optimization_v4.0.30319_32 - ok
16:33:02.0766 7784 [ 4AEDAB50F83580D0B4D6CF78191F92AA ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:33:02.0846 7784 clr_optimization_v4.0.30319_64 - ok
16:33:02.0886 7784 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
16:33:02.0941 7784 CmBatt - ok
16:33:03.0006 7784 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
16:33:03.0021 7784 cmdide - ok
16:33:03.0096 7784 [ EBF28856F69CF094A902F884CF989706 ] CNG C:\windows\system32\Drivers\cng.sys
16:33:03.0174 7784 CNG - ok
16:33:03.0229 7784 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
16:33:03.0264 7784 Compbatt - ok
16:33:03.0284 7784 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
16:33:03.0321 7784 CompositeBus - ok
16:33:03.0341 7784 COMSysApp - ok
16:33:03.0356 7784 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
16:33:03.0386 7784 crcdisk - ok
16:33:03.0429 7784 [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc C:\windows\system32\cryptsvc.dll
16:33:03.0526 7784 CryptSvc - ok
16:33:03.0559 7784 [ 2E3374F9F0B5A3247B779978980C24CB ] DAMDrv C:\windows\system32\DRIVERS\DAMDrv64.sys
16:33:03.0579 7784 DAMDrv - ok
16:33:03.0631 7784 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
16:33:03.0716 7784 DcomLaunch - ok
16:33:03.0761 7784 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
16:33:03.0861 7784 defragsvc - ok
16:33:03.0916 7784 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
16:33:04.0004 7784 DfsC - ok
16:33:04.0106 7784 [ 955FFE2B1D74A9E0E3E0E558E6A17F3B ] dg_ssudbus C:\windows\system32\DRIVERS\ssudbus.sys
16:33:04.0151 7784 dg_ssudbus - ok
16:33:04.0216 7784 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
16:33:04.0329 7784 Dhcp - ok
16:33:04.0376 7784 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
16:33:04.0464 7784 discache - ok
16:33:04.0519 7784 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys
16:33:04.0539 7784 Disk - ok
16:33:04.0589 7784 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
16:33:04.0669 7784 Dnscache - ok
16:33:04.0721 7784 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
16:33:04.0806 7784 dot3svc - ok
16:33:04.0944 7784 [ 0B9134A45E88DCF0657382F277242F62 ] DpHost C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
16:33:05.0001 7784 DpHost - ok
16:33:05.0054 7784 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
16:33:05.0194 7784 DPS - ok
16:33:05.0249 7784 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
16:33:05.0339 7784 drmkaud - ok
16:33:05.0404 7784 [ 53BD875C7C0808235BFB803C1A8BE009 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
16:33:05.0446 7784 DXGKrnl - ok
16:33:05.0514 7784 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
16:33:05.0636 7784 EapHost - ok
16:33:05.0744 7784 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
16:33:05.0896 7784 ebdrv - ok
16:33:05.0991 7784 [ 4D71227301DD8D09097B9E4CC6527E5A ] EFS C:\windows\System32\lsass.exe
16:33:06.0089 7784 EFS - ok
16:33:06.0189 7784 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
16:33:06.0269 7784 ehRecvr - ok
16:33:06.0331 7784 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
16:33:06.0419 7784 ehSched - ok
16:33:06.0486 7784 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
16:33:06.0544 7784 elxstor - ok
16:33:06.0576 7784 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
16:33:06.0599 7784 ErrDev - ok
16:33:06.0666 7784 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
16:33:06.0766 7784 EventSystem - ok
16:33:06.0809 7784 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
16:33:06.0879 7784 exfat - ok
16:33:07.0039 7784 [ FE0716385DD3910F550A56C5F49DD908 ] F-Secure Gatekeeper C:\Program Files (x86)\O2\Strazce internetu\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys
16:33:07.0101 7784 F-Secure Gatekeeper - ok
16:33:07.0151 7784 [ A71D66253EC610626AE80C7DBC0EC15E ] F-Secure HIPS C:\Program Files (x86)\O2\Strazce internetu\apps\ComputerSecurity\HIPS\drivers\fshs.sys
16:33:07.0174 7784 F-Secure HIPS - ok
16:33:07.0211 7784 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
16:33:07.0271 7784 fastfat - ok
16:33:07.0364 7784 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
16:33:07.0441 7784 Fax - ok
16:33:07.0479 7784 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys
16:33:07.0496 7784 fdc - ok
16:33:07.0531 7784 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
16:33:07.0594 7784 fdPHost - ok
16:33:07.0604 7784 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
16:33:07.0654 7784 FDResPub - ok
16:33:07.0686 7784 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
16:33:07.0711 7784 FileInfo - ok
16:33:07.0711 7784 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
16:33:07.0774 7784 Filetrace - ok
16:33:07.0869 7784 [ A814979613C50457ED25FD60C872EBBC ] FLCDLOCK c:\Windows\SysWOW64\flcdlock.exe
16:33:07.0941 7784 FLCDLOCK - ok
16:33:07.0971 7784 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
16:33:07.0994 7784 flpydisk - ok
16:33:08.0036 7784 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
16:33:08.0094 7784 FltMgr - ok
16:33:08.0159 7784 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\windows\system32\FntCache.dll
16:33:08.0209 7784 FontCache - ok
16:33:08.0304 7784 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:33:08.0391 7784 FontCache3.0.0.0 - ok
16:33:08.0436 7784 [ F59F2C574AA5D84477EB89F87C938F16 ] fsbts C:\windows\system32\Drivers\fsbts.sys
16:33:08.0469 7784 fsbts - ok
16:33:08.0499 7784 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
16:33:08.0521 7784 FsDepends - ok
16:33:08.0626 7784 [ A876BA917EBD9E629CFD344EEBE240AD ] fshoster C:\Program Files (x86)\O2\Strazce internetu\fshoster32.exe
16:33:08.0694 7784 fshoster - ok
16:33:08.0759 7784 [ F014EC4D8DAF812A5ECB5F667AD6E59C ] FSMA C:\Program Files (x86)\O2\Strazce internetu\apps\ComputerSecurity\Common\FSMA32.EXE
16:33:08.0824 7784 FSMA - ok
16:33:08.0876 7784 [ 4C19B29A6C8736B011AEABB4CEF74862 ] fsni C:\Program Files (x86)\O2\Strazce internetu\apps\CCF_Scanning\fsni64.sys
16:33:08.0939 7784 fsni - ok
16:33:09.0011 7784 [ C67B42683036A503A2123EBEE9220AAA ] FSORSPClient C:\Program Files (x86)\O2\Strazce internetu\apps\CCF_Reputation\fsorsp.exe
16:33:09.0051 7784 FSORSPClient - ok
16:33:09.0071 7784 [ 695E2F0F1BA5DD81E112F8E07134CC8E ] fsvista C:\Program Files (x86)\O2\Strazce internetu\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys
16:33:09.0094 7784 fsvista - ok
16:33:09.0134 7784 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
16:33:09.0146 7784 Fs_Rec - ok
16:33:09.0214 7784 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
16:33:09.0241 7784 fvevol - ok
16:33:09.0301 7784 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
16:33:09.0346 7784 gagp30kx - ok
16:33:09.0469 7784 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
16:33:09.0571 7784 GamesAppService - ok
16:33:09.0619 7784 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
16:33:09.0749 7784 gpsvc - ok
16:33:09.0901 7784 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:33:09.0981 7784 gupdate - ok
16:33:10.0021 7784 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:33:10.0051 7784 gupdatem - ok
16:33:10.0081 7784 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
16:33:10.0134 7784 hcw85cir - ok
16:33:10.0176 7784 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
16:33:10.0251 7784 HdAudAddService - ok
16:33:10.0291 7784 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
16:33:10.0349 7784 HDAudBus - ok
16:33:10.0379 7784 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
16:33:10.0421 7784 HidBatt - ok
16:33:10.0454 7784 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
16:33:10.0489 7784 HidBth - ok
16:33:10.0539 7784 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys
16:33:10.0606 7784 HidIr - ok
16:33:10.0641 7784 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll
16:33:10.0724 7784 hidserv - ok
16:33:10.0786 7784 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
16:33:10.0881 7784 HidUsb - ok
16:33:10.0916 7784 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
16:33:10.0994 7784 hkmsvc - ok
16:33:11.0049 7784 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
16:33:11.0131 7784 HomeGroupListener - ok
16:33:11.0191 7784 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
16:33:11.0236 7784 HomeGroupProvider - ok
16:33:11.0281 7784 [ 280A094A2862F0D2AFC117A49A5189D7 ] HP Power Assistant Service C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
16:33:11.0341 7784 HP Power Assistant Service - ok
16:33:11.0419 7784 [ 2A8B93A01621E100A578E83C768AFA2C ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
16:33:11.0456 7784 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - warning
16:33:11.0456 7784 HP Support Assistant Service - detected UnsignedFile.Multi.Generic (1)
16:33:11.0546 7784 [ C5D2F308E1C12A5C328EF549696DBC05 ] hpCMSrv C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
16:33:11.0611 7784 hpCMSrv - ok
16:33:11.0726 7784 [ A9FC4D7EA174BBF5A675B299FFAD80A2 ] HPDayStarterService c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
16:33:11.0786 7784 HPDayStarterService - ok
16:33:11.0866 7784 [ 33761EBD9A26DE33BC83DD2DAFEC4513 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
16:33:11.0919 7784 HPDrvMntSvc.exe - ok
16:33:11.0961 7784 [ 4EC5F601B46C00DF87323CD58E8AA1A3 ] hpdskflt C:\windows\system32\DRIVERS\hpdskflt.sys
16:33:12.0001 7784 hpdskflt - ok
16:33:12.0066 7784 [ 98FAB0413C7365C9069994D7CE47F3EC ] HPFSService C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
16:33:12.0136 7784 HPFSService ( UnsignedFile.Multi.Generic ) - warning
16:33:12.0136 7784 HPFSService - detected UnsignedFile.Multi.Generic (1)
16:33:12.0184 7784 [ 4968C0728E257B3B6210244A9CDE2A08 ] hpHotkeyMonitor C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
16:33:12.0254 7784 hpHotkeyMonitor - ok
16:33:12.0304 7784 [ B98EE5D4535A685634B90F7E04DE0DF7 ] HpqKbFiltr C:\windows\system32\DRIVERS\HpqKbFiltr.sys
16:33:12.0346 7784 HpqKbFiltr - ok
16:33:12.0391 7784 [ D2946D9F020AE76E9CEF9B4A6DF838C0 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
16:33:12.0456 7784 hpqwmiex - ok
16:33:12.0531 7784 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
16:33:12.0569 7784 HpSAMD - ok
16:33:12.0661 7784 [ 2C4DE764EAB27C09C265F9B7CDF24D13 ] HPSIService C:\windows\system32\HPSIsvc.exe
16:33:12.0714 7784 HPSIService - ok
16:33:12.0761 7784 [ 3A63CD2EAC2188CF2660A8E8DA701AB7 ] hpsrv C:\windows\system32\Hpservice.exe
16:33:12.0789 7784 hpsrv - ok
16:33:12.0854 7784 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
16:33:12.0946 7784 HTTP - ok
16:33:12.0996 7784 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
16:33:13.0031 7784 hwpolicy - ok
16:33:13.0104 7784 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
16:33:13.0154 7784 i8042prt - ok
16:33:13.0189 7784 [ D469B77687E12FE43E344806740B624D ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
16:33:13.0236 7784 iaStor - ok
16:33:13.0326 7784 [ 117FF657E0D9BBD61B5C3E71E63D3919 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
16:33:13.0381 7784 IAStorDataMgrSvc - ok
16:33:13.0466 7784 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
16:33:13.0521 7784 iaStorV - ok
16:33:13.0609 7784 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:33:13.0734 7784 IDriverT ( UnsignedFile.Multi.Generic ) - warning
16:33:13.0734 7784 IDriverT - detected UnsignedFile.Multi.Generic (1)
16:33:13.0794 7784 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:33:13.0881 7784 idsvc - ok
16:33:13.0926 7784 IEEtwCollectorService - ok
16:33:13.0986 7784 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
16:33:14.0016 7784 iirsp - ok
16:33:14.0086 7784 [ 344789398EC3EE5A4E00C52B31847946 ] IKEEXT C:\windows\System32\ikeext.dll
16:33:14.0189 7784 IKEEXT - ok
16:33:14.0244 7784 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
16:33:14.0321 7784 IntcDAud - ok
16:33:14.0366 7784 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
16:33:14.0411 7784 intelide - ok
16:33:14.0654 7784 [ EFE5A0AF39A8E179624117C521F1E012 ] intelkmd C:\windows\system32\DRIVERS\igdpmd64.sys
16:33:14.0876 7784 intelkmd - ok
16:33:14.0926 7784 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
16:33:14.0994 7784 intelppm - ok
16:33:15.0021 7784 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
16:33:15.0116 7784 IPBusEnum - ok
16:33:15.0176 7784 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
16:33:15.0286 7784 IpFilterDriver - ok
16:33:15.0364 7784 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
16:33:15.0444 7784 iphlpsvc - ok
16:33:15.0484 7784 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
16:33:15.0539 7784 IPMIDRV - ok
16:33:15.0584 7784 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
16:33:15.0689 7784 IPNAT - ok
16:33:15.0714 7784 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
16:33:15.0741 7784 IRENUM - ok
16:33:15.0784 7784 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
16:33:15.0799 7784 isapnp - ok
16:33:15.0844 7784 [ 96BB922A0981BC7432C8CF52B5410FE6 ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
16:33:15.0909 7784 iScsiPrt - ok
16:33:15.0984 7784 [ 6C85719A21B3F62C2C76280F4BD36C7B ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
16:33:16.0049 7784 jhi_service - ok
16:33:16.0101 7784 [ 3FE43C2F5B5C08657A1B547AFBE2118E ] JMCR C:\windows\system32\DRIVERS\jmcr.sys
16:33:16.0154 7784 JMCR - ok
16:33:16.0229 7784 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\drivers\kbdclass.sys
16:33:16.0264 7784 kbdclass - ok
16:33:16.0319 7784 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
16:33:16.0389 7784 kbdhid - ok
16:33:16.0451 7784 [ 4D71227301DD8D09097B9E4CC6527E5A ] KeyIso C:\windows\system32\lsass.exe
16:33:16.0484 7784 KeyIso - ok
16:33:16.0534 7784 [ 8F489706472F7E9A06BAAA198703FA64 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
16:33:16.0576 7784 KSecDD - ok
16:33:16.0626 7784 [ 868A2CAAB12EFC7A021682BCA0EEC54C ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
16:33:16.0676 7784 KSecPkg - ok
16:33:16.0719 7784 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
16:33:16.0781 7784 ksthunk - ok
16:33:16.0829 7784 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
16:33:16.0896 7784 KtmRm - ok
16:33:16.0969 7784 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll
16:33:17.0086 7784 LanmanServer - ok
16:33:17.0139 7784 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
16:33:17.0231 7784 LanmanWorkstation - ok
16:33:17.0266 7784 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
16:33:17.0369 7784 lltdio - ok
16:33:17.0406 7784 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
16:33:17.0471 7784 lltdsvc - ok
16:33:17.0501 7784 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
16:33:17.0541 7784 lmhosts - ok
16:33:17.0596 7784 [ 97F9EAAC985A663394CD8F54DCD3E73A ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:33:17.0629 7784 LMS - ok
16:33:17.0681 7784 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
16:33:17.0724 7784 LSI_FC - ok
16:33:17.0759 7784 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
16:33:17.0794 7784 LSI_SAS - ok
16:33:17.0846 7784 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
16:33:17.0899 7784 LSI_SAS2 - ok
16:33:17.0949 7784 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
16:33:17.0971 7784 LSI_SCSI - ok
16:33:18.0019 7784 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
16:33:18.0074 7784 luafv - ok
16:33:18.0209 7784 [ 47AD8E1CEBB7F809E577B7B39E2DC066 ] McAfee Endpoint Encryption Agent C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
16:33:18.0299 7784 McAfee Endpoint Encryption Agent ( UnsignedFile.Multi.Generic ) - warning
16:33:18.0299 7784 McAfee Endpoint Encryption Agent - detected UnsignedFile.Multi.Generic (1)
16:33:18.0361 7784 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
16:33:18.0401 7784 Mcx2Svc - ok
16:33:18.0474 7784 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
16:33:18.0539 7784 MDM - ok
16:33:18.0569 7784 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys
16:33:18.0606 7784 megasas - ok
16:33:18.0641 7784 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
16:33:18.0669 7784 MegaSR - ok
16:33:18.0734 7784 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
16:33:18.0756 7784 MEIx64 - ok
16:33:18.0831 7784 [ B632A0472012A0D2150E6463B3283FD8 ] MfeEpeOpal C:\windows\system32\drivers\MfeEpeOpal.sys
16:33:18.0874 7784 MfeEpeOpal - ok
16:33:18.0916 7784 [ 44967D7B422E913A93F144A4BFF7C16E ] MfeEpePc C:\windows\system32\drivers\MfeEpePc.sys
16:33:18.0974 7784 MfeEpePc - ok
16:33:19.0009 7784 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
16:33:19.0091 7784 MMCSS - ok
16:33:19.0136 7784 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
16:33:19.0254 7784 Modem - ok
16:33:19.0281 7784 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
16:33:19.0311 7784 monitor - ok
16:33:19.0366 7784 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
16:33:19.0411 7784 mouclass - ok
16:33:19.0444 7784 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
16:33:19.0476 7784 mouhid - ok
16:33:19.0531 7784 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
16:33:19.0554 7784 mountmgr - ok
16:33:19.0671 7784 [ E1B6FCAE82474FC071155263E2841D54 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:33:19.0734 7784 MozillaMaintenance - ok
16:33:19.0771 7784 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
16:33:19.0794 7784 mpio - ok
16:33:19.0841 7784 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
16:33:19.0901 7784 mpsdrv - ok
16:33:19.0969 7784 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
16:33:20.0069 7784 MpsSvc - ok
16:33:20.0124 7784 [ 1A4F75E63C9FB84B85DFFC6B63FD5404 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
16:33:20.0204 7784 MRxDAV - ok
16:33:20.0246 7784 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
16:33:20.0344 7784 mrxsmb - ok
16:33:20.0376 7784 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
16:33:20.0414 7784 mrxsmb10 - ok
16:33:20.0461 7784 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
16:33:20.0546 7784 mrxsmb20 - ok
16:33:20.0576 7784 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
16:33:20.0596 7784 msahci - ok
16:33:20.0651 7784 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
16:33:20.0694 7784 msdsm - ok
16:33:20.0719 7784 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
16:33:20.0821 7784 MSDTC - ok
16:33:20.0856 7784 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
16:33:20.0914 7784 Msfs - ok
16:33:20.0951 7784 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
16:33:21.0001 7784 mshidkmdf - ok
16:33:21.0056 7784 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
16:33:21.0099 7784 msisadrv - ok
16:33:21.0119 7784 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
16:33:21.0169 7784 MSiSCSI - ok
16:33:21.0171 7784 msiserver - ok
16:33:21.0226 7784 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
16:33:21.0314 7784 MSKSSRV - ok
16:33:21.0324 7784 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
16:33:21.0386 7784 MSPCLOCK - ok
16:33:21.0414 7784 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
16:33:21.0471 7784 MSPQM - ok
16:33:21.0529 7784 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
16:33:21.0549 7784 MsRPC - ok
16:33:21.0596 7784 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
16:33:21.0616 7784 mssmbios - ok
16:33:21.0636 7784 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
16:33:21.0679 7784 MSTEE - ok
16:33:21.0716 7784 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
16:33:21.0769 7784 MTConfig - ok
16:33:21.0779 7784 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
16:33:21.0811 7784 Mup - ok
16:33:21.0891 7784 [ 705E9675014EB688BEDD967B1ABECF19 ] mvusbews C:\windows\system32\Drivers\mvusbews.sys
16:33:21.0961 7784 mvusbews - ok
16:33:22.0006 7784 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
16:33:22.0101 7784 napagent - ok
16:33:22.0151 7784 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
16:33:22.0239 7784 NativeWifiP - ok
16:33:22.0296 7784 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
16:33:22.0381 7784 NDIS - ok
16:33:22.0421 7784 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
16:33:22.0489 7784 NdisCap - ok
16:33:22.0526 7784 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
16:33:22.0594 7784 NdisTapi - ok
16:33:22.0659 7784 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
16:33:22.0739 7784 Ndisuio - ok
16:33:22.0799 7784 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
16:33:22.0879 7784 NdisWan - ok
16:33:22.0926 7784 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
16:33:22.0996 7784 NDProxy - ok
16:33:23.0036 7784 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
16:33:23.0126 7784 NetBIOS - ok
16:33:23.0171 7784 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
16:33:23.0206 7784 NetBT - ok
16:33:23.0266 7784 [ 4D71227301DD8D09097B9E4CC6527E5A ] Netlogon C:\windows\system32\lsass.exe
16:33:23.0309 7784 Netlogon - ok
16:33:23.0356 7784 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
16:33:23.0434 7784 Netman - ok
16:33:23.0506 7784 [ 21318671BCAD3ACF16638F98D4D00973 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:33:23.0594 7784 NetMsmqActivator - ok
16:33:23.0614 7784 [ 21318671BCAD3ACF16638F98D4D00973 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:33:23.0636 7784 NetPipeActivator - ok
16:33:23.0681 7784 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
16:33:23.0739 7784 netprofm - ok
16:33:23.0739 7784 [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:33:23.0764 7784 NetTcpActivator - ok
16:33:23.0774 7784 [ 21318671BCAD3ACF16638F98D4D00973 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:33:23.0794 7784 NetTcpPortSharing - ok
16:33:23.0829 7784 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
16:33:23.0854 7784 nfrd960 - ok
16:33:23.0896 7784 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll
16:33:23.0946 7784 NlaSvc - ok
16:33:23.0979 7784 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
16:33:24.0014 7784 Npfs - ok
16:33:24.0036 7784 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
16:33:24.0121 7784 nsi - ok
16:33:24.0141 7784 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
16:33:24.0194 7784 nsiproxy - ok
16:33:24.0264 7784 [ 1A29A59A4C5BA6F8C85062A613B7E2B2 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
16:33:24.0371 7784 Ntfs - ok
16:33:24.0414 7784 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
16:33:24.0491 7784 Null - ok
16:33:24.0539 7784 [ 9A33100AC62A0463C49E47EE8E77083A ] nusb3hub C:\windows\system32\DRIVERS\nusb3hub.sys
16:33:24.0621 7784 nusb3hub - ok
16:33:24.0666 7784 [ 87C321F7BEE646B7EC6EEDD6EB725741 ] nusb3xhc C:\windows\system32\DRIVERS\nusb3xhc.sys
16:33:24.0706 7784 nusb3xhc - ok
16:33:24.0756 7784 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
16:33:24.0809 7784 nvraid - ok
16:33:24.0841 7784 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
16:33:24.0864 7784 nvstor - ok
16:33:24.0936 7784 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
16:33:24.0981 7784 nv_agp - ok
16:33:25.0011 7784 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
16:33:25.0101 7784 ohci1394 - ok
16:33:25.0196 7784 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:33:25.0239 7784 ose - ok
16:33:25.0291 7784 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
16:33:25.0381 7784 p2pimsvc - ok
16:33:25.0421 7784 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
16:33:25.0491 7784 p2psvc - ok
16:33:25.0529 7784 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys
16:33:25.0591 7784 Parport - ok
16:33:25.0629 7784 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
16:33:25.0664 7784 partmgr - ok
16:33:25.0696 7784 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
16:33:25.0764 7784 PcaSvc - ok
16:33:25.0816 7784 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
16:33:25.0864 7784 pci - ok
16:33:25.0906 7784 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
16:33:25.0929 7784 pciide - ok
16:33:25.0959 7784 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
16:33:25.0996 7784 pcmcia - ok
16:33:26.0036 7784 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
16:33:26.0096 7784 pcw - ok
16:33:26.0151 7784 pdfcDispatcher - ok
16:33:26.0176 7784 [ 4A8CC4D25525F456069887D5E8C53225 ] PdiService C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
16:33:26.0251 7784 PdiService - ok
16:33:26.0271 7784 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
16:33:26.0334 7784 PEAUTH - ok
16:33:26.0414 7784 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
16:33:26.0576 7784 PerfHost - ok
16:33:26.0661 7784 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
16:33:26.0746 7784 pla - ok
16:33:26.0821 7784 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
16:33:26.0956 7784 PlugPlay - ok
16:33:26.0994 7784 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
16:33:27.0044 7784 PNRPAutoReg - ok
16:33:27.0066 7784 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
16:33:27.0091 7784 PNRPsvc - ok
16:33:27.0149 7784 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
16:33:27.0236 7784 PolicyAgent - ok
16:33:27.0281 7784 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\windows\system32\umpo.dll
16:33:27.0369 7784 Power - ok
16:33:27.0421 7784 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
16:33:27.0481 7784 PptpMiniport - ok
16:33:27.0511 7784 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys
16:33:27.0544 7784 Processor - ok
16:33:27.0601 7784 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
16:33:27.0666 7784 ProfSvc - ok
16:33:27.0696 7784 [ 4D71227301DD8D09097B9E4CC6527E5A ] ProtectedStorage C:\windows\system32\lsass.exe
16:33:27.0711 7784 ProtectedStorage - ok
16:33:27.0776 7784 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
16:33:27.0856 7784 Psched - ok
16:33:27.0956 7784 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
16:33:28.0014 7784 ql2300 - ok
16:33:28.0059 7784 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
16:33:28.0081 7784 ql40xx - ok
16:33:28.0119 7784 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
16:33:28.0149 7784 QWAVE - ok
16:33:28.0189 7784 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
16:33:28.0279 7784 QWAVEdrv - ok
16:33:28.0301 7784 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
16:33:28.0339 7784 RasAcd - ok
16:33:28.0446 7784 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
16:33:28.0509 7784 RasAgileVpn - ok
16:33:28.0546 7784 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
16:33:28.0706 7784 RasAuto - ok
16:33:28.0746 7784 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
16:33:28.0836 7784 Rasl2tp - ok
16:33:28.0891 7784 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
16:33:28.0969 7784 RasMan - ok
16:33:29.0011 7784 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
16:33:29.0119 7784 RasPppoe - ok
16:33:29.0166 7784 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
16:33:29.0261 7784 RasSstp - ok
16:33:29.0309 7784 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
16:33:29.0384 7784 rdbss - ok
16:33:29.0416 7784 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
16:33:29.0466 7784 rdpbus - ok
16:33:29.0496 7784 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
16:33:29.0536 7784 RDPCDD - ok
16:33:29.0556 7784 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
16:33:29.0599 7784 RDPENCDD - ok
16:33:29.0624 7784 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
16:33:29.0664 7784 RDPREFMP - ok
16:33:29.0696 7784 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
16:33:29.0731 7784 RdpVideoMiniport - ok
16:33:29.0776 7784 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
16:33:29.0856 7784 RDPWD - ok
16:33:29.0921 7784 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
16:33:29.0976 7784 rdyboost - ok
16:33:30.0084 7784 [ E1A6731867765FBC01B37150AEFC00F3 ] Realtek11nSU C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
16:33:30.0141 7784 Realtek11nSU ( UnsignedFile.Multi.Generic ) - warning
16:33:30.0141 7784 Realtek11nSU - detected UnsignedFile.Multi.Generic (1)
16:33:30.0159 7784 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
16:33:30.0216 7784 RemoteAccess - ok
16:33:30.0259 7784 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
16:33:30.0334 7784 RemoteRegistry - ok
16:33:30.0384 7784 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
16:33:30.0454 7784 RFCOMM - ok
16:33:30.0524 7784 [ BD517C7FB119997EFFBE39D5E4B37B05 ] RichVideo C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
16:33:30.0604 7784 RichVideo ( UnsignedFile.Multi.Generic ) - warning
16:33:30.0604 7784 RichVideo - detected UnsignedFile.Multi.Generic (1)
16:33:30.0634 7784 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
16:33:30.0719 7784 RpcEptMapper - ok
16:33:30.0751 7784 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
16:33:30.0801 7784 RpcLocator - ok
16:33:30.0846 7784 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll
16:33:30.0906 7784 RpcSs - ok
16:33:30.0976 7784 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
16:33:31.0071 7784 rspndr - ok
16:33:31.0156 7784 [ BD9BA262CF26EFE9A9867EBE32D12164 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
16:33:31.0186 7784 RTL8167 - ok
16:33:31.0251 7784 [ 216BBB8753FE1C9F79716AB8851FB4E1 ] RTL8192su C:\windows\system32\DRIVERS\RTL8192su.sys
16:33:31.0306 7784 RTL8192su - ok
16:33:31.0336 7784 [ 4D71227301DD8D09097B9E4CC6527E5A ] SamSs C:\windows\system32\lsass.exe
16:33:31.0356 7784 SamSs - ok
16:33:31.0394 7784 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
16:33:31.0434 7784 sbp2port - ok
16:33:31.0479 7784 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
16:33:31.0519 7784 SCardSvr - ok
16:33:31.0571 7784 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
16:33:31.0669 7784 scfilter - ok
16:33:31.0736 7784 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
16:33:31.0836 7784 Schedule - ok
16:33:31.0901 7784 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
16:33:31.0966 7784 SCPolicySvc - ok
16:33:32.0061 7784 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\windows\system32\drivers\sdbus.sys
16:33:32.0121 7784 sdbus - ok
16:33:32.0166 7784 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
16:33:32.0251 7784 SDRSVC - ok
16:33:32.0286 7784 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
16:33:32.0351 7784 secdrv - ok
16:33:32.0404 7784 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
16:33:32.0446 7784 seclogon - ok
16:33:32.0481 7784 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll
16:33:32.0536 7784 SENS - ok
16:33:32.0566 7784 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
16:33:32.0621 7784 SensrSvc - ok
16:33:32.0646 7784 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys
16:33:32.0676 7784 Serenum - ok
16:33:32.0711 7784 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys
16:33:32.0741 7784 Serial - ok
16:33:32.0836 7784 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
16:33:32.0911 7784 sermouse - ok
16:33:32.0961 7784 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
16:33:33.0034 7784 SessionEnv - ok
16:33:33.0069 7784 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
16:33:33.0154 7784 sffdisk - ok
16:33:33.0156 7784 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
16:33:33.0211 7784 sffp_mmc - ok
16:33:33.0221 7784 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
16:33:33.0269 7784 sffp_sd - ok
16:33:33.0281 7784 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
16:33:33.0321 7784 sfloppy - ok
16:33:33.0366 7784 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
16:33:33.0424 7784 SharedAccess - ok
16:33:33.0469 7784 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
16:33:33.0564 7784 ShellHWDetection - ok
16:33:33.0604 7784 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
16:33:33.0624 7784 SiSRaid2 - ok
16:33:33.0644 7784 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
16:33:33.0661 7784 SiSRaid4 - ok
16:33:33.0726 7784 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
16:33:33.0819 7784 Smb - ok
16:33:33.0861 7784 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
16:33:33.0881 7784 SNMPTRAP - ok
16:33:33.0966 7784 [ 80B683DF156771E30D33E01AF09ABE3C ] SNP2UVC C:\windows\system32\DRIVERS\snp2uvc.sys
16:33:34.0031 7784 SNP2UVC - ok
16:33:34.0191 7784 [ 3A4F2C0BB87A0895ABEBA341AA1E341B ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
16:33:34.0264 7784 Sony PC Companion - ok
16:33:34.0296 7784 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
16:33:34.0306 7784 spldr - ok
16:33:34.0376 7784 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
16:33:34.0464 7784 Spooler - ok
16:33:34.0579 7784 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
16:33:34.0766 7784 sppsvc - ok
16:33:34.0816 7784 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
16:33:34.0916 7784 sppuinotify - ok
16:33:34.0974 7784 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
16:33:35.0061 7784 srv - ok
16:33:35.0099 7784 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
16:33:35.0131 7784 srv2 - ok
16:33:35.0144 7784 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
16:33:35.0224 7784 srvnet - ok
16:33:35.0281 7784 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
16:33:35.0366 7784 SSDPSRV - ok
16:33:35.0396 7784 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
16:33:35.0444 7784 SstpSvc - ok
16:33:35.0524 7784 [ BB94A5E2CEE5FD83BA5A72A37AECADDF ] ssudmdm C:\windows\system32\DRIVERS\ssudmdm.sys
16:33:35.0556 7784 ssudmdm - ok
16:33:35.0637 7784 [ D21FF3592DAEE244EE8376830A672B52 ] ss_bus C:\windows\system32\DRIVERS\ss_bus.sys
16:33:35.0682 7784 ss_bus - ok
16:33:35.0759 7784 [ 451DB3D10E6112E06B4506D4A7BECEC1 ] ss_mdfl C:\windows\system32\DRIVERS\ss_mdfl.sys
16:33:35.0794 7784 ss_mdfl - ok
16:33:35.0842 7784 [ EF40C8A268A5263A0EF48FED8E57CBED ] ss_mdm C:\windows\system32\DRIVERS\ss_mdm.sys
16:33:35.0882 7784 ss_mdm - ok
16:33:36.0062 7784 [ 917117ADC2934720A071AA3786C0CAB1 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
16:33:36.0107 7784 STacSV ( UnsignedFile.Multi.Generic ) - warning
16:33:36.0107 7784 STacSV - detected UnsignedFile.Multi.Generic (1)
16:33:36.0127 7784 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
16:33:36.0147 7784 stexstor - ok
16:33:36.0189 7784 [ 7E99C4640869E95CFBD185811E80079E ] STHDA C:\windows\system32\DRIVERS\stwrt64.sys
16:33:36.0237 7784 STHDA - ok
16:33:36.0277 7784 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
16:33:36.0367 7784 stisvc - ok
16:33:36.0414 7784 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys
16:33:36.0454 7784 swenum - ok
16:33:36.0489 7784 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
16:33:36.0594 7784 swprv - ok
16:33:36.0682 7784 [ 2CD7E4392A5E98FA1281B22F62A48E04 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
16:33:36.0724 7784 SynTP - ok
16:33:36.0802 7784 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
16:33:36.0892 7784 SysMain - ok
16:33:36.0937 7784 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
16:33:37.0009 7784 TabletInputService - ok
16:33:37.0062 7784 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
16:33:37.0104 7784 TapiSrv - ok
16:33:37.0142 7784 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
16:33:37.0204 7784 TBS - ok
16:33:37.0297 7784 [ 40AF23633D197905F03AB5628C558C51 ] Tcpip C:\windows\system32\drivers\tcpip.sys
16:33:37.0392 7784 Tcpip - ok
16:33:37.0507 7784 [ 40AF23633D197905F03AB5628C558C51 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
16:33:37.0577 7784 TCPIP6 - ok
16:33:37.0622 7784 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
16:33:37.0652 7784 tcpipreg - ok
16:33:37.0697 7784 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
16:33:37.0739 7784 TDPIPE - ok
16:33:37.0787 7784 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
16:33:37.0872 7784 TDTCP - ok
16:33:37.0927 7784 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
16:33:38.0024 7784 tdx - ok
16:33:38.0104 7784 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys
16:33:38.0142 7784 TermDD - ok
16:33:38.0197 7784 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
16:33:38.0297 7784 TermService - ok
16:33:38.0357 7784 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
16:33:38.0429 7784 Themes - ok
16:33:38.0459 7784 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
16:33:38.0509 7784 THREADORDER - ok
16:33:38.0577 7784 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\windows\system32\drivers\tpm.sys
16:33:38.0607 7784 TPM - ok
16:33:38.0639 7784 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
16:33:38.0724 7784 TrkWks - ok
16:33:38.0789 7784 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
16:33:38.0884 7784 TrustedInstaller - ok
16:33:38.0927 7784 [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
16:33:39.0012 7784 tssecsrv - ok
16:33:39.0057 7784 [ E9981ECE8D894CEF7038FD1D040EB426 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
16:33:39.0107 7784 TsUsbFlt - ok
16:33:39.0152 7784 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
16:33:39.0232 7784 tunnel - ok
16:33:39.0272 7784 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
16:33:39.0292 7784 uagp35 - ok
16:33:39.0414 7784 [ D5994AB5C2B2D72D6320A7004D52617C ] uArcCapture C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
16:33:39.0507 7784 uArcCapture - ok
16:33:39.0544 7784 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
16:33:39.0612 7784 udfs - ok
16:33:39.0652 7784 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
16:33:39.0712 7784 UI0Detect - ok
16:33:39.0759 7784 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
16:33:39.0797 7784 uliagpkx - ok
16:33:39.0862 7784 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
16:33:39.0909 7784 umbus - ok
16:33:39.0932 7784 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys
16:33:39.0987 7784 UmPass - ok
16:33:40.0112 7784 [ A69CD6BDB82872999D2E46F9324ADA83 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:33:40.0252 7784 UNS - ok
16:33:40.0284 7784 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
16:33:40.0334 7784 upnphost - ok
16:33:40.0399 7784 [ B0435098C81D04CAFFF80DDB746CD3A2 ] usbaudio C:\windows\system32\drivers\usbaudio.sys
16:33:40.0497 7784 usbaudio - ok
16:33:40.0527 7784 [ DCA68B0943D6FA415F0C56C92158A83A ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
16:33:40.0572 7784 usbccgp - ok
16:33:40.0624 7784 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31 ] usbcir C:\windows\system32\drivers\usbcir.sys
16:33:40.0704 7784 usbcir - ok
16:33:40.0737 7784 [ 18A85013A3E0F7E1755365D287443965 ] usbehci C:\windows\system32\drivers\usbehci.sys
16:33:40.0779 7784 usbehci - ok
16:33:40.0824 7784 [ 8D1196CFBB223621F2C67D45710F25BA ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
16:33:40.0894 7784 usbhub - ok
16:33:40.0929 7784 [ 765A92D428A8DB88B960DA5A8D6089DC ] usbohci C:\windows\system32\drivers\usbohci.sys
16:33:40.0997 7784 usbohci - ok
16:33:41.0034 7784 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
16:33:41.0087 7784 usbprint - ok
16:33:41.0132 7784 [ 9661DA76B4531B2DA272ECCE25A8AF24 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
16:33:41.0219 7784 usbscan - ok
16:33:41.0254 7784 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
16:33:41.0354 7784 USBSTOR - ok
16:33:41.0384 7784 [ DD253AFC3BC6CBA412342DE60C3647F3 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
16:33:41.0439 7784 usbuhci - ok
16:33:41.0487 7784 [ 1F775DA4CF1A3A1834207E975A72E9D7 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
16:33:41.0522 7784 usbvideo - ok
16:33:41.0587 7784 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
16:33:41.0687 7784 UxSms - ok
16:33:41.0712 7784 [ 4D71227301DD8D09097B9E4CC6527E5A ] VaultSvc C:\windows\system32\lsass.exe
16:33:41.0764 7784 VaultSvc - ok
16:33:41.0867 7784 [ 41EEF971DD82A3674D07F275A4DEF702 ] vcsFPService C:\windows\system32\vcsFPService.exe
16:33:41.0972 7784 vcsFPService - ok
16:33:42.0034 7784 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
16:33:42.0112 7784 vdrvroot - ok
16:33:42.0154 7784 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
16:33:42.0207 7784 vds - ok
16:33:42.0252 7784 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
16:33:42.0264 7784 vga - ok
16:33:42.0284 7784 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
16:33:42.0329 7784 VgaSave - ok
16:33:42.0372 7784 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
16:33:42.0434 7784 vhdmp - ok
16:33:42.0479 7784 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
16:33:42.0499 7784 viaide - ok
16:33:42.0527 7784 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
16:33:42.0552 7784 volmgr - ok
16:33:42.0607 7784 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
16:33:42.0649 7784 volmgrx - ok
16:33:42.0687 7784 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\windows\system32\drivers\volsnap.sys
16:33:42.0714 7784 volsnap - ok
16:33:42.0739 7784 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
16:33:42.0769 7784 vsmraid - ok
16:33:42.0867 7784 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
16:33:42.0977 7784 VSS - ok
16:33:43.0037 7784 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
16:33:43.0137 7784 vwifibus - ok
16:33:43.0154 7784 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
16:33:43.0202 7784 vwififlt - ok
16:33:43.0247 7784 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
16:33:43.0287 7784 vwifimp - ok
16:33:43.0337 7784 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
16:33:43.0394 7784 W32Time - ok
16:33:43.0419 7784 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
16:33:43.0477 7784 WacomPen - ok
16:33:43.0529 7784 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
16:33:43.0612 7784 WANARP - ok
16:33:43.0622 7784 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
16:33:43.0667 7784 Wanarpv6 - ok
16:33:43.0752 7784 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
16:33:43.0827 7784 WatAdminSvc - ok
16:33:43.0907 7784 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
16:33:44.0029 7784 wbengine - ok
16:33:44.0059 7784 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
16:33:44.0094 7784 WbioSrvc - ok
16:33:44.0159 7784 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
16:33:44.0214 7784 wcncsvc - ok
16:33:44.0257 7784 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
16:33:44.0317 7784 WcsPlugInService - ok
16:33:44.0347 7784 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys
16:33:44.0392 7784 Wd - ok
16:33:44.0469 7784 [ E2C933EDBC389386EBE6D2BA953F43D8 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
16:33:44.0527 7784 Wdf01000 - ok
16:33:44.0559 7784 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
16:33:44.0674 7784 WdiServiceHost - ok
16:33:44.0674 7784 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
16:33:44.0707 7784 WdiSystemHost - ok
16:33:44.0742 7784 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D ] WebClient C:\windows\System32\webclnt.dll
16:33:44.0767 7784 WebClient - ok
16:33:44.0814 7784 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
16:33:44.0889 7784 Wecsvc - ok
16:33:44.0937 7784 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
16:33:45.0012 7784 wercplsupport - ok
16:33:45.0057 7784 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
16:33:45.0119 7784 WerSvc - ok
16:33:45.0149 7784 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
16:33:45.0227 7784 WfpLwf - ok
16:33:45.0257 7784 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
16:33:45.0277 7784 WIMMount - ok
16:33:45.0302 7784 WinDefend - ok
16:33:45.0319 7784 WinHttpAutoProxySvc - ok
16:33:45.0364 7784 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
16:33:45.0412 7784 Winmgmt - ok
16:33:45.0502 7784 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
16:33:45.0617 7784 WinRM - ok
16:33:45.0699 7784 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
16:33:45.0747 7784 WinUsb - ok
16:33:45.0797 7784 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
16:33:45.0897 7784 Wlansvc - ok
16:33:46.0067 7784 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:33:46.0132 7784 wlidsvc - ok
16:33:46.0197 7784 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
16:33:46.0247 7784 WmiAcpi - ok
16:33:46.0277 7784 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
16:33:46.0322 7784 wmiApSrv - ok
16:33:46.0377 7784 WMPNetworkSvc - ok
16:33:46.0407 7784 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
16:33:46.0472 7784 WPCSvc - ok
16:33:46.0499 7784 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
16:33:46.0539 7784 WPDBusEnum - ok
16:33:46.0582 7784 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
16:33:46.0682 7784 ws2ifsl - ok
16:33:46.0697 7784 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll
16:33:46.0717 7784 wscsvc - ok
16:33:46.0727 7784 WSearch - ok
16:33:46.0822 7784 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
16:33:46.0894 7784 wuauserv - ok
16:33:46.0932 7784 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
16:33:47.0042 7784 WudfPf - ok
16:33:47.0082 7784 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
16:33:47.0117 7784 WUDFRd - ok
16:33:47.0172 7784 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
16:33:47.0234 7784 wudfsvc - ok
16:33:47.0274 7784 [ 04F82965C09CBDF646B487E145060301 ] WwanSvc C:\windows\System32\wwansvc.dll
16:33:47.0404 7784 WwanSvc - ok
16:33:47.0452 7784 [ A35820791F940822C31908F58F91D973 ] XobniService C:\Program Files (x86)\Xobni\XobniService.exe
16:33:47.0477 7784 XobniService - ok
16:33:47.0542 7784 ================ Scan global ===============================
16:33:47.0567 7784 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
16:33:47.0597 7784 [ 88EDD0B34EED542745931E581AD21A32 ] C:\windows\system32\winsrv.dll
16:33:47.0614 7784 [ 88EDD0B34EED542745931E581AD21A32 ] C:\windows\system32\winsrv.dll
16:33:47.0637 7784 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
16:33:47.0672 7784 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
16:33:47.0672 7784 [Global] - ok
16:33:47.0672 7784 ================ Scan MBR ==================================
16:33:47.0682 7784 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:33:47.0889 7784 \Device\Harddisk0\DR0 - ok
16:33:47.0899 7784 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
16:33:48.0409 7784 \Device\Harddisk1\DR1 - ok
16:33:48.0419 7784 ================ Scan VBR ==================================
16:33:48.0439 7784 [ D448F9D9BED801D6385DDE79873A6FE5 ] \Device\Harddisk0\DR0\Partition1
16:33:48.0439 7784 \Device\Harddisk0\DR0\Partition1 - ok
16:33:48.0479 7784 [ 97BB782ACFE6D03E61E4C065FF70B0CF ] \Device\Harddisk0\DR0\Partition2
16:33:48.0479 7784 \Device\Harddisk0\DR0\Partition2 - ok
16:33:48.0509 7784 [ 58B497A43B82FDD427FE708884FED4D1 ] \Device\Harddisk0\DR0\Partition3
16:33:48.0509 7784 \Device\Harddisk0\DR0\Partition3 - ok
16:33:48.0532 7784 [ 9FEF58216F54C2F84F806886536DC0AE ] \Device\Harddisk0\DR0\Partition4
16:33:48.0532 7784 \Device\Harddisk0\DR0\Partition4 - ok
16:33:48.0532 7784 [ 88D4D6BF121381C1CFEA1B29A66B31E5 ] \Device\Harddisk1\DR1\Partition1
16:33:48.0532 7784 \Device\Harddisk1\DR1\Partition1 - ok
16:33:48.0532 7784 ============================================================
16:33:48.0532 7784 Scan finished
16:33:48.0532 7784 ============================================================
16:33:48.0542 7792 Detected object count: 10
16:33:48.0542 7792 Actual detected object count: 10
16:35:05.0202 7792 602XML Updater ( UnsignedFile.Multi.Generic ) - skipped by user
16:35:05.0202 7792 602XML Updater ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:35:05.0204 7792 Atheros Bt&Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - skipped by user
16:35:05.0204 7792 Atheros Bt&Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:35:05.0209 7792 AtherosSvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:35:05.0209 7792 AtherosSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:35:05.0209 7792 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - skipped by user
16:35:05.0209 7792 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:35:05.0209 7792 HPFSService ( UnsignedFile.Multi.Generic ) - skipped by user
16:35:05.0209 7792 HPFSService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:35:05.0209 7792 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
16:35:05.0209 7792 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:35:05.0209 7792 McAfee Endpoint Encryption Agent ( UnsignedFile.Multi.Generic ) - skipped by user
16:35:05.0209 7792 McAfee Endpoint Encryption Agent ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:35:05.0209 7792 Realtek11nSU ( UnsignedFile.Multi.Generic ) - skipped by user
16:35:05.0209 7792 Realtek11nSU ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:35:05.0209 7792 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
16:35:05.0209 7792 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:35:05.0219 7792 STacSV ( UnsignedFile.Multi.Generic ) - skipped by user
16:35:05.0219 7792 STacSV ( UnsignedFile.Multi.Generic ) - User select action: Skip

polhrad · #10 Příspěvek od **polhrad** » 11 kvě 2014 16:03

Malwarebytes Anti-Rootkit nenašel nic. Log jsem nenašel.

polhrad · #11 Příspěvek od **polhrad** » 11 kvě 2014 16:05

Jo tak nakonec našel.:

Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org

Database version: v2014.05.11.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17105
Radek :: HPPB4730S-RADEK [limited]

11.5.2014 16:42:27
mbar-log-2014-05-11 (16-42-27).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 272756
Time elapsed: 14 minute(s), 25 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

#12 Příspěvek od **Márty84** » 11 kvě 2014 17:54

Antivir porad hlasi hrozbu?

Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.)

Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

polhrad · #13 Příspěvek od **polhrad** » 11 kvě 2014 18:44

ComboFix 14-05-10.01 - Radek 11.05.2014 19:14:44.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4030.1576 [GMT 2:00]
Spuštěný z: c:\users\Radek\Desktop\ComboFix.exe
AV: Ochrana počítače *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
SP: Ochrana počítače *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\page
c:\programdata\page\page.ico
c:\programdata\page\page.URL
c:\users\Radek\AppData\Roaming\Local
c:\users\Radek\AppData\Roaming\Local\STEMMARK\Smaragd\smaragd.db
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
D:\Autorun.inf
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-04-11 do 2014-05-11 )))))))))))))))))))))))))))))))
.
.
2014-05-11 17:31 . 2014-05-11 17:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-05-11 14:42 . 2014-05-11 15:00 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-05-11 14:41 . 2014-05-11 14:41 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-05-11 12:43 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-05-11 12:43 . 2014-05-11 13:04 -------- d-----w- C:\AdwCleaner
2014-05-11 11:56 . 2014-05-11 11:57 -------- d-----w- C:\vlc
2014-05-06 23:07 . 2014-05-06 23:07 -------- d-s---w- c:\windows\system32\CompatTel
2014-05-06 17:21 . 2014-04-14 02:24 465408 ----a-w- c:\windows\system32\aepdu.dll
2014-05-06 17:21 . 2014-04-14 02:19 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-05-04 16:38 . 2014-05-04 16:38 -------- d-----w- C:\serialy
2014-05-04 00:28 . 2014-05-04 00:29 -------- d-----w- c:\users\Radek\AppData\Roaming\123 Free Solitaire
2014-05-04 00:28 . 2014-05-04 00:28 -------- d-----w- c:\program files (x86)\123 Free Solitaire
2014-05-04 00:26 . 2014-05-04 00:26 -------- d-----w- c:\program files (x86)\SuDoku
2014-05-03 01:02 . 2014-04-29 14:01 23547904 ----a-w- c:\windows\system32\mshtml.dll
2014-05-03 01:02 . 2014-04-29 13:40 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-05-03 01:02 . 2014-04-29 12:34 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-04-16 16:25 . 2014-04-16 16:26 -------- d-----w- c:\users\Radek\AppData\Roaming\Maxthon3
2014-04-16 16:24 . 2014-04-16 16:25 -------- d-----w- c:\program files (x86)\Maxthon
2014-04-11 18:49 . 2014-01-09 02:22 5694464 ----a-w- c:\windows\SysWow64\mstscax.dll
2014-04-11 18:49 . 2014-01-03 22:44 6574592 ----a-w- c:\windows\system32\mstscax.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-11 17:29 . 2014-05-11 13:12 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A2C8C2C7-041F-4E18-8806-753DCA2B2E2E}\offreg.dll
2014-05-11 14:42 . 2014-03-28 21:43 119000 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-29 10:45 . 2012-03-29 10:29 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-29 10:45 . 2011-11-25 18:20 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-17 03:31 . 2014-05-09 12:50 10651704 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A2C8C2C7-041F-4E18-8806-753DCA2B2E2E}\mpengine.dll
2014-04-09 23:03 . 2011-11-23 19:45 90655440 ----a-w- c:\windows\system32\MRT.exe
2014-03-31 07:35 . 2011-11-23 19:25 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-03-25 19:49 . 2014-03-25 19:49 935175 ----a-w- C:\RSITx64.exe
2014-03-06 09:31 . 2014-04-10 20:18 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-03-06 08:59 . 2014-04-10 20:18 66048 ----a-w- c:\windows\system32\iesetup.dll
2014-03-06 08:57 . 2014-04-10 20:18 548352 ----a-w- c:\windows\system32\vbscript.dll
2014-03-06 08:57 . 2014-04-10 20:18 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-03-06 08:53 . 2014-04-10 20:18 2767360 ----a-w- c:\windows\system32\iertutil.dll
2014-03-06 08:40 . 2014-04-10 20:18 51200 ----a-w- c:\windows\system32\jsproxy.dll
2014-03-06 08:39 . 2014-04-10 20:18 33792 ----a-w- c:\windows\system32\iernonce.dll
2014-03-06 08:32 . 2014-04-10 20:18 574976 ----a-w- c:\windows\system32\ieui.dll
2014-03-06 08:29 . 2014-04-10 20:18 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2014-03-06 08:29 . 2014-04-10 20:18 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-03-06 08:28 . 2014-04-10 20:18 752640 ----a-w- c:\windows\system32\jscript9diag.dll
2014-03-06 08:15 . 2014-04-10 20:18 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-03-06 08:11 . 2014-04-10 20:18 5784064 ----a-w- c:\windows\system32\jscript9.dll
2014-03-06 08:09 . 2014-04-10 20:18 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2014-03-06 08:03 . 2014-04-10 20:18 586240 ----a-w- c:\windows\system32\ie4uinit.exe
2014-03-06 08:02 . 2014-04-10 20:18 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-03-06 08:02 . 2014-04-10 20:18 455168 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-03-06 08:01 . 2014-04-10 20:18 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2014-03-06 07:56 . 2014-04-10 20:18 38400 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-03-06 07:48 . 2014-04-10 20:18 195584 ----a-w- c:\windows\system32\msrating.dll
2014-03-06 07:46 . 2014-04-10 20:18 4254720 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-03-06 07:42 . 2014-04-10 20:18 296960 ----a-w- c:\windows\system32\dxtrans.dll
2014-03-06 07:38 . 2014-04-10 20:18 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-03-06 07:36 . 2014-04-10 20:18 592896 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2014-03-06 07:21 . 2014-04-10 20:18 628736 ----a-w- c:\windows\system32\msfeeds.dll
2014-03-06 07:13 . 2014-04-10 20:18 32256 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-03-06 07:11 . 2014-04-10 20:18 2043904 ----a-w- c:\windows\system32\inetcpl.cpl
2014-03-06 06:53 . 2014-04-10 20:18 13551104 ----a-w- c:\windows\system32\ieframe.dll
2014-03-06 06:40 . 2014-04-10 20:18 1967104 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-03-06 06:22 . 2014-04-10 20:18 2260480 ----a-w- c:\windows\system32\wininet.dll
2014-03-06 05:58 . 2014-04-10 20:18 1400832 ----a-w- c:\windows\system32\urlmon.dll
2014-03-06 05:50 . 2014-04-10 20:18 846336 ----a-w- c:\windows\system32\ieapfltr.dll
2014-03-06 05:41 . 2014-04-10 20:18 1789440 ----a-w- c:\windows\SysWow64\wininet.dll
2014-03-04 09:44 . 2014-04-09 13:46 243712 ----a-w- c:\windows\system32\wow64.dll
2014-03-04 09:44 . 2014-04-09 13:46 362496 ----a-w- c:\windows\system32\wow64win.dll
2014-03-04 09:44 . 2014-04-09 13:46 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2014-03-04 09:44 . 2014-04-09 13:46 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2014-03-04 09:44 . 2014-04-09 13:46 1163264 ----a-w- c:\windows\system32\kernel32.dll
2014-03-04 09:17 . 2014-04-09 13:46 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2014-03-04 09:17 . 2014-04-09 13:46 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2014-03-04 09:16 . 2014-04-09 13:46 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2014-03-04 09:16 . 2014-04-09 13:46 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2014-03-04 08:09 . 2014-04-09 13:46 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2014-03-04 08:09 . 2014-04-09 13:46 2048 ----a-w- c:\windows\SysWow64\user.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"File Sanitizer"="c:\program files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2011-02-07 12274688]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-26 283160]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-11-26 113288]
"DTRun"="c:\program files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe" [2010-11-24 517456]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"Print2PDF Print Monitor"="c:\program files (x86)\Software602\Print2PDF\Print2PDF.exe" [2011-10-04 220992]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2011-05-23 103992]
"HPQuickWebProxy"="c:\program files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" [2011-11-26 169528]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-28 207424]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" [2012-06-20 333728]
"F-Secure Hoster (39109)"="c:\program files (x86)\O2\Strazce internetu\fshoster32.exe" [2013-05-15 191424]
"F-Secure Manager"="c:\program files (x86)\O2\Strazce internetu\apps\ComputerSecurity\Common\FSM32.EXE" [2013-08-14 310208]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 XobniService;XobniService;c:\program files (x86)\Xobni\XobniService.exe;c:\program files (x86)\Xobni\XobniService.exe [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys;c:\windows\SYSNATIVE\DRIVERS\DAMDrv64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe;c:\windows\SysWOW64\flcdlock.exe [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 mvusbews;USB EWS Device;c:\windows\system32\Drivers\mvusbews.sys;c:\windows\SYSNATIVE\Drivers\mvusbews.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys;c:\windows\SYSNATIVE\Drivers\fsbts.sys [x]
S0 MfeEpeOpal;MfeEpeOpal; [x]
S0 MfeEpePc;MfeEpePc; [x]
S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files (x86)\O2\Strazce internetu\apps\ComputerSecurity\HIPS\drivers\fshs.sys;c:\program files (x86)\O2\Strazce internetu\apps\ComputerSecurity\HIPS\drivers\fshs.sys [x]
S1 fsvista;F-Secure Vista Support Driver;c:\program files (x86)\O2\Strazce internetu\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys;c:\program files (x86)\O2\Strazce internetu\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [x]
S2 602XML Updater;602Updater;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 fshoster;F-Secure Dll Hoster;c:\program files (x86)\O2\Strazce internetu\fshoster32.exe;c:\program files (x86)\O2\Strazce internetu\fshoster32.exe [x]
S2 FSORSPClient;F-Secure ORSP Client;c:\program files (x86)\O2\Strazce internetu\apps\CCF_Reputation\fsorsp.exe;c:\program files (x86)\O2\Strazce internetu\apps\CCF_Reputation\fsorsp.exe [x]
S2 HPDayStarterService;HP DayStarter Service;c:\program files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe;c:\program files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [x]
S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [x]
S2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe;c:\windows\SYSNATIVE\HPSIsvc.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [x]
S2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [x]
S2 Realtek11nSU;Realtek11nSU;c:\program files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe;c:\program files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [x]
S2 uArcCapture;ArcCapture;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftVCapture.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files (x86)\O2\Strazce internetu\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys;c:\program files (x86)\O2\Strazce internetu\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [x]
S3 fsni;fsni;c:\program files (x86)\O2\Strazce internetu\apps\CCF_Scanning\fsni64.sys;c:\program files (x86)\O2\Strazce internetu\apps\CCF_Scanning\fsni64.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-29 20:44 1078088 ----a-w- c:\program files (x86)\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-05-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 10:45]
.
2014-05-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-06 22:21]
.
2014-05-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-06 22:21]
.
2014-05-01 c:\windows\Tasks\HPCeeScheduleForHPPB4730S-RADEK$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 03:43]
.
2014-05-09 c:\windows\Tasks\HPCeeScheduleForRadek.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 03:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-01-07 615584]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-01-07 379040]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-27 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-27 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-27 418328]
"MfeEpePcMonitor"="c:\program files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe" [2011-08-22 200704]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe" [2011-08-17 14904]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2013-06-06 1664000]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page =
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\9leixagk.default-1366659333013\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\fshoster]
"ImagePath"="\"c:\program files (x86)\O2\Strazce internetu\fshoster32.exe\" -hosterid:0"
--
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1173953602-3365374468-4114211599-1002\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{98F86D1A-34D0-7CCA-EE93-F80249D5F121}*]
"pacekmhcgdhclhpelhpmfcadejkdpfgp"=hex:61,62,6a,6d,61,66,6f,6a,69,65,61,62,70,
66,64,69,6a,63,6c,6d,64,6e,66,6f,6c,6a,67,6a,6b,63,66,63,64,68,00,77
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_206_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_206_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_206_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_206_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_206.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\F-Secure\My Services Agent\Protected]
@Denied: ) (Everyone)
"AgentIdentifier"="3d704583-7b53-40b8-b7bb-7804ac4f7883"
"AuthorizationCode"=""
"39109_AgentIdentifier"="3d704583-7b53-40b8-b7bb-7804ac4f7883"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\O2\Strazce internetu\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files (x86)\CyberLink\Shared Files\RichVideo.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\program files (x86)\O2\Strazce internetu\apps\ComputerSecurity\Common\FSMA32.EXE
c:\program files (x86)\O2\Strazce internetu\apps\ComputerSecurity\Anti-Virus\fssm32.exe
c:\program files (x86)\Realtek\11n USB Wireless LAN Utility\RtWlan.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2014-05-11 19:41:41 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-05-11 17:41
.
Před spuštěním: Volných bajtů: 154 086 105 088
Po spuštění: Volných bajtů: 153 473 998 848
.
- - End Of File - - BA437AC83E7AA35358D17D2CA17791A2

#14 Příspěvek od **Márty84** » 11 kvě 2014 18:56

Vypnete trvale Windows Defender

Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

KillAll::

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Print2PDF Print Monitor"=-
"Adobe ARM"=-

Regnull::
[HKEY_USERS\S-1-5-21-1173953602-3365374468-4114211599-1002\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{98F86D1A-34D0-7CCA-EE93-F80249D5F121}*]

RegLock::
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
[HKEY_LOCAL_MACHINE\software\Wow6432Node\F-Secure\My Services Agent\Protected]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

Reboot::

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev CFScript a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Pretahntete mysi tento vytvoreny textovy dokument nad ikonu ComboFix a pustte.
ComboFix by se mel spustit a vykonat prikazy.
Az skonci (muze dojit k restartu pc), mel by se objevit novy log, ten mi sem zase zkopirujte.

Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace

Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku

polhrad · #15 Příspěvek od **polhrad** » 11 kvě 2014 19:31

ComboFix 14-05-10.01 - Radek 11.05.2014 20:04:42.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4030.1711 [GMT 2:00]
Spuštěný z: c:\users\Radek\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Radek\Desktop\CFScript.txt
AV: Ochrana počítače *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
SP: Ochrana počítače *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-04-11 do 2014-05-11 )))))))))))))))))))))))))))))))
.
.
2014-05-11 18:21 . 2014-05-11 18:21 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-05-11 14:42 . 2014-05-11 15:00 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-05-11 14:41 . 2014-05-11 14:41 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-05-11 12:43 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-05-11 12:43 . 2014-05-11 13:04 -------- d-----w- C:\AdwCleaner
2014-05-11 11:56 . 2014-05-11 11:57 -------- d-----w- C:\vlc
2014-05-06 23:07 . 2014-05-06 23:07 -------- d-s---w- c:\windows\system32\CompatTel
2014-05-06 17:21 . 2014-04-14 02:24 465408 ----a-w- c:\windows\system32\aepdu.dll
2014-05-06 17:21 . 2014-04-14 02:19 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-05-04 16:38 . 2014-05-04 16:38 -------- d-----w- C:\serialy
2014-05-04 00:28 . 2014-05-04 00:29 -------- d-----w- c:\users\Radek\AppData\Roaming\123 Free Solitaire
2014-05-04 00:28 . 2014-05-04 00:28 -------- d-----w- c:\program files (x86)\123 Free Solitaire
2014-05-04 00:26 . 2014-05-04 00:26 -------- d-----w- c:\program files (x86)\SuDoku
2014-05-03 01:02 . 2014-04-29 14:01 23547904 ----a-w- c:\windows\system32\mshtml.dll
2014-05-03 01:02 . 2014-04-29 13:40 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-05-03 01:02 . 2014-04-29 12:34 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-04-16 16:25 . 2014-04-16 16:26 -------- d-----w- c:\users\Radek\AppData\Roaming\Maxthon3
2014-04-16 16:24 . 2014-04-16 16:25 -------- d-----w- c:\program files (x86)\Maxthon
2014-04-11 18:49 . 2014-01-09 02:22 5694464 ----a-w- c:\windows\SysWow64\mstscax.dll
2014-04-11 18:49 . 2014-01-03 22:44 6574592 ----a-w- c:\windows\system32\mstscax.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-11 18:03 . 2014-05-11 13:12 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A2C8C2C7-041F-4E18-8806-753DCA2B2E2E}\offreg.dll
2014-05-11 14:42 . 2014-03-28 21:43 119000 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-29 10:45 . 2012-03-29 10:29 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-29 10:45 . 2011-11-25 18:20 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-17 03:31 . 2014-05-09 12:50 10651704 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A2C8C2C7-041F-4E18-8806-753DCA2B2E2E}\mpengine.dll
2014-04-09 23:03 . 2011-11-23 19:45 90655440 ----a-w- c:\windows\system32\MRT.exe
2014-03-31 07:35 . 2011-11-23 19:25 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-03-25 19:49 . 2014-03-25 19:49 935175 ----a-w- C:\RSITx64.exe
2014-03-06 09:31 . 2014-04-10 20:18 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-03-06 08:59 . 2014-04-10 20:18 66048 ----a-w- c:\windows\system32\iesetup.dll
2014-03-06 08:57 . 2014-04-10 20:18 548352 ----a-w- c:\windows\system32\vbscript.dll
2014-03-06 08:57 . 2014-04-10 20:18 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-03-06 08:53 . 2014-04-10 20:18 2767360 ----a-w- c:\windows\system32\iertutil.dll
2014-03-06 08:40 . 2014-04-10 20:18 51200 ----a-w- c:\windows\system32\jsproxy.dll
2014-03-06 08:39 . 2014-04-10 20:18 33792 ----a-w- c:\windows\system32\iernonce.dll
2014-03-06 08:32 . 2014-04-10 20:18 574976 ----a-w- c:\windows\system32\ieui.dll
2014-03-06 08:29 . 2014-04-10 20:18 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2014-03-06 08:29 . 2014-04-10 20:18 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-03-06 08:28 . 2014-04-10 20:18 752640 ----a-w- c:\windows\system32\jscript9diag.dll
2014-03-06 08:15 . 2014-04-10 20:18 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-03-06 08:11 . 2014-04-10 20:18 5784064 ----a-w- c:\windows\system32\jscript9.dll
2014-03-06 08:09 . 2014-04-10 20:18 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2014-03-06 08:03 . 2014-04-10 20:18 586240 ----a-w- c:\windows\system32\ie4uinit.exe
2014-03-06 08:02 . 2014-04-10 20:18 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-03-06 08:02 . 2014-04-10 20:18 455168 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-03-06 08:01 . 2014-04-10 20:18 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2014-03-06 07:56 . 2014-04-10 20:18 38400 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-03-06 07:48 . 2014-04-10 20:18 195584 ----a-w- c:\windows\system32\msrating.dll
2014-03-06 07:46 . 2014-04-10 20:18 4254720 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-03-06 07:42 . 2014-04-10 20:18 296960 ----a-w- c:\windows\system32\dxtrans.dll
2014-03-06 07:38 . 2014-04-10 20:18 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-03-06 07:36 . 2014-04-10 20:18 592896 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2014-03-06 07:21 . 2014-04-10 20:18 628736 ----a-w- c:\windows\system32\msfeeds.dll
2014-03-06 07:13 . 2014-04-10 20:18 32256 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-03-06 07:11 . 2014-04-10 20:18 2043904 ----a-w- c:\windows\system32\inetcpl.cpl
2014-03-06 06:53 . 2014-04-10 20:18 13551104 ----a-w- c:\windows\system32\ieframe.dll
2014-03-06 06:40 . 2014-04-10 20:18 1967104 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-03-06 06:22 . 2014-04-10 20:18 2260480 ----a-w- c:\windows\system32\wininet.dll
2014-03-06 05:58 . 2014-04-10 20:18 1400832 ----a-w- c:\windows\system32\urlmon.dll
2014-03-06 05:50 . 2014-04-10 20:18 846336 ----a-w- c:\windows\system32\ieapfltr.dll
2014-03-06 05:41 . 2014-04-10 20:18 1789440 ----a-w- c:\windows\SysWow64\wininet.dll
2014-03-04 09:44 . 2014-04-09 13:46 243712 ----a-w- c:\windows\system32\wow64.dll
2014-03-04 09:44 . 2014-04-09 13:46 362496 ----a-w- c:\windows\system32\wow64win.dll
2014-03-04 09:44 . 2014-04-09 13:46 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2014-03-04 09:44 . 2014-04-09 13:46 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2014-03-04 09:44 . 2014-04-09 13:46 1163264 ----a-w- c:\windows\system32\kernel32.dll
2014-03-04 09:17 . 2014-04-09 13:46 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2014-03-04 09:17 . 2014-04-09 13:46 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2014-03-04 09:16 . 2014-04-09 13:46 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2014-03-04 09:16 . 2014-04-09 13:46 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2014-03-04 08:09 . 2014-04-09 13:46 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2014-03-04 08:09 . 2014-04-09 13:46 2048 ----a-w- c:\windows\SysWow64\user.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"File Sanitizer"="c:\program files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2011-02-07 12274688]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-01-26 283160]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-11-26 113288]
"DTRun"="c:\program files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe" [2010-11-24 517456]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2011-05-23 103992]
"HPQuickWebProxy"="c:\program files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" [2011-11-26 169528]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-28 207424]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" [2012-06-20 333728]
"F-Secure Hoster (39109)"="c:\program files (x86)\O2\Strazce internetu\fshoster32.exe" [2013-05-15 191424]
"F-Secure Manager"="c:\program files (x86)\O2\Strazce internetu\apps\ComputerSecurity\Common\FSM32.EXE" [2013-08-14 310208]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 XobniService;XobniService;c:\program files (x86)\Xobni\XobniService.exe;c:\program files (x86)\Xobni\XobniService.exe [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys;c:\windows\SYSNATIVE\DRIVERS\DAMDrv64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe;c:\windows\SysWOW64\flcdlock.exe [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 mvusbews;USB EWS Device;c:\windows\system32\Drivers\mvusbews.sys;c:\windows\SYSNATIVE\Drivers\mvusbews.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys;c:\windows\SYSNATIVE\Drivers\fsbts.sys [x]
S0 MfeEpeOpal;MfeEpeOpal; [x]
S0 MfeEpePc;MfeEpePc; [x]
S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files (x86)\O2\Strazce internetu\apps\ComputerSecurity\HIPS\drivers\fshs.sys;c:\program files (x86)\O2\Strazce internetu\apps\ComputerSecurity\HIPS\drivers\fshs.sys [x]
S1 fsvista;F-Secure Vista Support Driver;c:\program files (x86)\O2\Strazce internetu\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys;c:\program files (x86)\O2\Strazce internetu\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [x]
S2 602XML Updater;602Updater;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe;c:\program files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 fshoster;F-Secure Dll Hoster;c:\program files (x86)\O2\Strazce internetu\fshoster32.exe;c:\program files (x86)\O2\Strazce internetu\fshoster32.exe [x]
S2 FSORSPClient;F-Secure ORSP Client;c:\program files (x86)\O2\Strazce internetu\apps\CCF_Reputation\fsorsp.exe;c:\program files (x86)\O2\Strazce internetu\apps\CCF_Reputation\fsorsp.exe [x]
S2 HPDayStarterService;HP DayStarter Service;c:\program files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe;c:\program files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [x]
S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [x]
S2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe;c:\windows\SYSNATIVE\HPSIsvc.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [x]
S2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [x]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe;c:\program files (x86)\PDF Complete\pdfsvc.exe [x]
S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [x]
S2 Realtek11nSU;Realtek11nSU;c:\program files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe;c:\program files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe [x]
S2 uArcCapture;ArcCapture;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftVCapture.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files (x86)\O2\Strazce internetu\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys;c:\program files (x86)\O2\Strazce internetu\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [x]
S3 fsni;fsni;c:\program files (x86)\O2\Strazce internetu\apps\CCF_Scanning\fsni64.sys;c:\program files (x86)\O2\Strazce internetu\apps\CCF_Scanning\fsni64.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-29 20:44 1078088 ----a-w- c:\program files (x86)\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-05-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-29 10:45]
.
2014-05-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-06 22:21]
.
2014-05-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-06 22:21]
.
2014-05-01 c:\windows\Tasks\HPCeeScheduleForHPPB4730S-RADEK$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 03:43]
.
2014-05-09 c:\windows\Tasks\HPCeeScheduleForRadek.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 03:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-01-07 615584]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-01-07 379040]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-27 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-27 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-27 418328]
"MfeEpePcMonitor"="c:\program files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe" [2011-08-22 200704]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe" [2011-08-17 14904]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2013-06-06 1664000]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page =
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\Radek\AppData\Roaming\Mozilla\Firefox\Profiles\9leixagk.default-1366659333013\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\fshoster]
"ImagePath"="\"c:\program files (x86)\O2\Strazce internetu\fshoster32.exe\" -hosterid:0"
--
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_206_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_206_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\O2\Strazce internetu\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files (x86)\Realtek\11n USB Wireless LAN Utility\RtWlan.exe
c:\program files (x86)\CyberLink\Shared Files\RichVideo.exe
c:\program files (x86)\O2\Strazce internetu\apps\ComputerSecurity\Common\FSMA32.EXE
c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\program files (x86)\O2\Strazce internetu\apps\ComputerSecurity\Anti-Virus\fssm32.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2014-05-11 20:29:23 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-05-11 18:29
ComboFix2.txt 2014-05-11 17:41
.
Před spuštěním: Volných bajtů: 153 557 155 840
Po spuštění: Volných bajtů: 153 465 311 232
.
- - End Of File - - 48CDF85D4044EB6EFC4093A0A9ACF37B

VIRY.CZ

Prosba o kontrolu logu.

Prosba o kontrolu logu.

Re: Prosba o kontrolu logu.

Re: Prosba o kontrolu logu.

Re: Prosba o kontrolu logu.

Re: Prosba o kontrolu logu.

Re: Prosba o kontrolu logu.

Re: Prosba o kontrolu logu.

Re: Prosba o kontrolu logu.

Re: Prosba o kontrolu logu.

Re: Prosba o kontrolu logu.

Re: Prosba o kontrolu logu.

Re: Prosba o kontrolu logu.

Re: Prosba o kontrolu logu.

Re: Prosba o kontrolu logu.

Re: Prosba o kontrolu logu.