VIRY.CZ

1. urob opravu hosts - vid vyssie
2. spust CF - bez scriptu - log vloz (stiahni novy zo znovuziveho linku hore)

Tak snad se mi povedlo udělat pořádek s Hosts......ovšem CF rovněž stávkuje - už v tom prvním černém okně zajede nepatrně za polovinu a comp vytuhne (pomůže jen vytažení baterie). Podruhé jsem to zkoušel s vypnutým antivirem a stejné.....

A nyní mimo téma - můj stolní PC začíná mít poněkud delší odezvy na pohyb myší anebo při spouštění programů, přepínání oken apod. Není to vyloženě drama, ale OK to asi není. Mohu založit nové téma, že bychom koukli i na tento stolní PC?

pre PC si zaloz novu temu - tu by vznikol gulas
vloz aktualny log RSIT z NTB

1. tak jsem to myslel - nové téma

2. zde je log z HJT:

Logfile of random's system information tool 1.09 (written by random/random)
Run by uzivatel at 2013-01-31 13:20:09
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 191 GB (63%) free of 305 GB
Total RAM: 4095 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:28:41, on 31.1.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Users\uzivatel\Desktop\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files\trend micro\uzivatel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O1 - Hosts: 192.157.56.28 http://www.google-analytics.com.
O1 - Hosts: 192.157.56.28 ad-emea.doubleclick.net.
O1 - Hosts: 192.157.56.28 http://www.statcounter.com.
O1 - Hosts: 192.157.56.28 connect.facebook.net.
O1 - Hosts: 192.157.56.28 platform.twitter.com.
O1 - Hosts: 93.115.241.27 http://www.google-analytics.com.
O1 - Hosts: 93.115.241.27 ad-emea.doubleclick.net.
O1 - Hosts: 93.115.241.27 http://www.statcounter.com.
O1 - Hosts: 93.115.241.27 connect.facebook.net.
O1 - Hosts: 93.115.241.27 platform.twitter.com.
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [PrivitizeVPN] C:\Program Files (x86)\PrivitizeVPN\PrivitizeVPN.exe /autorun
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\uzivatel\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [WebcamMaxAutoRun] "C:\Program Files (x86)\WebcamMax\WebcamMax.exe" -a
O4 - HKCU\..\Run: [Windows Update Server] C:\Users\uzivatel\31d89599-5930.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-179058154-1376331171-3639500384-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-179058154-1376331171-3639500384-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Users\uzivatel\Desktop\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Users\uzivatel\Desktop\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PandoraService (PanService) - Pandora.TV - C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10578 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\nvvsvc.exe
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Users\uzivatel\Desktop\Malwarebytes' Anti-Malware\mbamscheduler.exe"
"C:\Users\uzivatel\Desktop\Malwarebytes' Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
"C:\Program Files (x86)\PANDORA.TV\PanService\PanProcess.exe" PanProcess
WLIDSvcM.exe 1884
C:\Windows\system32\svchost.exe -k bthsvcs
"taskhost.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Users\uzivatel\Desktop\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Users\uzivatel\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-179058154-1376331171-3639500384-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-179058154-1376331171-3639500384-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\7wjrkinv.default

prefs.js - "browser.startup.homepage" - "http://www.facebook.com/"

"{336D0C35-8A85-403a-B9D2-65C292C39087}"=C:\Program Files\IB Updater\Firefox


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.146 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.7.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.146 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\7wjrkinv.default\extensions\
50d203dced9c6@50d203dced9ee.com
50d204e3a24fd@50d204e3a2536.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-09-25 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-09-25 155384]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2012-09-12 1289704]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-10-16 8158240]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-04 186904]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"=C:\Users\uzivatel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-24 138096]
"WebcamMaxAutoRun"=C:\Program Files (x86)\WebcamMax\WebcamMax.exe [2010-08-03 6043888]
"Windows Update Server"=C:\Users\uzivatel\31d89599-5930.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-08-19 170624]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-10-09 6937216]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"PrivitizeVPN"=C:\Program Files (x86)\PrivitizeVPN\PrivitizeVPN.exe [2012-09-10 196784]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-01-31 12:26:49 ----SD---- C:\32788R22FWJFW
2013-01-30 17:48:01 ----D---- C:\Users\uzivatel\AppData\Roaming\Malwarebytes
2013-01-30 17:47:28 ----D---- C:\ProgramData\Malwarebytes
2013-01-30 17:47:28 ----A---- C:\Windows\system32\drivers\mbam.sys
2013-01-30 11:38:05 ----A---- C:\AdwCleaner[S1].txt
2013-01-30 10:05:29 ----D---- C:\Windows\ERDNT
2013-01-30 10:04:18 ----D---- C:\Qoobox
2013-01-29 23:35:20 ----D---- C:\Program Files\trend micro
2013-01-29 23:35:17 ----D---- C:\rsit
2013-01-29 17:50:58 ----D---- C:\Program Files\CCleaner
2013-01-29 17:48:55 ----D---- C:\Program Files (x86)\Google
2013-01-26 23:04:06 ----D---- C:\FFOutput
2013-01-26 23:03:34 ----D---- C:\Program Files (x86)\FreeTime
2013-01-26 22:46:49 ----AH---- C:\Users\uzivatel\AppData\Roaming\winsvcns.sys
2013-01-26 16:06:25 ----D---- C:\Program Files (x86)\EA Games
2013-01-26 14:16:31 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-01-26 14:16:31 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-01-26 14:16:31 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-01-26 14:16:29 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2013-01-26 14:16:29 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2013-01-26 14:16:27 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2013-01-26 14:16:27 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2013-01-26 14:16:27 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2013-01-26 14:16:27 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2013-01-26 14:16:27 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2013-01-26 14:16:27 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2013-01-26 14:16:27 ----A---- C:\Windows\system32\wksprtPS.dll
2013-01-26 14:16:27 ----A---- C:\Windows\system32\wksprt.exe
2013-01-26 14:16:27 ----A---- C:\Windows\system32\TSWbPrxy.exe
2013-01-26 14:16:27 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-01-26 14:16:27 ----A---- C:\Windows\system32\tsgqec.dll
2013-01-26 14:16:27 ----A---- C:\Windows\system32\rdpudd.dll
2013-01-26 14:16:27 ----A---- C:\Windows\system32\rdpendp_winip.dll
2013-01-26 14:16:27 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2013-01-26 14:16:27 ----A---- C:\Windows\system32\aaclient.dll
2013-01-26 14:16:26 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2013-01-26 14:16:26 ----A---- C:\Windows\system32\rdpcorets.dll
2013-01-26 14:16:26 ----A---- C:\Windows\system32\mstsc.exe
2013-01-26 14:16:25 ----A---- C:\Windows\system32\mstscax.dll
2013-01-26 14:16:10 ----A---- C:\Windows\system32\ZSHP1020.EXE
2013-01-26 14:16:10 ----A---- C:\Windows\system32\ZLhp1020.DLL
2013-01-26 14:15:29 ----A---- C:\Windows\SYSWOW64\schannel.dll
2013-01-26 14:15:29 ----A---- C:\Windows\system32\schannel.dll
2013-01-26 14:15:29 ----A---- C:\Windows\system32\lsasrv.dll
2013-01-26 14:15:29 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2013-01-26 14:15:29 ----A---- C:\Windows\system32\drivers\cng.sys
2013-01-26 14:15:28 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2013-01-26 14:15:28 ----A---- C:\Windows\SYSWOW64\secur32.dll
2013-01-26 13:12:41 ----D---- C:\Program Files (x86)\Euro Truck Simulator 2
2013-01-26 09:48:42 ----A---- C:\Windows\system32\drivers\sptd.sys
2013-01-25 18:26:06 ----D---- C:\Program Files (x86)\Ubisoft
2013-01-23 16:46:24 ----D---- C:\Windows\system32\ARFC
2013-01-23 16:46:24 ----A---- C:\Windows\system32\msvcr100.dll
2013-01-23 16:46:24 ----A---- C:\Windows\system32\msvcp100.dll
2013-01-23 16:46:24 ----A---- C:\Windows\system32\ImHttpComm.dll
2013-01-23 16:46:24 ----A---- C:\Windows\system32\dmwu.exe
2013-01-23 16:44:37 ----D---- C:\Users\uzivatel\AppData\Roaming\DAEMON Tools Lite
2013-01-23 16:43:45 ----D---- C:\ProgramData\DAEMON Tools Lite
2013-01-22 18:42:22 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2013-01-22 18:42:22 ----A---- C:\Windows\system32\xactengine3_7.dll
2013-01-22 18:42:21 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2013-01-22 18:42:21 ----A---- C:\Windows\system32\d3dcsx_43.dll
2013-01-22 18:42:20 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2013-01-22 18:42:20 ----A---- C:\Windows\system32\d3dx10_43.dll
2013-01-22 18:42:19 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2013-01-22 18:42:19 ----A---- C:\Windows\system32\D3DX9_43.dll
2013-01-22 18:41:43 ----HD---- C:\Windows\msdownld.tmp
2013-01-22 18:41:42 ----D---- C:\Windows\SYSWOW64\directx
2013-01-22 18:25:04 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2013-01-22 18:25:04 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2013-01-22 18:25:04 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2013-01-22 18:25:04 ----A---- C:\Windows\system32\XAudio2_6.dll
2013-01-22 18:25:04 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2013-01-22 18:25:04 ----A---- C:\Windows\system32\xactengine3_6.dll
2013-01-22 18:25:03 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2013-01-22 18:25:03 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2013-01-22 18:25:02 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2013-01-22 18:25:02 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2013-01-22 18:25:02 ----A---- C:\Windows\system32\XAudio2_5.dll
2013-01-22 18:25:02 ----A---- C:\Windows\system32\xactengine3_5.dll
2013-01-22 18:25:01 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2013-01-22 18:25:01 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2013-01-22 18:25:00 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2013-01-22 18:25:00 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2013-01-22 18:25:00 ----A---- C:\Windows\system32\d3dx11_42.dll
2013-01-22 18:25:00 ----A---- C:\Windows\system32\d3dcsx_42.dll
2013-01-22 18:24:59 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2013-01-22 18:24:59 ----A---- C:\Windows\system32\D3DX9_42.dll
2013-01-22 18:24:58 ----A---- C:\Windows\system32\d3dx10_41.dll
2013-01-22 18:24:58 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2013-01-22 18:24:57 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2013-01-22 18:24:57 ----A---- C:\Windows\system32\D3DX9_41.dll
2013-01-22 18:24:56 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2013-01-22 18:24:56 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2013-01-22 18:24:56 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2013-01-22 18:24:56 ----A---- C:\Windows\system32\XAudio2_4.dll
2013-01-22 18:24:56 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2013-01-22 18:24:56 ----A---- C:\Windows\system32\xactengine3_4.dll
2013-01-22 18:24:55 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2013-01-22 18:24:55 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2013-01-22 18:24:54 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2013-01-22 18:24:54 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2013-01-22 18:24:54 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2013-01-22 18:24:54 ----A---- C:\Windows\system32\D3DX9_40.dll
2013-01-22 18:24:54 ----A---- C:\Windows\system32\d3dx10_40.dll
2013-01-22 18:24:54 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2013-01-22 18:24:53 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2013-01-22 18:24:53 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2013-01-22 18:24:53 ----A---- C:\Windows\system32\XAudio2_3.dll
2013-01-22 18:24:53 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2013-01-22 18:24:52 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2013-01-22 18:24:52 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2013-01-22 18:24:52 ----A---- C:\Windows\system32\xactengine3_3.dll
2013-01-22 18:24:52 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2013-01-22 18:24:51 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2013-01-22 18:24:51 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2013-01-22 18:24:51 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2013-01-22 18:24:51 ----A---- C:\Windows\system32\XAudio2_2.dll
2013-01-22 18:24:51 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2013-01-22 18:24:51 ----A---- C:\Windows\system32\xactengine3_2.dll
2013-01-22 18:24:50 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2013-01-22 18:24:50 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2013-01-22 18:24:50 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2013-01-22 18:24:50 ----A---- C:\Windows\system32\D3DX9_39.dll
2013-01-22 18:24:50 ----A---- C:\Windows\system32\d3dx10_39.dll
2013-01-22 18:24:50 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2013-01-22 18:24:49 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2013-01-22 18:24:49 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2013-01-22 18:24:49 ----A---- C:\Windows\system32\XAudio2_1.dll
2013-01-22 18:24:49 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2013-01-22 18:24:48 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2013-01-22 18:24:48 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2013-01-22 18:24:48 ----A---- C:\Windows\system32\xactengine3_1.dll
2013-01-22 18:24:48 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2013-01-22 18:24:47 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2013-01-22 18:24:47 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2013-01-22 18:24:47 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2013-01-22 18:24:47 ----A---- C:\Windows\system32\D3DX9_38.dll
2013-01-22 18:24:47 ----A---- C:\Windows\system32\d3dx10_38.dll
2013-01-22 18:24:47 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2013-01-22 18:24:46 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2013-01-22 18:24:46 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2013-01-22 18:24:46 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2013-01-22 18:24:46 ----A---- C:\Windows\system32\XAudio2_0.dll
2013-01-22 18:24:46 ----A---- C:\Windows\system32\xactengine3_0.dll
2013-01-22 18:24:46 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2013-01-22 18:24:45 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2013-01-22 18:24:45 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2013-01-22 18:24:45 ----A---- C:\Windows\system32\d3dx10_37.dll
2013-01-22 18:24:45 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2013-01-22 18:24:44 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2013-01-22 18:24:44 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2013-01-22 18:24:44 ----A---- C:\Windows\system32\xactengine2_10.dll
2013-01-22 18:24:44 ----A---- C:\Windows\system32\D3DX9_37.dll
2013-01-22 18:24:43 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2013-01-22 18:24:43 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2013-01-22 18:24:43 ----A---- C:\Windows\system32\d3dx10_36.dll
2013-01-22 18:24:43 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2013-01-22 18:24:42 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2013-01-22 18:24:42 ----A---- C:\Windows\system32\d3dx9_36.dll
2013-01-22 18:24:41 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2013-01-22 18:24:41 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2013-01-22 18:24:41 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2013-01-22 18:24:41 ----A---- C:\Windows\system32\xactengine2_9.dll
2013-01-22 18:24:41 ----A---- C:\Windows\system32\d3dx10_35.dll
2013-01-22 18:24:41 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2013-01-22 18:24:40 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2013-01-22 18:24:40 ----A---- C:\Windows\system32\d3dx9_35.dll
2013-01-22 18:24:39 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2013-01-22 18:24:39 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2013-01-22 18:24:39 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2013-01-22 18:24:39 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2013-01-22 18:24:39 ----A---- C:\Windows\system32\xactengine2_8.dll
2013-01-22 18:24:39 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2013-01-22 18:24:39 ----A---- C:\Windows\system32\d3dx10_34.dll
2013-01-22 18:24:39 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2013-01-22 18:24:38 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2013-01-22 18:24:38 ----A---- C:\Windows\system32\d3dx9_34.dll
2013-01-22 18:24:37 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2013-01-22 18:24:37 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2013-01-22 18:24:37 ----A---- C:\Windows\system32\xinput1_3.dll
2013-01-22 18:24:37 ----A---- C:\Windows\system32\xactengine2_7.dll
2013-01-22 18:24:36 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2013-01-22 18:24:36 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2013-01-22 18:24:36 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2013-01-22 18:24:36 ----A---- C:\Windows\system32\d3dx9_33.dll
2013-01-22 18:24:36 ----A---- C:\Windows\system32\d3dx10_33.dll
2013-01-22 18:24:36 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2013-01-22 18:24:35 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2013-01-22 18:24:35 ----A---- C:\Windows\system32\xactengine2_6.dll
2013-01-22 18:24:34 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2013-01-22 18:24:34 ----A---- C:\Windows\system32\xactengine2_5.dll
2013-01-22 18:24:33 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2013-01-22 18:24:33 ----A---- C:\Windows\system32\d3dx10.dll
2013-01-22 18:24:31 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2013-01-22 18:24:31 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2013-01-22 18:24:31 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2013-01-22 18:24:31 ----A---- C:\Windows\system32\xactengine2_4.dll
2013-01-22 18:24:31 ----A---- C:\Windows\system32\x3daudio1_1.dll
2013-01-22 18:24:31 ----A---- C:\Windows\system32\d3dx9_31.dll
2013-01-22 18:24:30 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2013-01-22 18:24:30 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2013-01-22 18:24:30 ----A---- C:\Windows\system32\xinput1_2.dll
2013-01-22 18:24:30 ----A---- C:\Windows\system32\xactengine2_3.dll
2013-01-22 18:24:29 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2013-01-22 18:24:29 ----A---- C:\Windows\system32\xactengine2_2.dll
2013-01-22 18:24:28 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2013-01-22 18:24:28 ----A---- C:\Windows\system32\xinput1_1.dll
2013-01-22 18:24:27 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2013-01-22 18:24:27 ----A---- C:\Windows\system32\xactengine2_1.dll
2013-01-22 18:24:21 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2013-01-22 18:24:21 ----A---- C:\Windows\system32\d3dx9_30.dll
2013-01-22 18:24:20 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2013-01-22 18:24:20 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2013-01-22 18:24:20 ----A---- C:\Windows\system32\xactengine2_0.dll
2013-01-22 18:24:20 ----A---- C:\Windows\system32\x3daudio1_0.dll
2013-01-22 18:24:19 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2013-01-22 18:24:19 ----A---- C:\Windows\system32\d3dx9_29.dll
2013-01-22 18:24:18 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2013-01-22 18:24:18 ----A---- C:\Windows\system32\d3dx9_28.dll
2013-01-22 18:24:17 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2013-01-22 18:24:17 ----A---- C:\Windows\system32\d3dx9_27.dll
2013-01-22 18:24:16 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2013-01-22 18:24:16 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2013-01-22 18:24:16 ----A---- C:\Windows\system32\d3dx9_26.dll
2013-01-22 18:24:16 ----A---- C:\Windows\system32\d3dx9_25.dll
2013-01-22 18:24:15 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2013-01-22 18:24:15 ----A---- C:\Windows\system32\d3dx9_24.dll
2013-01-22 18:03:25 ----D---- C:\Program Files (x86)\Atari
2013-01-19 10:05:14 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-01-09 17:17:42 ----A---- C:\Windows\system32\KernelBase.dll
2013-01-09 17:17:41 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-01-09 17:17:41 ----A---- C:\Windows\system32\kernel32.dll
2013-01-09 17:17:40 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-01-09 17:17:40 ----A---- C:\Windows\system32\wow64win.dll
2013-01-09 17:17:40 ----A---- C:\Windows\system32\wow64cpu.dll
2013-01-09 17:17:40 ----A---- C:\Windows\system32\wow64.dll
2013-01-09 17:17:40 ----A---- C:\Windows\system32\winsrv.dll
2013-01-09 17:17:40 ----A---- C:\Windows\system32\conhost.exe
2013-01-09 17:17:39 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-01-09 17:17:39 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-01-09 17:17:39 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-01-09 17:17:39 ----A---- C:\Windows\system32\ntvdm64.dll
2013-01-09 17:17:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-01-09 17:17:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-09 17:17:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-01-09 17:17:38 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-01-09 17:17:38 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-09 17:17:38 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-01-09 17:17:38 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-09 17:17:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-09 17:17:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-01-09 17:17:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-01-09 17:17:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-01-09 17:17:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-09 17:17:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-09 17:17:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-09 17:17:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-01-09 17:17:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-01-09 17:17:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-09 17:17:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-09 17:17:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-01-09 17:17:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-09 17:17:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-01-09 17:17:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-01-09 17:17:37 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-01-09 17:17:37 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-09 17:17:37 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-09 17:17:37 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-01-09 17:17:37 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-09 17:17:37 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-01-09 17:17:37 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-09 17:17:37 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-09 17:17:37 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-09 17:17:37 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-01-09 17:17:37 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-01-09 17:17:37 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-09 17:17:37 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-09 17:17:37 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-01-09 17:17:37 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-09 17:17:37 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-01-09 17:17:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-01-09 17:17:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-01-09 17:17:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-01-09 17:17:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-09 17:17:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-09 17:17:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-01-09 17:17:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-01-09 17:17:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-01-09 17:17:36 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-01-09 17:17:36 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-09 17:17:36 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-09 17:17:36 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-01-09 17:17:36 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-09 17:17:36 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-01-09 17:17:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-01-09 17:17:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-01-09 17:17:35 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-01-09 17:17:35 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-01-09 17:17:35 ----A---- C:\Windows\SYSWOW64\user.exe
2013-01-09 17:17:35 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-01-09 17:17:25 ----A---- C:\Windows\system32\Wpc.dll
2013-01-09 17:17:24 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2013-01-09 17:17:24 ----A---- C:\Windows\SYSWOW64\gameux.dll
2013-01-09 17:17:24 ----A---- C:\Windows\system32\gameux.dll
2013-01-09 17:15:49 ----A---- C:\Windows\system32\win32k.sys
2013-01-09 17:15:48 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-01-09 17:15:48 ----A---- C:\Windows\system32\win32spl.dll
2013-01-09 17:15:38 ----A---- C:\Windows\system32\msxml6.dll
2013-01-09 17:15:37 ----A---- C:\Windows\system32\msxml3.dll
2013-01-09 17:15:36 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2013-01-09 17:15:36 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2013-01-09 17:15:35 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-01-09 17:15:35 ----A---- C:\Windows\system32\usp10.dll
2013-01-09 17:15:35 ----A---- C:\Windows\system32\ncrypt.dll
2013-01-09 17:15:34 ----A---- C:\Windows\SYSWOW64\usp10.dll
2013-01-09 17:08:16 ----A---- C:\Windows\system32\taskhost.exe
2013-01-08 20:50:08 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2013-01-03 17:38:20 ----D---- C:\Program Files (x86)\GeoGebra

======List of files/folders modified in the last 1 month======

2013-01-31 13:23:01 ----D---- C:\Windows\System32
2013-01-31 13:23:01 ----D---- C:\Windows\inf
2013-01-31 13:23:01 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-01-31 13:20:21 ----D---- C:\Windows\Prefetch
2013-01-31 13:19:18 ----D---- C:\Windows\Temp
2013-01-31 13:18:44 ----D---- C:\ProgramData\NVIDIA
2013-01-31 12:05:59 ----D---- C:\Windows\system32\wdi
2013-01-31 12:03:46 ----D---- C:\Windows\system32\config
2013-01-31 11:58:52 ----D---- C:\Windows\system32\drivers\etc
2013-01-31 11:49:05 ----SHD---- C:\$Recycle.Bin
2013-01-31 11:49:01 ----RD---- C:\Users
2013-01-31 11:44:50 ----SD---- C:\Users\uzivatel\AppData\Roaming\Microsoft
2013-01-31 11:33:10 ----SD---- C:\ProgramData\Microsoft
2013-01-30 21:30:18 ----D---- C:\Program Files (x86)\Opera
2013-01-30 17:47:28 ----HD---- C:\ProgramData
2013-01-30 17:47:28 ----D---- C:\Windows\system32\drivers
2013-01-30 11:53:22 ----N---- C:\Windows\system32\MpSigStub.exe
2013-01-30 11:38:20 ----SHD---- C:\Windows\Installer
2013-01-30 11:38:20 ----RD---- C:\Program Files (x86)
2013-01-30 11:38:20 ----RD---- C:\Program Files
2013-01-30 11:38:20 ----D---- C:\Windows\SysWOW64
2013-01-30 10:57:27 ----D---- C:\Windows
2013-01-29 22:53:11 ----D---- C:\Windows\rescache
2013-01-29 18:55:49 ----D---- C:\Windows\system32\Tasks
2013-01-29 18:55:48 ----D---- C:\Windows\Tasks
2013-01-29 18:01:41 ----D---- C:\Windows\Panther
2013-01-29 18:01:41 ----D---- C:\Windows\Logs
2013-01-29 18:01:41 ----D---- C:\Windows\debug
2013-01-29 17:24:17 ----SHD---- C:\Users\uzivatel\AppData\Roaming\A199FD
2013-01-29 17:19:37 ----D---- C:\Program Files (x86)\ASUS
2013-01-29 17:19:29 ----SHD---- C:\System Volume Information
2013-01-28 08:28:57 ----D---- C:\Users\uzivatel\AppData\Roaming\NVIDIA
2013-01-26 16:40:30 ----D---- C:\Windows\winsxs
2013-01-26 16:39:14 ----D---- C:\Windows\SYSWOW64\wbem
2013-01-26 16:39:14 ----D---- C:\Windows\SYSWOW64\en-US
2013-01-26 16:39:14 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-01-26 16:39:14 ----D---- C:\Windows\system32\wbem
2013-01-26 16:39:14 ----D---- C:\Windows\system32\en-US
2013-01-26 16:39:14 ----D---- C:\Windows\system32\drivers\en-US
2013-01-26 16:39:14 ----D---- C:\Windows\system32\cs-CZ
2013-01-26 16:39:14 ----D---- C:\Windows\PolicyDefinitions
2013-01-26 16:39:13 ----D---- C:\Windows\system32\DriverStore
2013-01-26 16:07:02 ----D---- C:\Program Files (x86)\Common Files
2013-01-26 16:06:48 ----D---- C:\Windows\system32\catroot2
2013-01-26 14:23:12 ----D---- C:\Windows\Resources
2013-01-26 14:16:44 ----D---- C:\Windows\system32\catroot
2013-01-26 11:17:47 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-01-26 10:15:23 ----RSD---- C:\Windows\assembly
2013-01-22 18:24:23 ----D---- C:\Windows\Microsoft.NET
2013-01-20 15:47:48 ----D---- C:\Windows\system32\NDF
2013-01-20 08:36:28 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-01-10 07:20:59 ----D---- C:\Windows\AppPatch
2013-01-09 23:50:08 ----D---- C:\ProgramData\Microsoft Help
2013-01-09 23:44:20 ----A---- C:\Windows\system32\MRT.exe
2013-01-08 20:50:49 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-01-05 23:06:48 ----D---- C:\Users\uzivatel\AppData\Roaming\Skype
2013-01-01 19:40:49 ----D---- C:\Program Files\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 408600]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2012-08-30 228768]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2013-01-26 564824]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmpx64.sys [2009-06-25 67584]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimspx64.sys [2009-06-25 55296]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdpx64.sys [2009-06-25 57856]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2012-10-16 1542656]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2012-10-16 98344]
R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2012-10-16 132648]
R3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2012-10-16 35104]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2012-10-16 21160]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-10-16 2007968]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2012-10-16 15416]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2012-12-14 24176]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2012-10-16 15928]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2012-07-03 189288]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-10-16 236544]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2012-10-16 1806400]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2012-09-12 57856]
S3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-01 864032]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-04 354840]
R2 MBAMService;MBAMService; C:\Users\uzivatel\Desktop\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
R2 MBAMScheduler;MBAMScheduler; C:\Users\uzivatel\Desktop\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-09-12 22072]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-10-02 891240]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-10-02 1258856]
R2 PanService;PandoraService; C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe [2012-09-28 625304]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-10-19 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-08 251400]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-09-12 1512448]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-01-19 115608]
S3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-10-16 1255736]

-----------------EOF-----------------

premenuj ComboFix na NoMbr a spust - ak sa nezasekne log vloz

Bohužel, zasekl se ve stejném místě, jako předtím - a to u položky: Výstupní složka: C:\32788R22FWJFW, což, jak jsem zjistil, je složka souborů, kdy po jejím otevření na mě kouklo to samé, jako když klepnu na Start/Počítač

pouzi Avenger - jeho script:
Files to delete:
C:\Users\uzivatel\31d89599-5930.exe
C:\Users\uzivatel\AppData\Roaming\winsvcns.sys

Avenger jsem aplikoval (celá legrace trvala cca 2sec - nemám zkušenost zda je to OK)

Pak jsem vyzkoušel CF, ale opět se zasekl ve stejném místě

je piatok bolo by dobre tuto akciu dokoncit
napisem Ti viac bodov, ak niekde bude problem pokracuj dalsim ,,,
citat:
1. Odinstalujte Combofix

•Prejmenujte ComboFix na Uninstall
•Spustte jej
•Tohle smaze Combofix a jeho slozky

2. TFC http://oldtimer.geekstogo.com/TFC.exe

•Stahnete a spustte
•Kliknete na Start a potvrdte OK
•Program uklidi a restartuje pc
•Po pouziti utilitu smazte

3. pozri obsah hosts - je tam skutocne IBA ten riadok co som pisal

4. vloz log z TDSSKiller

5. skontroluj PC s MBAM - uplna kontrola

CF smazat nešel - opět se na stejném místě zasekl - baterie ven

OldTimer aplikován - uklidil (268MB) ale nerestartoval

Hosts dle http://support.microsoft.com/kb/972034/ ... selfAlways:

# Copyright (c) 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself. # 127.0.0.1 localhost # ::1 localhost


TDSSKiller aplikován s výsledkem 0 objektů - viz log:

11:49:51.0018 2104 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
11:49:51.0206 2104 ============================================================
11:49:51.0206 2104 Current date / time: 2013/02/01 11:49:51.0206
11:49:51.0206 2104 SystemInfo:
11:49:51.0206 2104
11:49:51.0206 2104 OS Version: 6.1.7601 ServicePack: 1.0
11:49:51.0206 2104 Product type: Workstation
11:49:51.0206 2104 ComputerName: NB-KAT
11:49:51.0207 2104 UserName: uzivatel
11:49:51.0207 2104 Windows directory: C:\Windows
11:49:51.0207 2104 System windows directory: C:\Windows
11:49:51.0207 2104 Running under WOW64
11:49:51.0207 2104 Processor architecture: Intel x64
11:49:51.0207 2104 Number of processors: 2
11:49:51.0207 2104 Page size: 0x1000
11:49:51.0207 2104 Boot type: Normal boot
11:49:51.0207 2104 ============================================================
11:49:51.0878 2104 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:49:51.0886 2104 ============================================================
11:49:51.0886 2104 \Device\Harddisk0\DR0:
11:49:51.0886 2104 MBR partitions:
11:49:51.0886 2104 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
11:49:51.0886 2104 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x253FB800
11:49:51.0886 2104 ============================================================
11:49:51.0915 2104 C: <-> \Device\Harddisk0\DR0\Partition2
11:49:51.0915 2104 ============================================================
11:49:51.0915 2104 Initialize success
11:49:51.0915 2104 ============================================================
11:50:19.0480 2916 ============================================================
11:50:19.0480 2916 Scan started
11:50:19.0480 2916 Mode: Manual;
11:50:19.0480 2916 ============================================================
11:50:19.0587 2916 ================ Scan system memory ========================
11:50:19.0587 2916 System memory - ok
11:50:19.0588 2916 ================ Scan services =============================
11:50:19.0705 2916 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
11:50:19.0711 2916 1394ohci - ok
11:50:19.0742 2916 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
11:50:19.0746 2916 ACPI - ok
11:50:19.0763 2916 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
11:50:19.0765 2916 AcpiPmi - ok
11:50:19.0855 2916 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:50:19.0895 2916 AdobeARMservice - ok
11:50:19.0981 2916 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:50:19.0986 2916 AdobeFlashPlayerUpdateSvc - ok
11:50:20.0031 2916 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
11:50:20.0047 2916 adp94xx - ok
11:50:20.0071 2916 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
11:50:20.0087 2916 adpahci - ok
11:50:20.0115 2916 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
11:50:20.0120 2916 adpu320 - ok
11:50:20.0147 2916 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
11:50:20.0150 2916 AeLookupSvc - ok
11:50:20.0185 2916 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
11:50:20.0197 2916 AFD - ok
11:50:20.0224 2916 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
11:50:20.0226 2916 agp440 - ok
11:50:20.0239 2916 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
11:50:20.0241 2916 ALG - ok
11:50:20.0259 2916 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
11:50:20.0261 2916 aliide - ok
11:50:20.0280 2916 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
11:50:20.0281 2916 amdide - ok
11:50:20.0313 2916 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
11:50:20.0315 2916 AmdK8 - ok
11:50:20.0321 2916 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
11:50:20.0323 2916 AmdPPM - ok
11:50:20.0350 2916 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
11:50:20.0352 2916 amdsata - ok
11:50:20.0366 2916 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
11:50:20.0370 2916 amdsbs - ok
11:50:20.0382 2916 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
11:50:20.0383 2916 amdxata - ok
11:50:20.0427 2916 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
11:50:20.0430 2916 AppID - ok
11:50:20.0463 2916 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
11:50:20.0465 2916 AppIDSvc - ok
11:50:20.0492 2916 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
11:50:20.0494 2916 Appinfo - ok
11:50:20.0520 2916 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
11:50:20.0523 2916 AppMgmt - ok
11:50:20.0535 2916 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
11:50:20.0537 2916 arc - ok
11:50:20.0553 2916 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
11:50:20.0555 2916 arcsas - ok
11:50:20.0572 2916 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
11:50:20.0573 2916 AsyncMac - ok
11:50:20.0585 2916 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
11:50:20.0585 2916 atapi - ok
11:50:20.0649 2916 [ 0ACC06FCF46F64ED4F11E57EE461C1F4 ] athr C:\Windows\system32\DRIVERS\athrx.sys
11:50:20.0795 2916 athr - ok
11:50:20.0829 2916 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:50:20.0842 2916 AudioEndpointBuilder - ok
11:50:20.0853 2916 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
11:50:20.0859 2916 AudioSrv - ok
11:50:20.0878 2916 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
11:50:20.0880 2916 AxInstSV - ok
11:50:20.0911 2916 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
11:50:20.0917 2916 b06bdrv - ok
11:50:20.0950 2916 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
11:50:20.0954 2916 b57nd60a - ok
11:50:20.0985 2916 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
11:50:20.0987 2916 BDESVC - ok
11:50:21.0006 2916 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
11:50:21.0007 2916 Beep - ok
11:50:21.0117 2916 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
11:50:21.0133 2916 BFE - ok
11:50:21.0165 2916 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
11:50:21.0198 2916 BITS - ok
11:50:21.0226 2916 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
11:50:21.0228 2916 blbdrive - ok
11:50:21.0261 2916 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
11:50:21.0262 2916 bowser - ok
11:50:21.0278 2916 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:50:21.0279 2916 BrFiltLo - ok
11:50:21.0288 2916 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:50:21.0289 2916 BrFiltUp - ok
11:50:21.0316 2916 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
11:50:21.0318 2916 Browser - ok
11:50:21.0336 2916 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
11:50:21.0339 2916 Brserid - ok
11:50:21.0344 2916 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
11:50:21.0346 2916 BrSerWdm - ok
11:50:21.0356 2916 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
11:50:21.0357 2916 BrUsbMdm - ok
11:50:21.0367 2916 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
11:50:21.0368 2916 BrUsbSer - ok
11:50:21.0407 2916 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
11:50:21.0408 2916 BthEnum - ok
11:50:21.0419 2916 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
11:50:21.0421 2916 BTHMODEM - ok
11:50:21.0453 2916 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
11:50:21.0455 2916 BthPan - ok
11:50:21.0479 2916 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
11:50:21.0490 2916 BTHPORT - ok
11:50:21.0517 2916 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
11:50:21.0519 2916 bthserv - ok
11:50:21.0530 2916 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
11:50:21.0532 2916 BTHUSB - ok
11:50:21.0560 2916 [ 6BCFDC2B5B7F66D484486D4BD4B39A6B ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
11:50:21.0586 2916 btwaudio - ok
11:50:21.0616 2916 [ 82DC8B7C626E526681C1BEBED2BC3FF9 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
11:50:21.0628 2916 btwavdt - ok
11:50:21.0696 2916 [ D65AA164ACD0F6706DBCFBBCC9731584 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
11:50:21.0709 2916 btwdins - ok
11:50:21.0725 2916 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
11:50:21.0768 2916 btwl2cap - ok
11:50:21.0793 2916 [ 28E105AD3B79F440BF94780F507BF66A ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
11:50:21.0803 2916 btwrchid - ok
11:50:21.0819 2916 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
11:50:21.0820 2916 cdfs - ok
11:50:21.0851 2916 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
11:50:21.0853 2916 cdrom - ok
11:50:21.0880 2916 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
11:50:21.0884 2916 CertPropSvc - ok
11:50:21.0915 2916 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
11:50:21.0917 2916 circlass - ok
11:50:21.0944 2916 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
11:50:21.0959 2916 CLFS - ok
11:50:22.0010 2916 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:50:22.0014 2916 clr_optimization_v2.0.50727_32 - ok
11:50:22.0056 2916 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:50:22.0059 2916 clr_optimization_v2.0.50727_64 - ok
11:50:22.0125 2916 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:50:22.0129 2916 clr_optimization_v4.0.30319_32 - ok
11:50:22.0146 2916 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:50:22.0149 2916 clr_optimization_v4.0.30319_64 - ok
11:50:22.0171 2916 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
11:50:22.0172 2916 CmBatt - ok
11:50:22.0189 2916 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
11:50:22.0190 2916 cmdide - ok
11:50:22.0220 2916 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
11:50:22.0225 2916 CNG - ok
11:50:22.0257 2916 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
11:50:22.0258 2916 Compbatt - ok
11:50:22.0286 2916 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
11:50:22.0289 2916 CompositeBus - ok
11:50:22.0298 2916 COMSysApp - ok
11:50:22.0326 2916 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
11:50:22.0327 2916 crcdisk - ok
11:50:22.0362 2916 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
11:50:22.0365 2916 CryptSvc - ok
11:50:22.0399 2916 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
11:50:22.0407 2916 CSC - ok
11:50:22.0455 2916 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
11:50:22.0488 2916 CscService - ok
11:50:22.0543 2916 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
11:50:22.0568 2916 DcomLaunch - ok
11:50:22.0607 2916 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
11:50:22.0614 2916 defragsvc - ok
11:50:22.0654 2916 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
11:50:22.0656 2916 DfsC - ok
11:50:22.0669 2916 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
11:50:22.0675 2916 Dhcp - ok
11:50:22.0685 2916 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
11:50:22.0686 2916 discache - ok
11:50:22.0714 2916 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
11:50:22.0715 2916 Disk - ok
11:50:22.0748 2916 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
11:50:22.0752 2916 Dnscache - ok
11:50:22.0784 2916 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
11:50:22.0788 2916 dot3svc - ok
11:50:22.0817 2916 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
11:50:22.0820 2916 DPS - ok
11:50:22.0841 2916 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
11:50:22.0842 2916 drmkaud - ok
11:50:22.0883 2916 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
11:50:22.0891 2916 DXGKrnl - ok
11:50:22.0907 2916 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
11:50:22.0909 2916 EapHost - ok
11:50:22.0982 2916 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
11:50:23.0067 2916 ebdrv - ok
11:50:23.0088 2916 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
11:50:23.0089 2916 EFS - ok
11:50:23.0137 2916 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
11:50:23.0147 2916 ehRecvr - ok
11:50:23.0173 2916 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
11:50:23.0174 2916 ehSched - ok
11:50:23.0205 2916 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
11:50:23.0217 2916 elxstor - ok
11:50:23.0245 2916 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
11:50:23.0246 2916 ErrDev - ok
11:50:23.0282 2916 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
11:50:23.0288 2916 EventSystem - ok
11:50:23.0295 2916 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
11:50:23.0298 2916 exfat - ok
11:50:23.0326 2916 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
11:50:23.0329 2916 fastfat - ok
11:50:23.0370 2916 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
11:50:23.0384 2916 Fax - ok
11:50:23.0406 2916 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
11:50:23.0408 2916 fdc - ok
11:50:23.0432 2916 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
11:50:23.0434 2916 fdPHost - ok
11:50:23.0446 2916 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
11:50:23.0448 2916 FDResPub - ok
11:50:23.0462 2916 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
11:50:23.0464 2916 FileInfo - ok
11:50:23.0474 2916 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
11:50:23.0475 2916 Filetrace - ok
11:50:23.0487 2916 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
11:50:23.0488 2916 flpydisk - ok
11:50:23.0510 2916 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
11:50:23.0514 2916 FltMgr - ok
11:50:23.0553 2916 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
11:50:23.0588 2916 FontCache - ok
11:50:23.0638 2916 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:50:23.0640 2916 FontCache3.0.0.0 - ok
11:50:23.0663 2916 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
11:50:23.0664 2916 FsDepends - ok
11:50:23.0700 2916 [ B16B626996C74B564005BA855C5DEE90 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
11:50:23.0701 2916 fssfltr - ok
11:50:23.0753 2916 [ 812E1BA5C52A78F13EA6AA10DF708B1D ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
11:50:23.0805 2916 fsssvc - ok
11:50:23.0829 2916 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
11:50:23.0830 2916 Fs_Rec - ok
11:50:23.0859 2916 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
11:50:23.0861 2916 fvevol - ok
11:50:23.0886 2916 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
11:50:23.0889 2916 gagp30kx - ok
11:50:23.0933 2916 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
11:50:23.0956 2916 gpsvc - ok
11:50:23.0975 2916 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
11:50:23.0977 2916 hcw85cir - ok
11:50:24.0016 2916 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:50:24.0021 2916 HdAudAddService - ok
11:50:24.0044 2916 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
11:50:24.0046 2916 HDAudBus - ok
11:50:24.0051 2916 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
11:50:24.0052 2916 HidBatt - ok
11:50:24.0074 2916 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
11:50:24.0076 2916 HidBth - ok
11:50:24.0087 2916 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
11:50:24.0089 2916 HidIr - ok
11:50:24.0106 2916 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
11:50:24.0108 2916 hidserv - ok
11:50:24.0133 2916 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
11:50:24.0134 2916 HidUsb - ok
11:50:24.0165 2916 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
11:50:24.0168 2916 hkmsvc - ok
11:50:24.0190 2916 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:50:24.0195 2916 HomeGroupListener - ok
11:50:24.0216 2916 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:50:24.0220 2916 HomeGroupProvider - ok
11:50:24.0242 2916 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
11:50:24.0244 2916 HpSAMD - ok
11:50:24.0285 2916 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
11:50:24.0311 2916 HTTP - ok
11:50:24.0344 2916 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
11:50:24.0345 2916 hwpolicy - ok
11:50:24.0366 2916 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
11:50:24.0368 2916 i8042prt - ok
11:50:24.0419 2916 [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
11:50:24.0433 2916 IAANTMON - ok
11:50:24.0472 2916 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
11:50:24.0476 2916 iaStor - ok
11:50:24.0500 2916 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
11:50:24.0507 2916 iaStorV - ok
11:50:24.0547 2916 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:50:24.0580 2916 idsvc - ok
11:50:24.0609 2916 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
11:50:24.0611 2916 iirsp - ok
11:50:24.0652 2916 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
11:50:24.0676 2916 IKEEXT - ok
11:50:24.0746 2916 [ 2A7CF87BE453241FE0BAA1C8651E7AA4 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:50:24.0761 2916 IntcAzAudAddService - ok
11:50:24.0775 2916 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
11:50:24.0776 2916 intelide - ok
11:50:24.0799 2916 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
11:50:24.0800 2916 intelppm - ok
11:50:24.0815 2916 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
11:50:24.0818 2916 IPBusEnum - ok
11:50:24.0832 2916 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:50:24.0833 2916 IpFilterDriver - ok
11:50:24.0866 2916 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
11:50:24.0878 2916 iphlpsvc - ok
11:50:24.0902 2916 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
11:50:24.0903 2916 IPMIDRV - ok
11:50:24.0919 2916 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
11:50:24.0920 2916 IPNAT - ok
11:50:24.0942 2916 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
11:50:24.0943 2916 IRENUM - ok
11:50:24.0960 2916 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
11:50:24.0961 2916 isapnp - ok
11:50:24.0981 2916 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
11:50:24.0984 2916 iScsiPrt - ok
11:50:25.0015 2916 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
11:50:25.0015 2916 kbdclass - ok
11:50:25.0041 2916 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
11:50:25.0042 2916 kbdhid - ok
11:50:25.0065 2916 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
11:50:25.0074 2916 kbfiltr - ok
11:50:25.0084 2916 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
11:50:25.0086 2916 KeyIso - ok
11:50:25.0113 2916 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
11:50:25.0115 2916 KSecDD - ok
11:50:25.0138 2916 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
11:50:25.0140 2916 KSecPkg - ok
11:50:25.0150 2916 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
11:50:25.0151 2916 ksthunk - ok
11:50:25.0188 2916 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
11:50:25.0195 2916 KtmRm - ok
11:50:25.0238 2916 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
11:50:25.0243 2916 LanmanServer - ok
11:50:25.0273 2916 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:50:25.0278 2916 LanmanWorkstation - ok
11:50:25.0316 2916 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
11:50:25.0318 2916 lltdio - ok
11:50:25.0343 2916 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
11:50:25.0348 2916 lltdsvc - ok
11:50:25.0365 2916 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
11:50:25.0367 2916 lmhosts - ok
11:50:25.0403 2916 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
11:50:25.0405 2916 LSI_FC - ok
11:50:25.0429 2916 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
11:50:25.0431 2916 LSI_SAS - ok
11:50:25.0441 2916 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:50:25.0443 2916 LSI_SAS2 - ok
11:50:25.0456 2916 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:50:25.0458 2916 LSI_SCSI - ok
11:50:25.0482 2916 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
11:50:25.0484 2916 luafv - ok
11:50:25.0505 2916 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
11:50:25.0506 2916 MBAMProtector - ok
11:50:25.0599 2916 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Users\uzivatel\Desktop\Malwarebytes' Anti-Malware\mbamscheduler.exe
11:50:25.0614 2916 MBAMScheduler - ok
11:50:25.0645 2916 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Users\uzivatel\Desktop\Malwarebytes' Anti-Malware\mbamservice.exe
11:50:25.0676 2916 MBAMService - ok
11:50:25.0711 2916 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
11:50:25.0714 2916 Mcx2Svc - ok
11:50:25.0732 2916 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
11:50:25.0734 2916 megasas - ok
11:50:25.0752 2916 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
11:50:25.0756 2916 MegaSR - ok
11:50:25.0787 2916 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
11:50:25.0789 2916 MMCSS - ok
11:50:25.0802 2916 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
11:50:25.0803 2916 Modem - ok
11:50:25.0816 2916 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
11:50:25.0816 2916 monitor - ok
11:50:25.0837 2916 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
11:50:25.0838 2916 mouclass - ok
11:50:25.0860 2916 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
11:50:25.0862 2916 mouhid - ok
11:50:25.0880 2916 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
11:50:25.0882 2916 mountmgr - ok
11:50:25.0933 2916 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:50:25.0936 2916 MozillaMaintenance - ok
11:50:25.0957 2916 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
11:50:25.0960 2916 MpFilter - ok
11:50:25.0990 2916 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
11:50:25.0993 2916 mpio - ok
11:50:26.0012 2916 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
11:50:26.0014 2916 mpsdrv - ok
11:50:26.0051 2916 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
11:50:26.0083 2916 MpsSvc - ok
11:50:26.0103 2916 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
11:50:26.0106 2916 MRxDAV - ok
11:50:26.0142 2916 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
11:50:26.0144 2916 mrxsmb - ok
11:50:26.0156 2916 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:50:26.0160 2916 mrxsmb10 - ok
11:50:26.0177 2916 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:50:26.0179 2916 mrxsmb20 - ok
11:50:26.0203 2916 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
11:50:26.0203 2916 msahci - ok
11:50:26.0219 2916 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
11:50:26.0222 2916 msdsm - ok
11:50:26.0248 2916 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
11:50:26.0252 2916 MSDTC - ok
11:50:26.0277 2916 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
11:50:26.0278 2916 Msfs - ok
11:50:26.0292 2916 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
11:50:26.0293 2916 mshidkmdf - ok
11:50:26.0304 2916 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
11:50:26.0305 2916 msisadrv - ok
11:50:26.0338 2916 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
11:50:26.0341 2916 MSiSCSI - ok
11:50:26.0346 2916 msiserver - ok
11:50:26.0365 2916 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
11:50:26.0367 2916 MSKSSRV - ok
11:50:26.0419 2916 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
11:50:26.0420 2916 MsMpSvc - ok
11:50:26.0435 2916 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
11:50:26.0437 2916 MSPCLOCK - ok
11:50:26.0452 2916 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
11:50:26.0453 2916 MSPQM - ok
11:50:26.0480 2916 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
11:50:26.0484 2916 MsRPC - ok
11:50:26.0497 2916 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
11:50:26.0498 2916 mssmbios - ok
11:50:26.0517 2916 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
11:50:26.0518 2916 MSTEE - ok
11:50:26.0523 2916 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
11:50:26.0525 2916 MTConfig - ok
11:50:26.0564 2916 [ 032D35C996F21D19A205A7C8F0B76F3C ] MTsensor C:\Windows\system32\DRIVERS\ATK64AMD.sys
11:50:26.0594 2916 MTsensor - ok
11:50:26.0625 2916 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
11:50:26.0626 2916 Mup - ok
11:50:26.0652 2916 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
11:50:26.0667 2916 napagent - ok
11:50:26.0710 2916 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
11:50:26.0723 2916 NativeWifiP - ok
11:50:26.0771 2916 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
11:50:26.0803 2916 NDIS - ok
11:50:26.0817 2916 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
11:50:26.0818 2916 NdisCap - ok
11:50:26.0844 2916 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
11:50:26.0845 2916 NdisTapi - ok
11:50:26.0858 2916 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
11:50:26.0860 2916 Ndisuio - ok
11:50:26.0872 2916 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
11:50:26.0875 2916 NdisWan - ok
11:50:26.0900 2916 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
11:50:26.0901 2916 NDProxy - ok
11:50:26.0918 2916 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
11:50:26.0920 2916 NetBIOS - ok
11:50:26.0953 2916 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
11:50:26.0957 2916 NetBT - ok
11:50:26.0965 2916 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
11:50:26.0967 2916 Netlogon - ok
11:50:27.0007 2916 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
11:50:27.0020 2916 Netman - ok
11:50:27.0045 2916 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
11:50:27.0060 2916 netprofm - ok
11:50:27.0080 2916 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:50:27.0082 2916 NetTcpPortSharing - ok
11:50:27.0103 2916 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
11:50:27.0105 2916 nfrd960 - ok
11:50:27.0138 2916 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
11:50:27.0139 2916 NisDrv - ok
11:50:27.0158 2916 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
11:50:27.0161 2916 NisSrv - ok
11:50:27.0186 2916 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
11:50:27.0191 2916 NlaSvc - ok
11:50:27.0206 2916 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
11:50:27.0208 2916 Npfs - ok
11:50:27.0219 2916 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
11:50:27.0221 2916 nsi - ok
11:50:27.0230 2916 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
11:50:27.0232 2916 nsiproxy - ok
11:50:27.0302 2916 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
11:50:27.0342 2916 Ntfs - ok
11:50:27.0357 2916 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
11:50:27.0358 2916 Null - ok
11:50:27.0403 2916 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
11:50:27.0404 2916 NVHDA - ok
11:50:27.0697 2916 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:50:27.0765 2916 nvlddmkm - ok
11:50:27.0845 2916 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
11:50:27.0847 2916 nvraid - ok
11:50:27.0862 2916 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
11:50:27.0865 2916 nvstor - ok
11:50:27.0906 2916 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
11:50:27.0939 2916 nvsvc - ok
11:50:27.0987 2916 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
11:50:27.0997 2916 nvUpdatusService - ok
11:50:28.0025 2916 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
11:50:28.0027 2916 nv_agp - ok
11:50:28.0100 2916 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:50:28.0116 2916 odserv - ok
11:50:28.0149 2916 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
11:50:28.0152 2916 ohci1394 - ok
11:50:28.0170 2916 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:50:28.0173 2916 ose - ok
11:50:28.0221 2916 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
11:50:28.0229 2916 p2pimsvc - ok
11:50:28.0270 2916 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
11:50:28.0296 2916 p2psvc - ok
11:50:28.0340 2916 [ 1011C779C9FCD01AFA96490C86A50421 ] PanService C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe
11:50:28.0860 2916 PanService - ok
11:50:28.0916 2916 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
11:50:28.0919 2916 Parport - ok
11:50:28.0953 2916 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
11:50:28.0955 2916 partmgr - ok
11:50:28.0973 2916 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
11:50:28.0977 2916 PcaSvc - ok
11:50:28.0992 2916 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
11:50:28.0994 2916 pci - ok
11:50:29.0010 2916 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
11:50:29.0011 2916 pciide - ok
11:50:29.0038 2916 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
11:50:29.0042 2916 pcmcia - ok
11:50:29.0060 2916 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
11:50:29.0061 2916 pcw - ok
11:50:29.0084 2916 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
11:50:29.0097 2916 PEAUTH - ok
11:50:29.0198 2916 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
11:50:29.0238 2916 PeerDistSvc - ok
11:50:29.0301 2916 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
11:50:29.0306 2916 PerfHost - ok
11:50:29.0391 2916 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
11:50:29.0449 2916 pla - ok
11:50:29.0501 2916 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
11:50:29.0518 2916 PlugPlay - ok
11:50:29.0546 2916 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
11:50:29.0552 2916 PNRPAutoReg - ok
11:50:29.0571 2916 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
11:50:29.0576 2916 PNRPsvc - ok
11:50:29.0610 2916 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
11:50:29.0623 2916 PolicyAgent - ok
11:50:29.0652 2916 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
11:50:29.0656 2916 Power - ok
11:50:29.0678 2916 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
11:50:29.0680 2916 PptpMiniport - ok
11:50:29.0696 2916 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
11:50:29.0698 2916 Processor - ok
11:50:29.0730 2916 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
11:50:29.0734 2916 ProfSvc - ok
11:50:29.0744 2916 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:50:29.0745 2916 ProtectedStorage - ok
11:50:29.0768 2916 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
11:50:29.0770 2916 Psched - ok
11:50:29.0827 2916 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
11:50:29.0868 2916 ql2300 - ok
11:50:29.0890 2916 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
11:50:29.0892 2916 ql40xx - ok
11:50:29.0908 2916 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
11:50:29.0914 2916 QWAVE - ok
11:50:29.0930 2916 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
11:50:29.0932 2916 QWAVEdrv - ok
11:50:29.0944 2916 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
11:50:29.0945 2916 RasAcd - ok
11:50:29.0977 2916 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
11:50:29.0978 2916 RasAgileVpn - ok
11:50:29.0994 2916 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
11:50:29.0998 2916 RasAuto - ok
11:50:30.0011 2916 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
11:50:30.0014 2916 Rasl2tp - ok
11:50:30.0032 2916 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
11:50:30.0037 2916 RasMan - ok
11:50:30.0057 2916 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
11:50:30.0058 2916 RasPppoe - ok
11:50:30.0079 2916 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
11:50:30.0080 2916 RasSstp - ok
11:50:30.0101 2916 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
11:50:30.0104 2916 rdbss - ok
11:50:30.0115 2916 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
11:50:30.0116 2916 rdpbus - ok
11:50:30.0125 2916 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
11:50:30.0126 2916 RDPCDD - ok
11:50:30.0160 2916 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
11:50:30.0163 2916 RDPDR - ok
11:50:30.0185 2916 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
11:50:30.0186 2916 RDPENCDD - ok
11:50:30.0195 2916 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
11:50:30.0196 2916 RDPREFMP - ok
11:50:30.0241 2916 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:50:30.0242 2916 RdpVideoMiniport - ok
11:50:30.0269 2916 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
11:50:30.0271 2916 RDPWD - ok
11:50:30.0298 2916 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
11:50:30.0300 2916 rdyboost - ok
11:50:30.0321 2916 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
11:50:30.0324 2916 RemoteAccess - ok
11:50:30.0351 2916 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
11:50:30.0354 2916 RemoteRegistry - ok
11:50:30.0372 2916 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
11:50:30.0374 2916 RFCOMM - ok
11:50:30.0404 2916 [ 6FAF5B04BEDC66D300D9D233B2D222F0 ] rimmptsk C:\Windows\system32\DRIVERS\rimmpx64.sys
11:50:30.0405 2916 rimmptsk - ok
11:50:30.0412 2916 [ 67F50C31713106FD1B0F286F86AA2B2E ] rimsptsk C:\Windows\system32\DRIVERS\rimspx64.sys
11:50:30.0413 2916 rimsptsk - ok
11:50:30.0423 2916 [ 4D7EF3D46346EC4C58784DB964B365DE ] rismxdp C:\Windows\system32\DRIVERS\rixdpx64.sys
11:50:30.0425 2916 rismxdp - ok
11:50:30.0442 2916 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
11:50:30.0444 2916 RpcEptMapper - ok
11:50:30.0461 2916 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
11:50:30.0463 2916 RpcLocator - ok
11:50:30.0502 2916 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
11:50:30.0506 2916 RpcSs - ok
11:50:30.0528 2916 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
11:50:30.0530 2916 rspndr - ok
11:50:30.0555 2916 [ F65F171165FBB613F7AA3CC78E8CAB42 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
11:50:30.0557 2916 RTL8167 - ok
11:50:30.0579 2916 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
11:50:30.0580 2916 s3cap - ok
11:50:30.0584 2916 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
11:50:30.0586 2916 SamSs - ok
11:50:30.0623 2916 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
11:50:30.0626 2916 sbp2port - ok
11:50:30.0647 2916 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
11:50:30.0664 2916 SCardSvr - ok
11:50:30.0687 2916 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
11:50:30.0689 2916 scfilter - ok
11:50:30.0741 2916 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
11:50:30.0770 2916 Schedule - ok
11:50:30.0792 2916 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
11:50:30.0793 2916 SCPolicySvc - ok
11:50:30.0815 2916 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
11:50:30.0817 2916 sdbus - ok
11:50:30.0834 2916 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
11:50:30.0839 2916 SDRSVC - ok
11:50:30.0852 2916 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
11:50:30.0854 2916 secdrv - ok
11:50:30.0874 2916 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
11:50:30.0877 2916 seclogon - ok
11:50:30.0887 2916 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
11:50:30.0890 2916 SENS - ok
11:50:30.0901 2916 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
11:50:30.0904 2916 SensrSvc - ok
11:50:30.0928 2916 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
11:50:30.0929 2916 Serenum - ok
11:50:30.0959 2916 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
11:50:30.0961 2916 Serial - ok
11:50:31.0003 2916 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
11:50:31.0004 2916 sermouse - ok
11:50:31.0050 2916 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
11:50:31.0054 2916 SessionEnv - ok
11:50:31.0075 2916 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
11:50:31.0077 2916 sffdisk - ok
11:50:31.0089 2916 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
11:50:31.0090 2916 sffp_mmc - ok
11:50:31.0102 2916 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
11:50:31.0104 2916 sffp_sd - ok
11:50:31.0112 2916 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
11:50:31.0114 2916 sfloppy - ok
11:50:31.0169 2916 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
11:50:31.0185 2916 SharedAccess - ok
11:50:31.0219 2916 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:50:31.0225 2916 ShellHWDetection - ok
11:50:31.0240 2916 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:50:31.0242 2916 SiSRaid2 - ok
11:50:31.0260 2916 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
11:50:31.0261 2916 SiSRaid4 - ok
11:50:31.0298 2916 [ B866E8C5ED1DCBEA72285BA4107892C2 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
11:50:31.0300 2916 SkypeUpdate - ok
11:50:31.0312 2916 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
11:50:31.0314 2916 Smb - ok
11:50:31.0361 2916 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
11:50:31.0364 2916 SNMPTRAP - ok
11:50:31.0441 2916 [ 1D8474722CDFFBB8FCA5FA12C50A05A2 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
11:50:31.0482 2916 SNP2UVC - ok
11:50:31.0493 2916 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
11:50:31.0494 2916 spldr - ok
11:50:31.0531 2916 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
11:50:31.0545 2916 Spooler - ok
11:50:31.0631 2916 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
11:50:31.0720 2916 sppsvc - ok
11:50:31.0740 2916 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
11:50:31.0744 2916 sppuinotify - ok
11:50:31.0809 2916 [ D6AB7C13FCDD2E4CAC35244D2C172D9A ] sptd C:\Windows\System32\Drivers\sptd.sys
11:50:31.0822 2916 sptd - ok
11:50:31.0861 2916 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
11:50:31.0867 2916 srv - ok
11:50:31.0883 2916 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
11:50:31.0889 2916 srv2 - ok
11:50:31.0910 2916 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
11:50:31.0913 2916 srvnet - ok
11:50:31.0937 2916 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
11:50:31.0942 2916 SSDPSRV - ok
11:50:31.0955 2916 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
11:50:31.0958 2916 SstpSvc - ok
11:50:32.0003 2916 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
11:50:32.0011 2916 Stereo Service - ok
11:50:32.0042 2916 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
11:50:32.0043 2916 stexstor - ok
11:50:32.0075 2916 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
11:50:32.0090 2916 stisvc - ok
11:50:32.0115 2916 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
11:50:32.0116 2916 storflt - ok
11:50:32.0144 2916 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
11:50:32.0147 2916 StorSvc - ok
11:50:32.0160 2916 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
11:50:32.0162 2916 storvsc - ok
11:50:32.0179 2916 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
11:50:32.0180 2916 swenum - ok
11:50:32.0260 2916 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
11:50:32.0349 2916 SwitchBoard - ok
11:50:32.0388 2916 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
11:50:32.0394 2916 swprv - ok
11:50:32.0445 2916 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
11:50:32.0483 2916 SysMain - ok
11:50:32.0509 2916 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:50:32.0512 2916 TabletInputService - ok
11:50:32.0549 2916 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
11:50:32.0573 2916 TapiSrv - ok
11:50:32.0591 2916 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
11:50:32.0597 2916 TBS - ok
11:50:32.0651 2916 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
11:50:32.0692 2916 Tcpip - ok
11:50:32.0735 2916 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
11:50:32.0744 2916 TCPIP6 - ok
11:50:32.0766 2916 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
11:50:32.0767 2916 tcpipreg - ok
11:50:32.0793 2916 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
11:50:32.0794 2916 TDPIPE - ok
11:50:32.0816 2916 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
11:50:32.0818 2916 TDTCP - ok
11:50:32.0848 2916 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
11:50:32.0852 2916 tdx - ok
11:50:32.0871 2916 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
11:50:32.0873 2916 TermDD - ok
11:50:32.0905 2916 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
11:50:32.0929 2916 TermService - ok
11:50:32.0942 2916 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
11:50:32.0945 2916 Themes - ok
11:50:32.0960 2916 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
11:50:32.0962 2916 THREADORDER - ok
11:50:32.0983 2916 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
11:50:32.0987 2916 TrkWks - ok
11:50:33.0025 2916 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:50:33.0029 2916 TrustedInstaller - ok
11:50:33.0066 2916 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
11:50:33.0068 2916 tssecsrv - ok
11:50:33.0101 2916 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
11:50:33.0102 2916 TsUsbFlt - ok
11:50:33.0135 2916 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
11:50:33.0138 2916 tunnel - ok
11:50:33.0150 2916 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
11:50:33.0152 2916 uagp35 - ok
11:50:33.0170 2916 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
11:50:33.0175 2916 udfs - ok
11:50:33.0203 2916 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
11:50:33.0207 2916 UI0Detect - ok
11:50:33.0235 2916 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
11:50:33.0237 2916 uliagpkx - ok
11:50:33.0263 2916 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
11:50:33.0265 2916 umbus - ok
11:50:33.0278 2916 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
11:50:33.0280 2916 UmPass - ok
11:50:33.0312 2916 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
11:50:33.0316 2916 UmRdpService - ok
11:50:33.0337 2916 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
11:50:33.0343 2916 upnphost - ok
11:50:33.0353 2916 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
11:50:33.0355 2916 usbccgp - ok
11:50:33.0386 2916 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
11:50:33.0388 2916 usbcir - ok
11:50:33.0403 2916 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
11:50:33.0404 2916 usbehci - ok
11:50:33.0424 2916 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
11:50:33.0427 2916 usbhub - ok
11:50:33.0443 2916 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
11:50:33.0444 2916 usbohci - ok
11:50:33.0468 2916 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
11:50:33.0469 2916 usbprint - ok
11:50:33.0500 2916 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:50:33.0502 2916 USBSTOR - ok
11:50:33.0521 2916 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
11:50:33.0523 2916 usbuhci - ok
11:50:33.0553 2916 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
11:50:33.0556 2916 usbvideo - ok
11:50:33.0574 2916 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
11:50:33.0578 2916 UxSms - ok
11:50:33.0588 2916 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
11:50:33.0591 2916 VaultSvc - ok
11:50:33.0606 2916 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
11:50:33.0607 2916 vdrvroot - ok
11:50:33.0645 2916 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
11:50:33.0659 2916 vds - ok
11:50:33.0678 2916 vfovrlt - ok
11:50:33.0685 2916 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
11:50:33.0687 2916 vga - ok
11:50:33.0710 2916 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
11:50:33.0711 2916 VgaSave - ok
11:50:33.0732 2916 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
11:50:33.0736 2916 vhdmp - ok
11:50:33.0753 2916 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
11:50:33.0754 2916 viaide - ok
11:50:33.0774 2916 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
11:50:33.0777 2916 vmbus - ok
11:50:33.0794 2916 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
11:50:33.0795 2916 VMBusHID - ok
11:50:33.0813 2916 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
11:50:33.0814 2916 volmgr - ok
11:50:33.0833 2916 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
11:50:33.0838 2916 volmgrx - ok
11:50:33.0860 2916 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
11:50:33.0864 2916 volsnap - ok
11:50:33.0889 2916 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
11:50:33.0891 2916 vsmraid - ok
11:50:33.0939 2916 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
11:50:33.0986 2916 VSS - ok
11:50:34.0000 2916 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
11:50:34.0001 2916 vwifibus - ok
11:50:34.0027 2916 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
11:50:34.0029 2916 vwififlt - ok
11:50:34.0054 2916 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
11:50:34.0055 2916 vwifimp - ok
11:50:34.0085 2916 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
11:50:34.0099 2916 W32Time - ok
11:50:34.0107 2916 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
11:50:34.0108 2916 WacomPen - ok
11:50:34.0149 2916 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
11:50:34.0151 2916 WANARP - ok
11:50:34.0167 2916 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
11:50:34.0170 2916 Wanarpv6 - ok
11:50:34.0244 2916 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
11:50:34.0278 2916 WatAdminSvc - ok
11:50:34.0319 2916 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
11:50:34.0359 2916 wbengine - ok
11:50:34.0388 2916 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
11:50:34.0392 2916 WbioSrvc - ok
11:50:34.0425 2916 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
11:50:34.0431 2916 wcncsvc - ok
11:50:34.0444 2916 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:50:34.0447 2916 WcsPlugInService - ok
11:50:34.0467 2916 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
11:50:34.0468 2916 Wd - ok
11:50:34.0507 2916 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
11:50:34.0520 2916 Wdf01000 - ok
11:50:34.0535 2916 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
11:50:34.0538 2916 WdiServiceHost - ok
11:50:34.0541 2916 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
11:50:34.0544 2916 WdiSystemHost - ok
11:50:34.0563 2916 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
11:50:34.0568 2916 WebClient - ok
11:50:34.0585 2916 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
11:50:34.0589 2916 Wecsvc - ok
11:50:34.0599 2916 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
11:50:34.0603 2916 wercplsupport - ok
11:50:34.0624 2916 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
11:50:34.0627 2916 WerSvc - ok
11:50:34.0651 2916 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
11:50:34.0652 2916 WfpLwf - ok
11:50:34.0666 2916 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
11:50:34.0667 2916 WIMMount - ok
11:50:34.0682 2916 WinDefend - ok
11:50:34.0689 2916 WinHttpAutoProxySvc - ok
11:50:34.0754 2916 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
11:50:34.0757 2916 Winmgmt - ok
11:50:34.0823 2916 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
11:50:34.0887 2916 WinRM - ok
11:50:34.0938 2916 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
11:50:34.0940 2916 WinUsb - ok
11:50:34.0971 2916 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
11:50:35.0008 2916 Wlansvc - ok
11:50:35.0115 2916 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:50:35.0186 2916 wlidsvc - ok
11:50:35.0212 2916 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
11:50:35.0213 2916 WmiAcpi - ok
11:50:35.0236 2916 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
11:50:35.0239 2916 wmiApSrv - ok
11:50:35.0256 2916 WMPNetworkSvc - ok
11:50:35.0267 2916 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
11:50:35.0270 2916 WPCSvc - ok
11:50:35.0300 2916 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
11:50:35.0305 2916 WPDBusEnum - ok
11:50:35.0326 2916 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
11:50:35.0327 2916 ws2ifsl - ok
11:50:35.0342 2916 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
11:50:35.0345 2916 wscsvc - ok
11:50:35.0349 2916 WSearch - ok
11:50:35.0447 2916 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
11:50:35.0517 2916 wuauserv - ok
11:50:35.0549 2916 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
11:50:35.0551 2916 WudfPf - ok
11:50:35.0572 2916 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
11:50:35.0575 2916 WUDFRd - ok
11:50:35.0605 2916 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
11:50:35.0609 2916 wudfsvc - ok
11:50:35.0634 2916 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
11:50:35.0640 2916 WwanSvc - ok
11:50:35.0674 2916 ================ Scan global ===============================
11:50:35.0698 2916 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:50:35.0718 2916 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
11:50:35.0735 2916 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
11:50:35.0762 2916 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:50:35.0790 2916 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:50:35.0805 2916 [Global] - ok
11:50:35.0805 2916 ================ Scan MBR ==================================
11:50:35.0819 2916 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:50:36.0205 2916 \Device\Harddisk0\DR0 - ok
11:50:36.0205 2916 ================ Scan VBR ==================================
11:50:36.0208 2916 [ A08CC0E15BBF44D033A16EEB01E83A2F ] \Device\Harddisk0\DR0\Partition1
11:50:36.0209 2916 \Device\Harddisk0\DR0\Partition1 - ok
11:50:36.0221 2916 [ C51DFB6067872FB6F9AD8161298B537D ] \Device\Harddisk0\DR0\Partition2
11:50:36.0223 2916 \Device\Harddisk0\DR0\Partition2 - ok
11:50:36.0224 2916 ============================================================
11:50:36.0224 2916 Scan finished
11:50:36.0224 2916 ============================================================
11:50:36.0245 3324 Detected object count: 0
11:50:36.0245 3324 Actual detected object count: 0
11:50:53.0372 3488 Deinitialize success


A zde máme výsledky z MBAM (našel dvě mršky (jednu zafajfknul a druhou ne - obě jsem nechal zlikvidovat):

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.70.0.1100
http://www.malwarebytes.org

Verze: v2013.02.01.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
uzivatel :: NB-KAT [administrátor]

Ochrana: Povolena

1.2.2013 12:12:02
MBAM-log-2013-02-01 (13-41-14).txt

Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 370050
Uplynulý čas: 38 minut, 14 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Windows Update Server (Backdoor.IRCBot) -> Data: C:\Users\uzivatel\31d89599-5930.exe -> Nebyla provedena žádná instrukce.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
C:\Users\uzivatel\Documents\FLVPlayer_v3.exe (PUP.Adware.Installcore) -> Nebyla provedena žádná instrukce.

(konec)

pokial sa MBAM podari odstranit polozku v registroch, tak mame hotovo
po restarte urob rychlu kontrolu s MBAM

MBAM - nebyla zjištěna infekce:


Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.70.0.1100
www.malwarebytes.org

Verze: v2013.02.01.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
uzivatel :: NB-KAT [administrátor]

Ochrana: Povolena

1.2.2013 16:17:46
mbam-log-2013-02-01 (16-17-46).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 252939
Uplynulý čas: 3 minut, 41 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

ak nie su problemy, tak hotovo

Rychlost NTB je už OK....

Jen mě ještě pořád otravují ty tři věci, o kterých jsem psal dříve:

1. při startu NTB vyskočí okno, které se ptá, zda dovolíme, aby PrivitizeVPN Client od vydavatele OOO "Industry" provedl v počítači změny. Nevíme co to je, tak pokaždé daváme "NE". Toto se objevuje od začátku (takže to nemá souvislost s těmi dnešními viry), ale je to otravné, tak bych to rád s Tvojí pomoci pořešil...

2. po startu prohlížeče (Opera) se v levém dolním rohu usadí okýnko velikosti cca 5x5cm, které se tváří poměrně regulérně - v horní liště má napsáno: PC Performer Test, vevnitř je text Full scan in progress a zároveň tam běhají dvě lišty, ale nad tím oknem je na pravé straně miniaturní křížek v černém kolečku, kterým se dá toto okno zavřít. Samozřejmě v horní modré liště jsou rovněž standardní tlačítka "minimize, full a close", ale na ty mám strach šahat. Když okno vypneme, tak se za chvíli objeví zpět, ale už ne jako test, ale třeba jako herní automat apod. Toto dle mého názoru není OK a také bych s tím rád udělal pořádek.....

3. cca 5min po spuštění NTB se v dolní liště objeví blikající záložka, na které je napsáno: Uživatel jucheck.exe žádá o oprávnění. Když na to najedu myší, tak se v náhledu ukáže prázdné bílé okno s červeným křížkem v pravém horním rohu. Také jsem to nikdy nespouštěl, neb se obávám, že to bude něco zlobivého - vždy to jen pravým myšítkem vypnu....

Bod 2. a 3. se děje od momentu, kdy se NTB tak kriticky zpomalil...

Zkusím ještě odinstalovat CF a ostatní "pojídače" breberek....ale Ty bys mi mohl poradit, co mám nechat a preventivně používat a ještě se chci zeptat na Tvůj názor na antivir Microsoft Security Essentials - zda by nebyl lepší Avast?