VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Po zapnutí PC nejde net - log z combofixu

https://forum.viry.cz:443/viewtopic.php?t=125853

Stránka 1 z 5

Po zapnutí PC nejde net - log z combofixu

Napsal: 16 lis 2012 18:57
od zoldak21
Zdravím,
mám problém, že když zapnu PC, nejde mi net. Wifi router normálně běží, PC s noťasem propojím v síti. Z noťasu na net jdu bez problému. Jen na PC mě to na net nepustí. Pomůže vždy zapnutí combofixu, po proběhnutí net naskočí.
Koukl byste někdo na ten log. Hodím sem dva logy. Jeden pár dní starý, druhý z dneška.
starší:
ComboFix 12-11-05.03 - Kremlickovi 10.11.2012 10:23:58.6.3 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4095.2735 [GMT 1:00]
Spuštěný z: c:\users\Kremlickovi\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 5.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 5.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-10-10 do 2012-11-10 )))))))))))))))))))))))))))))))
.
.
2012-11-10 09:29 . 2012-11-10 09:29 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-11-10 09:29 . 2012-11-10 09:29 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-11-10 09:29 . 2012-11-10 09:29 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-09 12:58 . 2012-10-12 07:19 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{384D30A7-E3A9-4CD8-AFBF-BA600A23D6FE}\mpengine.dll
2012-11-04 12:44 . 2012-11-04 12:44 -------- d-----w- c:\programdata\FLEXnet
2012-11-04 12:44 . 2012-11-04 12:51 -------- d-----w- c:\users\Kremlickovi\AppData\Local\Adobe
2012-11-04 12:28 . 2012-11-04 12:28 -------- d-----w- c:\program files (x86)\Bonjour
2012-11-04 12:25 . 2012-11-04 12:25 -------- d-----w- c:\windows\SysWow64\spool
2012-11-04 12:22 . 2012-11-04 12:22 -------- d-----w- c:\program files (x86)\Common Files\Macrovision Shared
2012-11-01 18:34 . 2012-11-01 18:42 -------- d-----w- c:\users\Kremlickovi\AppData\Roaming\TeamViewer
2012-10-11 19:29 . 2012-10-11 19:29 -------- d-----w- c:\users\Kremlickovi\AppData\Local\ESET
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-10 21:39 . 2012-08-01 17:31 65309168 ----a-w- c:\windows\system32\MRT.exe
2012-10-08 20:39 . 2012-08-01 17:20 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-08 20:39 . 2012-08-01 17:20 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-14 19:19 . 2012-10-10 15:48 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-10 15:48 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-09-03 21:20 . 2012-09-03 21:20 1409 ----a-w- c:\windows\QTFont.for
2012-09-03 21:16 . 2012-09-03 21:16 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2012-09-03 21:16 . 2012-09-03 21:16 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2012-08-31 18:19 . 2012-10-10 15:49 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-08-30 18:03 . 2012-10-10 15:49 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-30 17:12 . 2012-10-10 15:49 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-08-30 17:12 . 2012-10-10 15:49 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-08-24 18:05 . 2012-10-10 15:48 220160 ----a-w- c:\windows\system32\wintrust.dll
2012-08-24 16:57 . 2012-10-10 15:48 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-08-24 11:15 . 2012-09-22 21:40 17810944 ----a-w- c:\windows\system32\mshtml.dll
2012-08-24 10:39 . 2012-09-22 21:40 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-08-24 10:31 . 2012-09-22 21:40 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 10:22 . 2012-09-22 21:40 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-08-24 10:21 . 2012-09-22 21:40 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 10:20 . 2012-09-22 21:40 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 10:18 . 2012-09-22 21:40 237056 ----a-w- c:\windows\system32\url.dll
2012-08-24 10:17 . 2012-09-22 21:40 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-08-24 10:14 . 2012-09-22 21:40 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 10:14 . 2012-09-22 21:40 816640 ----a-w- c:\windows\system32\jscript.dll
2012-08-24 10:13 . 2012-09-22 21:40 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 10:12 . 2012-09-22 21:40 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-08-24 10:11 . 2012-09-22 21:40 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-08-24 10:10 . 2012-09-22 21:40 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-08-24 10:09 . 2012-09-22 21:40 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-24 10:04 . 2012-09-22 21:40 248320 ----a-w- c:\windows\system32\ieui.dll
2012-08-24 06:59 . 2012-09-22 21:40 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-08-24 06:51 . 2012-09-22 21:40 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-08-24 06:51 . 2012-09-22 21:40 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47 . 2012-09-22 21:40 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47 . 2012-09-22 21:40 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-08-24 06:43 . 2012-09-22 21:40 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-08-22 18:12 . 2012-09-12 11:36 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 18:12 . 2012-09-12 11:36 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-12 11:36 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 11:36 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 21:01 . 2012-09-26 14:38 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-08-20 18:48 . 2012-10-10 15:48 362496 ----a-w- c:\windows\system32\wow64win.dll
2012-08-20 18:48 . 2012-10-10 15:48 243200 ----a-w- c:\windows\system32\wow64.dll
2012-08-20 18:48 . 2012-10-10 15:48 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2012-08-20 18:48 . 2012-10-10 15:48 215040 ----a-w- c:\windows\system32\winsrv.dll
2012-08-20 18:48 . 2012-10-10 15:48 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2012-08-20 18:48 . 2012-10-10 15:48 424448 ----a-w- c:\windows\system32\KernelBase.dll
2012-08-20 18:48 . 2012-10-10 15:48 1162240 ----a-w- c:\windows\system32\kernel32.dll
2012-08-20 18:46 . 2012-10-10 15:48 338432 ----a-w- c:\windows\system32\conhost.exe
2012-08-20 18:38 . 2012-10-10 15:48 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-08-20 17:40 . 2012-10-10 15:48 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2012-08-20 17:38 . 2012-10-10 15:48 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-08-20 17:38 . 2012-10-10 15:48 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2012-08-20 17:37 . 2012-10-10 15:48 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2012-08-20 17:37 . 2012-10-10 15:48 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2012-08-20 17:32 . 2012-10-10 15:48 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:48 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:48 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:48 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:48 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:48 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:48 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:48 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:48 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:48 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:48 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:48 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2006-05-03 09:06 163328 --sha-r- c:\windows\SysWOW64\flvDX.dll
2007-02-21 10:47 31232 --sha-r- c:\windows\SysWOW64\msfDX.dll
2008-03-16 12:30 216064 --sha-r- c:\windows\SysWOW64\nbDX.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
"DAEMON Tools Lite"="c:\programy\DAEMON Tools Lite\DTLite.exe" [2012-04-11 3672384]
"Infium"="c:\programy\QIP Infium\infium.exe" [2011-04-25 6848384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2011-06-20 5199984]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"UnlockerAssistant"="c:\programy\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2012-09-03 296096]
.
c:\users\Kremlickovi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Lingea Update Center.lnk - c:\program files (x86)\Common Files\Lingea Shared\luc.exe [2011-9-16 275736]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2012-10-22 113664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 29184]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S1 AsrAppCharger;AsrAppCharger;c:\windows\system32\DRIVERS\AsrAppCharger.sys [2011-05-10 17192]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-08-02 283200]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2012-03-14 209768]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2012-03-14 148528]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2012-03-07 913144]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2012-03-14 137144]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-05-15 382272]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe [2011-06-14 27760]
S3 IesDrv;IesDrv;c:\windows\SysWOW64\Drivers\IesDrv.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2011-06-14 2159728]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - IESDRV
.
Obsah adresáře 'Naplánované úlohy'
.
2012-11-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-01 20:39]
.
2012-11-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4243971926-3072265572-2308968163-1000Core.job
- c:\users\Kremlickovi\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-02 14:35]
.
2012-11-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4243971926-3072265572-2308968163-1000UA.job
- c:\users\Kremlickovi\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-02 14:35]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2012-03-07 4081008]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.seznam.cz/
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Kremlickovi\AppData\Roaming\Mozilla\Firefox\Profiles\fwa0hch3.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Adobe Photoshop 7.0 CE - c:\windows\ISUN0405.EXE
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-11-10 10:31:56
ComboFix-quarantined-files.txt 2012-11-10 09:31
ComboFix2.txt 2012-11-09 09:51
ComboFix3.txt 2012-11-07 18:54
ComboFix4.txt 2012-11-06 11:40
ComboFix5.txt 2012-11-10 09:36
.
Před spuštěním: 8 293 363 712
Po spuštění: 8 276 123 648
.
- - End Of File - - 4E9B4F1E7CBF809D539DE45E2FCC924C



dnešní:
ComboFix 12-11-16.02 - Kremlickovi 16.11.2012 14:36:28.9.3 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4095.2801 [GMT 1:00]
Spuštěný z: c:\users\Kremlickovi\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 5.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 5.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-10-16 do 2012-11-16 )))))))))))))))))))))))))))))))
.
.
2012-11-14 23:08 . 2012-07-26 07:40 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2012-11-14 23:08 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-14 23:08 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-14 23:08 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-14 22:59 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-14 22:59 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-14 22:59 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-14 22:59 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-14 22:59 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-14 22:59 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-14 22:59 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-14 18:58 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2012-11-14 18:58 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll
2012-11-13 14:16 . 2012-10-12 07:19 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{65C7EBB4-80BC-4F92-8C5E-E2C221A3B9CA}\mpengine.dll
2012-11-08 12:43 . 2012-11-08 12:43 8704 ----a-r- c:\users\Kremlickovi\AppData\Roaming\Microsoft\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\IconDED53B0B1.exe
2012-11-08 12:43 . 2012-11-08 12:43 178688 ----a-r- c:\users\Kremlickovi\AppData\Roaming\Microsoft\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\Icon0E6AB9FC1.exe
2012-11-08 12:43 . 2012-11-08 12:43 171008 ----a-r- c:\users\Kremlickovi\AppData\Roaming\Microsoft\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\IconDED53B0B.exe
2012-11-08 12:43 . 2012-11-08 12:43 1038336 ----a-r- c:\users\Kremlickovi\AppData\Roaming\Microsoft\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\Icon0E6AB9FC.exe
2012-11-08 12:43 . 2012-11-08 12:43 -------- d-----w- c:\programdata\Lavasoft
2012-11-08 12:43 . 2012-11-08 12:43 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2012-11-04 12:44 . 2012-11-04 12:44 -------- d-----w- c:\programdata\FLEXnet
2012-11-04 12:44 . 2012-11-04 12:51 -------- d-----w- c:\users\Kremlickovi\AppData\Local\Adobe
2012-11-04 12:28 . 2012-11-04 12:28 -------- d-----w- c:\program files (x86)\Bonjour
2012-11-04 12:25 . 2012-11-04 12:25 -------- d-----w- c:\windows\SysWow64\spool
2012-11-04 12:22 . 2012-11-04 12:22 -------- d-----w- c:\program files (x86)\Common Files\Macrovision Shared
2012-11-01 18:34 . 2012-11-01 18:42 -------- d-----w- c:\users\Kremlickovi\AppData\Roaming\TeamViewer
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-14 22:59 . 2012-08-01 17:31 66395536 ----a-w- c:\windows\system32\MRT.exe
2012-10-08 20:39 . 2012-08-01 17:20 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-08 20:39 . 2012-08-01 17:20 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-14 19:19 . 2012-10-10 15:48 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-10 15:48 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-09-03 21:20 . 2012-09-03 21:20 1409 ----a-w- c:\windows\QTFont.for
2012-09-03 21:16 . 2012-09-03 21:16 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2012-09-03 21:16 . 2012-09-03 21:16 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2012-08-31 18:19 . 2012-10-10 15:49 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-08-30 18:03 . 2012-10-10 15:49 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-30 17:12 . 2012-10-10 15:49 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-08-30 17:12 . 2012-10-10 15:49 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-08-24 18:05 . 2012-10-10 15:48 220160 ----a-w- c:\windows\system32\wintrust.dll
2012-08-24 16:57 . 2012-10-10 15:48 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-08-22 18:12 . 2012-09-12 11:36 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-12 11:36 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 11:36 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 21:01 . 2012-09-26 14:38 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-08-20 18:48 . 2012-10-10 15:48 362496 ----a-w- c:\windows\system32\wow64win.dll
2012-08-20 18:48 . 2012-10-10 15:48 243200 ----a-w- c:\windows\system32\wow64.dll
2012-08-20 18:48 . 2012-10-10 15:48 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2012-08-20 18:48 . 2012-10-10 15:48 215040 ----a-w- c:\windows\system32\winsrv.dll
2012-08-20 18:48 . 2012-10-10 15:48 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2012-08-20 18:48 . 2012-10-10 15:48 424448 ----a-w- c:\windows\system32\KernelBase.dll
2012-08-20 18:48 . 2012-10-10 15:48 1162240 ----a-w- c:\windows\system32\kernel32.dll
2012-08-20 18:46 . 2012-10-10 15:48 338432 ----a-w- c:\windows\system32\conhost.exe
2012-08-20 18:38 . 2012-10-10 15:48 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-08-20 18:38 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-08-20 17:40 . 2012-10-10 15:48 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2012-08-20 17:38 . 2012-10-10 15:48 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-08-20 17:38 . 2012-10-10 15:48 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2012-08-20 17:37 . 2012-10-10 15:48 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2012-08-20 17:37 . 2012-10-10 15:48 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2012-08-20 17:32 . 2012-10-10 15:48 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:48 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:48 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:48 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:48 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:48 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:48 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:48 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:48 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:48 5120 ---ha-w- c:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:48 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:48 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:48 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
2012-08-20 17:32 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
2012-08-20 15:38 . 2012-10-10 15:48 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2012-08-20 15:38 . 2012-10-10 15:48 2048 ----a-w- c:\windows\SysWow64\user.exe
2012-08-20 15:33 . 2012-10-10 15:48 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 15:33 . 2012-10-10 15:48 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-08-20 15:33 . 2012-10-10 15:48 6144 ---ha-w- c:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-08-20 15:33 . 2012-10-10 15:48 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2006-05-03 09:06 163328 --sha-r- c:\windows\SysWOW64\flvDX.dll
2007-02-21 10:47 31232 --sha-r- c:\windows\SysWOW64\msfDX.dll
2008-03-16 12:30 216064 --sha-r- c:\windows\SysWOW64\nbDX.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
"DAEMON Tools Lite"="c:\programy\DAEMON Tools Lite\DTLite.exe" [2012-04-11 3672384]
"Infium"="c:\programy\QIP Infium\infium.exe" [2011-04-25 6848384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2011-06-20 5199984]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"UnlockerAssistant"="c:\programy\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2012-09-03 296096]
.
c:\users\Kremlickovi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Lingea Update Center.lnk - c:\program files (x86)\Common Files\Lingea Shared\luc.exe [2011-9-16 275736]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2012-10-22 113664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S1 AsrAppCharger;AsrAppCharger;c:\windows\system32\DRIVERS\AsrAppCharger.sys [2011-05-10 17192]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-08-02 283200]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2012-03-14 209768]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2012-03-14 148528]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2012-03-07 913144]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys [2012-03-14 137144]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-05-15 382272]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe [2011-06-14 27760]
S3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 29184]
S3 IesDrv;IesDrv;c:\windows\SysWOW64\Drivers\IesDrv.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2011-06-14 2159728]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2012-11-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-01 20:39]
.
2012-11-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4243971926-3072265572-2308968163-1000Core.job
- c:\users\Kremlickovi\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-02 14:35]
.
2012-11-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4243971926-3072265572-2308968163-1000UA.job
- c:\users\Kremlickovi\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-02 14:35]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2012-03-07 4081008]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.msn.com
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Kremlickovi\AppData\Roaming\Mozilla\Firefox\Profiles\fwa0hch3.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Adobe Photoshop 7.0 CE - c:\windows\ISUN0405.EXE
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2012-11-16 14:43:51
ComboFix-quarantined-files.txt 2012-11-16 13:43
ComboFix2.txt 2012-11-08 12:44
ComboFix3.txt 2012-11-13 09:15
ComboFix4.txt 2012-11-10 09:31
ComboFix5.txt 2012-11-16 13:34
.
Před spuštěním: 8 550 699 008
Po spuštění: 8 383 172 608
.
- - End Of File - - 688911965C11F3F679CE1A87D4061526

nevíte někdo co s tím? NOD nic nehláší a další programy také nic

Re: Po zapnutí PC nejde net - log z combofixu

Napsal: 16 lis 2012 21:31
od zoldak21
ještě log z RSIT:
Logfile of random's system information tool 1.09 (written by random/random)
Run by Kremlickovi at 2012-11-16 20:55:30
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 14 GB (11%) free of 120 GB
Total RAM: 4095 MB (28% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:27:50, on 16.11.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16455)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASRock Utility\IES\AsrIes.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Programy\QIP Infium\infium.exe
C:\Program Files (x86)\Common Files\Lingea Shared\luc.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Users\Kremlickovi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kremlickovi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kremlickovi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kremlickovi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kremlickovi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kremlickovi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Kremlickovi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Programy\All Free 3GP Video Converter\AllFree3GPVideoConverter.exe
C:\Users\Kremlickovi\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\Kremlickovi.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programy\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Programy\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Infium] "C:\Programy\QIP Infium\infium.exe" /isolated /autorun
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_287_Plugin.exe -update plugin
O4 - HKUS\S-1-5-21-4243971926-3072265572-2308968163-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-4243971926-3072265572-2308968163-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: Lingea Update Center.lnk = C:\Program Files (x86)\Common Files\Lingea Shared\luc.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O12 - Plugin for .spop: C:\Program Files (x86)\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {210D0CBC-8B17-48D1-B294-1A338DD2EB3A} (VatCtrl Class) - http://proxynet.mbudejovice.cz:3333/VatDec.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Programy\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10530 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4243971926-3072265572-2308968163-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4243971926-3072265572-2308968163-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Kremlickovi\AppData\Roaming\Mozilla\Firefox\Profiles\fwa0hch3.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz"

"{0153E448-190B-4987-BDE1-F256CADA672F}"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.4.402.287 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Programy\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Programy\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.1]
"Description"=
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14]
"Description"=RealJukebox Netscape Plugin
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14]
"Description"=RealPlayer Download Plugin
"Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Programy\VideoLAN\VLC\npvlc.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
quickstores@quickstores.de
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Programy\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-03-02 37808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
QuickStores-Toolbar - C:\Windows\system32\mscoree.dll [2010-11-21 297808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-09-03 426736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-07-05 453544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-07-05 157616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - QuickStores-Toolbar - C:\Windows\system32\mscoree.dll [2010-11-21 297808]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2011-06-20 5199984]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]
"UnlockerAssistant"=C:\Programy\Unlocker\UnlockerAssistant.exe [2010-07-04 17408]
"TkBellExe"=C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2012-09-03 296096]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-07-13 17418928]
"DAEMON Tools Lite"=C:\Programy\DAEMON Tools Lite\DTLite.exe [2012-04-11 3672384]
"Infium"=C:\Programy\QIP Infium\infium.exe [2011-04-25 6848384]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_4_402_287_Plugin.exe [2012-10-08 692152]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

C:\Users\Kremlickovi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Lingea Update Center.lnk - C:\Program Files (x86)\Common Files\Lingea Shared\luc.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWow64\webcheck.dll [2012-08-01 203776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=i420vfw.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll
"msacm.divxa32"=msaud32_divx.acm
"vidc.yv12"=yv12vfw.dll
"vidc.VP70"=vp7vfw.dll
"vidc.VP61"=vp6vfw.dll
"vidc.VP60"=vp6vfw.dll
"vidc.VP40"=vp4vfw.dll
"vidc.LAGS"=lagarith.dll
"vidc.CSCD"=camcodec.dll
"vidc.IPJ2"=jp2avi.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2012-11-16 20:55:32 ----D---- C:\Program Files (x86)\trend micro
2012-11-16 20:55:30 ----D---- C:\rsit
2012-11-16 15:53:18 ----SHD---- C:\$RECYCLE.BIN
2012-11-16 14:43:53 ----D---- C:\Windows\temp
2012-11-16 14:43:52 ----A---- C:\ComboFix.txt
2012-11-16 14:34:13 ----A---- C:\Windows\zip.exe
2012-11-16 14:34:13 ----A---- C:\Windows\SWSC.exe
2012-11-16 14:34:13 ----A---- C:\Windows\SWREG.exe
2012-11-16 14:34:13 ----A---- C:\Windows\sed.exe
2012-11-16 14:34:13 ----A---- C:\Windows\PEV.exe
2012-11-16 14:34:13 ----A---- C:\Windows\NIRCMD.exe
2012-11-16 14:34:13 ----A---- C:\Windows\MBR.exe
2012-11-16 14:34:13 ----A---- C:\Windows\grep.exe
2012-11-16 14:12:54 ----A---- C:\Windows\ntbtlog.txt
2012-11-15 00:02:40 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2012-11-15 00:02:38 ----A---- C:\Windows\SysWOW64\vbscript.dll
2012-11-15 00:02:38 ----A---- C:\Windows\SysWOW64\ieui.dll
2012-11-15 00:02:37 ----A---- C:\Windows\SysWOW64\url.dll
2012-11-15 00:02:37 ----A---- C:\Windows\SysWOW64\ieUnatt.exe
2012-11-15 00:02:36 ----A---- C:\Windows\SysWOW64\urlmon.dll
2012-11-15 00:02:33 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2012-11-15 00:02:32 ----A---- C:\Windows\SysWOW64\wininet.dll
2012-11-15 00:02:30 ----A---- C:\Windows\SysWOW64\jscript9.dll
2012-11-15 00:02:30 ----A---- C:\Windows\SysWOW64\jscript.dll
2012-11-15 00:02:28 ----A---- C:\Windows\SysWOW64\iertutil.dll
2012-11-15 00:02:27 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2012-11-15 00:02:21 ----A---- C:\Windows\SysWOW64\mshtml.dll
2012-11-15 00:02:14 ----A---- C:\Windows\SysWOW64\ieframe.dll
2012-11-14 19:59:38 ----A---- C:\Windows\SysWOW64\dhcpcsvc6.dll
2012-11-14 19:59:38 ----A---- C:\Windows\SysWOW64\dhcpcore6.dll
2012-11-14 19:59:30 ----A---- C:\Windows\SysWOW64\netcorehc.dll
2012-11-14 19:59:30 ----A---- C:\Windows\SysWOW64\ncsi.dll
2012-11-14 19:59:29 ----A---- C:\Windows\SysWOW64\nlaapi.dll
2012-11-14 19:59:29 ----A---- C:\Windows\SysWOW64\netevent.dll
2012-11-14 19:58:49 ----A---- C:\Windows\SysWOW64\synceng.dll
2012-11-08 13:43:58 ----D---- C:\ProgramData\Lavasoft
2012-11-08 13:43:01 ----D---- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2012-11-04 13:44:29 ----D---- C:\ProgramData\FLEXnet
2012-11-04 13:28:17 ----D---- C:\Program Files (x86)\Bonjour
2012-11-04 13:26:59 ----D---- C:\Program Files (x86)\Adobe
2012-11-04 13:25:36 ----D---- C:\Windows\SysWOW64\spool
2012-11-04 13:22:44 ----D---- C:\Program Files (x86)\Common Files\Macrovision Shared
2012-11-01 19:34:45 ----D---- C:\Users\Kremlickovi\AppData\Roaming\TeamViewer
2012-10-27 11:49:47 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2012-11-16 21:25:14 ----D---- C:\Users\Kremlickovi\AppData\Roaming\Skype
2012-11-16 20:55:32 ----RD---- C:\Program Files (x86)
2012-11-16 19:57:37 ----SHD---- C:\System Volume Information
2012-11-16 14:43:54 ----D---- C:\Qoobox
2012-11-16 14:43:53 ----D---- C:\Windows
2012-11-16 14:41:52 ----A---- C:\Windows\system.ini
2012-11-16 14:39:10 ----D---- C:\Windows\SysWOW64\drivers
2012-11-16 14:39:10 ----D---- C:\Windows\SysWOW64
2012-11-16 14:39:10 ----D---- C:\Windows\AppPatch
2012-11-16 14:39:09 ----D---- C:\Program Files (x86)\Common Files
2012-11-16 14:20:41 ----D---- C:\Windows\System32
2012-11-16 14:20:41 ----D---- C:\Windows\inf
2012-11-16 14:16:15 ----D---- C:\ProgramData\NVIDIA
2012-11-15 15:52:11 ----D---- C:\Windows\rescache
2012-11-15 15:51:33 ----D---- C:\Windows\Microsoft.NET
2012-11-15 15:51:32 ----RSD---- C:\Windows\assembly
2012-11-15 15:09:23 ----D---- C:\Users\Kremlickovi\AppData\Roaming\Farm Mania 2.1
2012-11-15 15:04:07 ----D---- C:\Windows\winsxs
2012-11-15 15:01:55 ----D---- C:\Windows\SysWOW64\cs-CZ
2012-11-15 15:01:52 ----D---- C:\Windows\SysWOW64\migration
2012-11-15 15:01:52 ----D---- C:\Program Files (x86)\Internet Explorer
2012-11-15 15:01:47 ----RSD---- C:\Windows\Fonts
2012-11-15 00:13:18 ----D---- C:\ProgramData\Microsoft Help
2012-11-14 23:58:26 ----A---- C:\Windows\win.ini
2012-11-13 16:10:24 ----D---- C:\Users\Kremlickovi\AppData\Roaming\vlc
2012-11-11 12:42:48 ----D---- C:\ProgramData\PMB Files
2012-11-09 10:46:58 ----D---- C:\Windows\erdnt
2012-11-08 21:28:21 ----D---- C:\Users\Kremlickovi\AppData\Roaming\Rovio
2012-11-08 13:44:38 ----SHD---- C:\Windows\Installer
2012-11-08 13:43:59 ----SD---- C:\Users\Kremlickovi\AppData\Roaming\Microsoft
2012-11-08 13:43:58 ----D---- C:\Programy
2012-11-08 13:43:58 ----D---- C:\ProgramData
2012-11-07 20:02:53 ----D---- C:\Windows\Prefetch
2012-11-06 12:11:06 ----D---- C:\Windows\Tasks
2012-11-06 12:10:13 ----D---- C:\Windows\registration
2012-11-06 12:10:06 ----D---- C:\ProgramData\Real
2012-11-05 22:35:27 ----D---- C:\Users\Kremlickovi\AppData\Roaming\Mumble
2012-11-04 13:51:49 ----D---- C:\Users\Kremlickovi\AppData\Roaming\Adobe
2012-11-04 13:28:41 ----D---- C:\ProgramData\Adobe
2012-11-04 13:28:15 ----D---- C:\Program Files (x86)\Common Files\Adobe
2012-10-31 19:30:59 ----D---- C:\Users\Kremlickovi\AppData\Roaming\Farm Mania 2
2012-10-29 17:12:01 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 nvstor64;nvstor64; C:\Windows\system32\DRIVERS\nvstor64.sys []
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2011-03-18 29592]
R1 AsrAppCharger;AsrAppCharger; C:\Windows\system32\DRIVERS\AsrAppCharger.sys []
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys []
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys []
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys []
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys []
R3 BthAvrcp;Bluetooth AVRCP Profile; C:\Windows\system32\DRIVERS\BthAvrcp.sys []
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys []
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys []
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys []
R3 IesDrv;IesDrv; \??\C:\Windows\SysWOW64\Drivers\IesDrv.sys []
R3 NVNET;NVIDIA nForce Ethernet Driver; C:\Windows\system32\DRIVERS\nvmf6264.sys []
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys []
S3 AF15BDA;AF9015 BDA Device; C:\Windows\system32\DRIVERS\AF15BDA.sys []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys []
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Ad-Aware 2007 Service; C:\Programy\Lavasoft\Ad-Aware 2007\aawservice.exe [2007-09-25 574808]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2012-03-07 913144]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-05-15 382272]
R2 VIAKaraokeService;VIA Karaoke digital mixer Service; C:\Windows\system32\viakaraokesrv.exe []
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-08 250808]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-11-04 654848]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-27 115168]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

Re: Po zapnutí PC nejde net - log z combofixu

Napsal: 17 lis 2012 07:59
od motji
Zdravím,
combofix nemůžete používat jako na běžícím pásu. Můžete si poškodit systém.
Prosím najděte ještě uplně první log z combofixu, ať vidím co smazal, a vložte ho zde.

Re: Po zapnutí PC nejde net - log z combofixu

Napsal: 18 lis 2012 17:25
od zoldak21
Vím, ale bohužel to bylo jediné, co pomáhalo.
Bohužel, ten úplně první log již asi nenajdu.

Re: Po zapnutí PC nejde net - log z combofixu

Napsal: 19 lis 2012 22:32
od motji
:arrow: Stáhněte TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe
- a uložte ho na plochu.
- 2x klikněte na ikonu programu a spusťte
- dejte volbu Spustit kontrolu - pak potvrdte start sken
- pokud program najde infikovaný soubor, ukáže se Vám předvolená akce Cure, v tom případě potvrdte tlačítko Continue
- pokud bude chtít program restartovat počítač, klikněte na tlačítko Reboot Now
- pokud si restart nevyžádá, klikněte na tlačítko Report. Měl vy na Vás vyskočit log, obsah logu zkopírujte do svého topicu.
- pokud se log nezobrazí, je uložený ve Vašem kořenovém adresáři.

Re: Po zapnutí PC nejde net - log z combofixu

Napsal: 19 lis 2012 23:00
od zoldak21
22:58:30.0531 7156 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
22:58:30.0775 7156 ============================================================
22:58:30.0775 7156 Current date / time: 2012/11/19 22:58:30.0775
22:58:30.0775 7156 SystemInfo:
22:58:30.0775 7156
22:58:30.0775 7156 OS Version: 6.1.7601 ServicePack: 1.0
22:58:30.0775 7156 Product type: Workstation
22:58:30.0775 7156 ComputerName: KREMLICKOVI-PC
22:58:30.0775 7156 UserName: Kremlickovi
22:58:30.0775 7156 Windows directory: C:\Windows
22:58:30.0775 7156 System windows directory: C:\Windows
22:58:30.0775 7156 Running under WOW64
22:58:30.0775 7156 Processor architecture: Intel x64
22:58:30.0775 7156 Number of processors: 3
22:58:30.0775 7156 Page size: 0x1000
22:58:30.0775 7156 Boot type: Normal boot
22:58:30.0775 7156 ============================================================
22:58:39.0913 7156 Drive \Device\Harddisk0\DR0 - Size: 0x1BF286DE00 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:58:39.0966 7156 Drive \Device\Harddisk1\DR1 - Size: 0x4A85C4DE00 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:58:39.0987 7156 ============================================================
22:58:39.0987 7156 \Device\Harddisk0\DR0:
22:58:39.0991 7156 MBR partitions:
22:58:39.0991 7156 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xDF8F8C1
22:58:39.0991 7156 \Device\Harddisk1\DR1:
22:58:40.0044 7156 MBR partitions:
22:58:40.0045 7156 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:58:40.0045 7156 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEA2E000
22:58:40.0063 7156 \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0xEA60981, BlocksNum 0x169C8E7F
22:58:40.0063 7156 ============================================================
22:58:40.0394 7156 C: <-> \Device\Harddisk1\DR1\Partition2
22:58:40.0433 7156 E: <-> \Device\Harddisk0\DR0\Partition1
22:58:40.0743 7156 D: <-> \Device\Harddisk1\DR1\Partition3
22:58:40.0743 7156 ============================================================
22:58:40.0743 7156 Initialize success
22:58:40.0743 7156 ============================================================
22:58:42.0827 6448 ============================================================
22:58:42.0827 6448 Scan started
22:58:42.0827 6448 Mode: Manual;
22:58:42.0827 6448 ============================================================
22:58:44.0089 6448 ================ Scan system memory ========================
22:58:44.0089 6448 System memory - ok
22:58:44.0089 6448 ================ Scan services =============================
22:58:44.0485 6448 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
22:58:44.0608 6448 1394ohci - ok
22:58:44.0769 6448 [ 377F0FE06DCD6BB3669F3E0FC4DF2511 ] aawservice C:\Programy\Lavasoft\Ad-Aware 2007\aawservice.exe
22:58:44.0788 6448 aawservice - ok
22:58:44.0831 6448 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:58:44.0862 6448 ACPI - ok
22:58:44.0891 6448 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
22:58:44.0948 6448 AcpiPmi - ok
22:58:45.0037 6448 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:58:45.0042 6448 AdobeFlashPlayerUpdateSvc - ok
22:58:45.0067 6448 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:58:45.0134 6448 adp94xx - ok
22:58:45.0169 6448 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:58:45.0251 6448 adpahci - ok
22:58:45.0301 6448 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:58:45.0341 6448 adpu320 - ok
22:58:45.0368 6448 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:58:45.0371 6448 AeLookupSvc - ok
22:58:45.0424 6448 [ 0517E1670A58213E3F206066CD209273 ] AF15BDA C:\Windows\system32\DRIVERS\AF15BDA.sys
22:58:45.0480 6448 AF15BDA - ok
22:58:45.0529 6448 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
22:58:45.0625 6448 AFD - ok
22:58:45.0661 6448 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:58:45.0725 6448 agp440 - ok
22:58:45.0744 6448 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
22:58:45.0779 6448 ALG - ok
22:58:45.0808 6448 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
22:58:45.0881 6448 aliide - ok
22:58:45.0899 6448 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
22:58:45.0940 6448 amdide - ok
22:58:45.0965 6448 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
22:58:46.0009 6448 AmdK8 - ok
22:58:46.0036 6448 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
22:58:46.0057 6448 AmdPPM - ok
22:58:46.0086 6448 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:58:46.0254 6448 amdsata - ok
22:58:46.0276 6448 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
22:58:46.0321 6448 amdsbs - ok
22:58:46.0340 6448 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:58:46.0361 6448 amdxata - ok
22:58:46.0399 6448 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
22:58:46.0445 6448 AppID - ok
22:58:46.0479 6448 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:58:46.0522 6448 AppIDSvc - ok
22:58:46.0559 6448 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
22:58:53.0323 6448 Appinfo - ok
22:58:53.0403 6448 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
22:58:53.0460 6448 arc - ok
22:58:53.0479 6448 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:58:53.0498 6448 arcsas - ok
22:58:53.0535 6448 [ E1AFEE1584C74050DE0DD16DE2A54BF3 ] AsrAppCharger C:\Windows\system32\DRIVERS\AsrAppCharger.sys
22:58:53.0592 6448 AsrAppCharger - ok
22:58:53.0610 6448 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:58:53.0664 6448 AsyncMac - ok
22:58:53.0689 6448 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
22:58:53.0690 6448 atapi - ok
22:58:53.0729 6448 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:58:53.0806 6448 AudioEndpointBuilder - ok
22:58:53.0829 6448 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
22:58:53.0835 6448 AudioSrv - ok
22:58:53.0930 6448 avast! Firewall - ok
22:58:53.0956 6448 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:58:53.0961 6448 AxInstSV - ok
22:58:53.0999 6448 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
22:58:54.0034 6448 b06bdrv - ok
22:58:54.0060 6448 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
22:58:54.0086 6448 b57nd60a - ok
22:58:54.0220 6448 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
22:58:54.0241 6448 BDESVC - ok
22:58:54.0269 6448 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
22:58:54.0300 6448 Beep - ok
22:58:54.0474 6448 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
22:58:54.0599 6448 BFE - ok
22:58:54.0681 6448 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
22:58:54.0874 6448 BITS - ok
22:58:54.0903 6448 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:58:54.0951 6448 blbdrive - ok
22:58:55.0016 6448 [ 73686FE0B2E0469F89FD2075BE724704 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
22:58:55.0021 6448 Bonjour Service - ok
22:58:55.0056 6448 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:58:55.0122 6448 bowser - ok
22:58:55.0155 6448 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
22:58:55.0160 6448 BrFiltLo - ok
22:58:55.0176 6448 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
22:58:55.0197 6448 BrFiltUp - ok
22:58:55.0215 6448 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
22:58:55.0252 6448 BridgeMP - ok
22:58:55.0283 6448 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
22:58:55.0309 6448 Browser - ok
22:58:55.0332 6448 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:58:55.0368 6448 Brserid - ok
22:58:55.0387 6448 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:58:55.0423 6448 BrSerWdm - ok
22:58:55.0434 6448 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:58:55.0510 6448 BrUsbMdm - ok
22:58:55.0528 6448 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:58:55.0556 6448 BrUsbSer - ok
22:58:55.0612 6448 [ 832B121E4532919CC49F2438F1DCAA21 ] BthAvrcp C:\Windows\system32\DRIVERS\BthAvrcp.sys
22:58:55.0656 6448 BthAvrcp - ok
22:58:55.0710 6448 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
22:58:55.0762 6448 BthEnum - ok
22:58:55.0783 6448 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
22:58:55.0809 6448 BTHMODEM - ok
22:58:55.0843 6448 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
22:58:55.0867 6448 BthPan - ok
22:58:55.0908 6448 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
22:58:55.0971 6448 BTHPORT - ok
22:58:56.0006 6448 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
22:58:56.0042 6448 bthserv - ok
22:58:56.0072 6448 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
22:58:56.0096 6448 BTHUSB - ok
22:58:56.0117 6448 catchme - ok
22:58:56.0153 6448 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:58:56.0170 6448 cdfs - ok
22:58:56.0203 6448 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:58:56.0349 6448 cdrom - ok
22:58:56.0393 6448 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
22:58:56.0410 6448 CertPropSvc - ok
22:58:56.0430 6448 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
22:58:56.0436 6448 circlass - ok
22:58:56.0460 6448 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
22:58:56.0571 6448 CLFS - ok
22:58:56.0640 6448 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:58:56.0678 6448 clr_optimization_v2.0.50727_32 - ok
22:58:56.0718 6448 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:58:56.0743 6448 clr_optimization_v2.0.50727_64 - ok
22:58:56.0817 6448 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:58:56.0826 6448 clr_optimization_v4.0.30319_32 - ok
22:58:56.0851 6448 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:58:56.0876 6448 clr_optimization_v4.0.30319_64 - ok
22:58:56.0894 6448 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
22:58:56.0916 6448 CmBatt - ok
22:58:56.0944 6448 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:58:56.0992 6448 cmdide - ok
22:58:57.0034 6448 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
22:58:57.0089 6448 CNG - ok
22:58:57.0105 6448 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
22:58:57.0140 6448 Compbatt - ok
22:58:57.0166 6448 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
22:58:57.0170 6448 CompositeBus - ok
22:58:57.0183 6448 COMSysApp - ok
22:58:57.0203 6448 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
22:58:57.0268 6448 crcdisk - ok
22:58:57.0310 6448 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:58:57.0319 6448 CryptSvc - ok
22:58:57.0352 6448 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:58:57.0379 6448 DcomLaunch - ok
22:58:57.0411 6448 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
22:58:57.0476 6448 defragsvc - ok
22:58:57.0496 6448 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:58:57.0523 6448 DfsC - ok
22:58:57.0555 6448 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
22:58:57.0592 6448 Dhcp - ok
22:58:57.0605 6448 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
22:58:57.0673 6448 discache - ok
22:58:57.0703 6448 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
22:58:57.0724 6448 Disk - ok
22:58:57.0749 6448 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:58:57.0755 6448 Dnscache - ok
22:58:57.0772 6448 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
22:58:57.0799 6448 dot3svc - ok
22:58:57.0834 6448 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
22:58:57.0840 6448 DPS - ok
22:58:57.0874 6448 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:58:57.0957 6448 drmkaud - ok
22:58:57.0998 6448 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
22:58:58.0027 6448 dtsoftbus01 - ok
22:58:58.0074 6448 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:58:58.0226 6448 DXGKrnl - ok
22:58:58.0258 6448 [ D00EAE9C735A7DEE8049E50D73D25434 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
22:58:58.0331 6448 eamonm - ok
22:58:58.0367 6448 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
22:58:58.0372 6448 EapHost - ok
22:58:58.0576 6448 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
22:58:58.0743 6448 ebdrv - ok
22:58:58.0769 6448 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
22:58:58.0783 6448 EFS - ok
22:58:58.0805 6448 [ E5EDDE3C8158DD0CBC5812F201DCDED0 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
22:58:58.0838 6448 ehdrv - ok
22:58:58.0885 6448 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:58:58.0923 6448 ehRecvr - ok
22:58:58.0943 6448 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
22:58:58.0948 6448 ehSched - ok
22:58:59.0004 6448 [ AD4FAADE819E0DA9933BEA7C01D2C763 ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
22:58:59.0016 6448 ekrn - ok
22:58:59.0056 6448 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
22:58:59.0079 6448 elxstor - ok
22:58:59.0124 6448 [ 3EBB7FD3C605262B942868A1D840F4F1 ] epfwwfpr C:\Windows\system32\DRIVERS\epfwwfpr.sys
22:58:59.0143 6448 epfwwfpr - ok
22:58:59.0171 6448 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:58:59.0209 6448 ErrDev - ok
22:58:59.0259 6448 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
22:58:59.0286 6448 EventSystem - ok
22:58:59.0325 6448 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
22:58:59.0371 6448 exfat - ok
22:58:59.0390 6448 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:58:59.0499 6448 fastfat - ok
22:58:59.0526 6448 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
22:58:59.0596 6448 Fax - ok
22:58:59.0627 6448 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
22:58:59.0700 6448 fdc - ok
22:58:59.0726 6448 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
22:58:59.0743 6448 fdPHost - ok
22:58:59.0765 6448 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
22:58:59.0782 6448 FDResPub - ok
22:58:59.0806 6448 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:58:59.0827 6448 FileInfo - ok
22:58:59.0847 6448 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:58:59.0903 6448 Filetrace - ok
22:58:59.0998 6448 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
22:59:00.0050 6448 FLEXnet Licensing Service - ok
22:59:00.0069 6448 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
22:59:00.0113 6448 flpydisk - ok
22:59:00.0177 6448 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:59:00.0277 6448 FltMgr - ok
22:59:00.0314 6448 [ B4447F606BB19FD8AD0BAFB59B90F5D9 ] FontCache C:\Windows\system32\FntCache.dll
22:59:00.0385 6448 FontCache - ok
22:59:00.0427 6448 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:59:00.0446 6448 FontCache3.0.0.0 - ok
22:59:00.0476 6448 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:59:00.0512 6448 FsDepends - ok
22:59:00.0539 6448 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:59:00.0567 6448 Fs_Rec - ok
22:59:00.0601 6448 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:59:00.0657 6448 fvevol - ok
22:59:00.0671 6448 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:59:00.0803 6448 gagp30kx - ok
22:59:00.0837 6448 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
22:59:00.0917 6448 gpsvc - ok
22:59:00.0974 6448 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
22:59:00.0980 6448 gusvc - ok
22:59:00.0995 6448 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:59:01.0022 6448 hcw85cir - ok
22:59:01.0062 6448 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:59:01.0088 6448 HdAudAddService - ok
22:59:01.0117 6448 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:59:01.0135 6448 HDAudBus - ok
22:59:01.0165 6448 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
22:59:01.0206 6448 HidBatt - ok
22:59:01.0220 6448 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
22:59:01.0267 6448 HidBth - ok
22:59:01.0282 6448 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
22:59:01.0381 6448 HidIr - ok
22:59:01.0409 6448 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
22:59:01.0428 6448 hidserv - ok
22:59:01.0470 6448 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:59:01.0521 6448 HidUsb - ok
22:59:01.0552 6448 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:59:01.0559 6448 hkmsvc - ok
22:59:01.0578 6448 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:59:01.0620 6448 HomeGroupListener - ok
22:59:01.0657 6448 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:59:01.0675 6448 HomeGroupProvider - ok
22:59:01.0699 6448 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:59:01.0706 6448 HpSAMD - ok
22:59:01.0751 6448 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:59:01.0849 6448 HTTP - ok
22:59:01.0861 6448 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:59:01.0915 6448 hwpolicy - ok
22:59:01.0933 6448 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
22:59:01.0957 6448 i8042prt - ok
22:59:01.0987 6448 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:59:02.0013 6448 iaStorV - ok
22:59:02.0075 6448 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:59:02.0126 6448 idsvc - ok
22:59:02.0244 6448 IesDrv - ok
22:59:02.0265 6448 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:59:02.0282 6448 iirsp - ok
22:59:02.0328 6448 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
22:59:02.0361 6448 IKEEXT - ok
22:59:02.0388 6448 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
22:59:02.0393 6448 intelide - ok
22:59:02.0420 6448 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
22:59:02.0456 6448 intelppm - ok
22:59:02.0479 6448 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:59:02.0484 6448 IPBusEnum - ok
22:59:02.0501 6448 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:59:02.0528 6448 IpFilterDriver - ok
22:59:02.0570 6448 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:59:02.0621 6448 iphlpsvc - ok
22:59:02.0643 6448 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
22:59:02.0651 6448 IPMIDRV - ok
22:59:02.0670 6448 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:59:02.0727 6448 IPNAT - ok
22:59:02.0755 6448 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:59:02.0765 6448 IRENUM - ok
22:59:02.0784 6448 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:59:02.0812 6448 isapnp - ok
22:59:02.0835 6448 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
22:59:02.0880 6448 iScsiPrt - ok
22:59:02.0906 6448 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:59:02.0925 6448 kbdclass - ok
22:59:02.0943 6448 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
22:59:02.0948 6448 kbdhid - ok
22:59:02.0958 6448 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
22:59:02.0961 6448 KeyIso - ok
22:59:02.0986 6448 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:59:02.0994 6448 KSecDD - ok
22:59:03.0009 6448 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:59:03.0036 6448 KSecPkg - ok
22:59:03.0057 6448 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:59:03.0084 6448 ksthunk - ok
22:59:03.0120 6448 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
22:59:03.0164 6448 KtmRm - ok
22:59:03.0187 6448 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
22:59:03.0202 6448 LanmanServer - ok
22:59:03.0219 6448 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:59:03.0240 6448 LanmanWorkstation - ok
22:59:03.0268 6448 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:59:03.0329 6448 lltdio - ok
22:59:03.0369 6448 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:59:03.0381 6448 lltdsvc - ok
22:59:03.0397 6448 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:59:03.0452 6448 lmhosts - ok
22:59:03.0488 6448 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
22:59:03.0537 6448 LSI_FC - ok
22:59:03.0565 6448 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:59:03.0603 6448 LSI_SAS - ok
22:59:03.0625 6448 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
22:59:03.0647 6448 LSI_SAS2 - ok
22:59:03.0670 6448 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:59:03.0690 6448 LSI_SCSI - ok
22:59:03.0717 6448 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
22:59:03.0723 6448 luafv - ok
22:59:03.0748 6448 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:59:03.0788 6448 Mcx2Svc - ok
22:59:03.0803 6448 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
22:59:03.0858 6448 megasas - ok
22:59:03.0901 6448 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
22:59:03.0940 6448 MegaSR - ok
22:59:04.0007 6448 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
22:59:04.0021 6448 Microsoft Office Groove Audit Service - ok
22:59:04.0052 6448 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
22:59:04.0056 6448 MMCSS - ok
22:59:04.0075 6448 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
22:59:04.0083 6448 Modem - ok
22:59:04.0111 6448 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:59:04.0149 6448 monitor - ok
22:59:04.0179 6448 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:59:04.0185 6448 mouclass - ok
22:59:04.0203 6448 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:59:04.0223 6448 mouhid - ok
22:59:04.0253 6448 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:59:04.0282 6448 mountmgr - ok
22:59:04.0296 6448 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
22:59:04.0317 6448 mpio - ok
22:59:04.0342 6448 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:59:04.0389 6448 mpsdrv - ok
22:59:04.0424 6448 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:59:04.0449 6448 MpsSvc - ok
22:59:04.0471 6448 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:59:04.0491 6448 MRxDAV - ok
22:59:04.0523 6448 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:59:04.0571 6448 mrxsmb - ok
22:59:04.0598 6448 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:59:04.0689 6448 mrxsmb10 - ok
22:59:04.0716 6448 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:59:04.0757 6448 mrxsmb20 - ok
22:59:04.0785 6448 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
22:59:04.0822 6448 msahci - ok
22:59:04.0845 6448 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:59:04.0880 6448 msdsm - ok
22:59:04.0894 6448 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
22:59:04.0900 6448 MSDTC - ok
22:59:04.0935 6448 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:59:04.0939 6448 Msfs - ok
22:59:04.0962 6448 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:59:04.0981 6448 mshidkmdf - ok
22:59:05.0016 6448 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:59:05.0041 6448 msisadrv - ok
22:59:05.0078 6448 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:59:05.0149 6448 MSiSCSI - ok
22:59:05.0157 6448 msiserver - ok
22:59:05.0213 6448 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:59:05.0252 6448 MSKSSRV - ok
22:59:05.0287 6448 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:59:05.0292 6448 MSPCLOCK - ok
22:59:05.0301 6448 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:59:05.0359 6448 MSPQM - ok
22:59:05.0385 6448 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:59:05.0428 6448 MsRPC - ok
22:59:05.0450 6448 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
22:59:05.0470 6448 mssmbios - ok
22:59:05.0478 6448 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:59:05.0484 6448 MSTEE - ok
22:59:05.0499 6448 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
22:59:05.0520 6448 MTConfig - ok
22:59:05.0548 6448 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
22:59:05.0602 6448 Mup - ok
22:59:05.0635 6448 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
22:59:05.0659 6448 napagent - ok
22:59:05.0690 6448 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:59:05.0745 6448 NativeWifiP - ok
22:59:05.0793 6448 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:59:05.0936 6448 NDIS - ok
22:59:05.0958 6448 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:59:06.0005 6448 NdisCap - ok
22:59:06.0034 6448 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:59:06.0058 6448 NdisTapi - ok
22:59:06.0098 6448 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:59:06.0150 6448 Ndisuio - ok
22:59:06.0166 6448 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:59:06.0235 6448 NdisWan - ok
22:59:06.0256 6448 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:59:06.0293 6448 NDProxy - ok
22:59:06.0311 6448 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:59:06.0346 6448 NetBIOS - ok
22:59:06.0367 6448 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:59:06.0402 6448 NetBT - ok
22:59:06.0431 6448 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
22:59:06.0434 6448 Netlogon - ok
22:59:06.0467 6448 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
22:59:06.0490 6448 Netman - ok
22:59:06.0514 6448 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
22:59:06.0535 6448 netprofm - ok
22:59:06.0557 6448 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:59:06.0561 6448 NetTcpPortSharing - ok
22:59:06.0582 6448 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:59:06.0624 6448 nfrd960 - ok
22:59:06.0666 6448 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:59:06.0674 6448 NlaSvc - ok
22:59:06.0690 6448 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:59:06.0710 6448 Npfs - ok
22:59:06.0720 6448 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
22:59:06.0739 6448 nsi - ok
22:59:06.0766 6448 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:59:06.0787 6448 nsiproxy - ok
22:59:06.0845 6448 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:59:06.0964 6448 Ntfs - ok
22:59:06.0983 6448 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
22:59:07.0007 6448 Null - ok
22:59:07.0048 6448 [ A85B4F2EF3A7304A5399EF0526423040 ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x64.sys
22:59:07.0126 6448 NVENETFD - ok
22:59:07.0362 6448 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:59:07.0662 6448 nvlddmkm - ok
22:59:07.0706 6448 [ 0AD267A4674805B61A5D7B911D2A978A ] NVNET C:\Windows\system32\DRIVERS\nvmf6264.sys
22:59:07.0727 6448 NVNET - ok
22:59:07.0769 6448 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:59:07.0807 6448 nvraid - ok
22:59:07.0832 6448 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:59:07.0904 6448 nvstor - ok
22:59:07.0947 6448 [ 662A129CEBB4C0B01F95612A7F6DCC9A ] nvstor64 C:\Windows\system32\DRIVERS\nvstor64.sys
22:59:07.0951 6448 nvstor64 - ok
22:59:08.0000 6448 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
22:59:08.0051 6448 nvsvc - ok
22:59:08.0110 6448 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
22:59:08.0186 6448 nvUpdatusService - ok
22:59:08.0234 6448 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:59:08.0273 6448 nv_agp - ok
22:59:08.0395 6448 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:59:08.0413 6448 odserv - ok
22:59:08.0434 6448 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:59:08.0483 6448 ohci1394 - ok
22:59:08.0530 6448 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:59:08.0550 6448 ose - ok
22:59:08.0593 6448 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:59:08.0669 6448 p2pimsvc - ok
22:59:08.0707 6448 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
22:59:08.0798 6448 p2psvc - ok
22:59:08.0821 6448 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
22:59:08.0858 6448 Parport - ok
22:59:08.0878 6448 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:59:08.0905 6448 partmgr - ok
22:59:08.0926 6448 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:59:08.0955 6448 PcaSvc - ok
22:59:08.0975 6448 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
22:59:09.0043 6448 pci - ok
22:59:09.0066 6448 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
22:59:09.0085 6448 pciide - ok
22:59:09.0107 6448 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
22:59:09.0137 6448 pcmcia - ok
22:59:09.0155 6448 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
22:59:09.0176 6448 pcw - ok
22:59:09.0205 6448 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:59:09.0254 6448 PEAUTH - ok
22:59:09.0289 6448 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:59:09.0293 6448 PerfHost - ok
22:59:09.0340 6448 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
22:59:09.0423 6448 pla - ok
22:59:09.0463 6448 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:59:09.0492 6448 PlugPlay - ok
22:59:09.0508 6448 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:59:09.0516 6448 PNRPAutoReg - ok
22:59:09.0543 6448 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:59:09.0550 6448 PNRPsvc - ok
22:59:09.0591 6448 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:59:09.0656 6448 PolicyAgent - ok
22:59:09.0683 6448 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
22:59:11.0974 6448 Power - ok
22:59:12.0011 6448 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:59:12.0087 6448 PptpMiniport - ok
22:59:12.0107 6448 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
22:59:12.0144 6448 Processor - ok
22:59:12.0198 6448 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
22:59:12.0242 6448 ProfSvc - ok
22:59:12.0261 6448 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:59:12.0265 6448 ProtectedStorage - ok
22:59:12.0342 6448 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:59:12.0395 6448 Psched - ok
22:59:12.0435 6448 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
22:59:12.0516 6448 ql2300 - ok
22:59:12.0538 6448 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
22:59:12.0545 6448 ql40xx - ok
22:59:12.0574 6448 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
22:59:12.0584 6448 QWAVE - ok
22:59:12.0596 6448 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:59:12.0617 6448 QWAVEdrv - ok
22:59:12.0626 6448 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:59:12.0648 6448 RasAcd - ok
22:59:12.0678 6448 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:59:12.0706 6448 RasAgileVpn - ok
22:59:12.0721 6448 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
22:59:12.0743 6448 RasAuto - ok
22:59:12.0770 6448 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:59:12.0811 6448 Rasl2tp - ok
22:59:12.0831 6448 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
22:59:12.0841 6448 RasMan - ok
22:59:12.0857 6448 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:59:12.0878 6448 RasPppoe - ok
22:59:12.0895 6448 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:59:12.0916 6448 RasSstp - ok
22:59:12.0939 6448 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:59:12.0948 6448 rdbss - ok
22:59:12.0961 6448 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
22:59:13.0002 6448 rdpbus - ok
22:59:13.0012 6448 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:59:13.0017 6448 RDPCDD - ok
22:59:13.0041 6448 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:59:13.0045 6448 RDPENCDD - ok
22:59:13.0063 6448 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:59:13.0067 6448 RDPREFMP - ok
22:59:13.0091 6448 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:59:13.0137 6448 RDPWD - ok
22:59:13.0165 6448 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:59:13.0176 6448 rdyboost - ok
22:59:13.0205 6448 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:59:13.0220 6448 RemoteAccess - ok
22:59:13.0247 6448 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:59:13.0272 6448 RemoteRegistry - ok
22:59:13.0319 6448 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
22:59:13.0340 6448 RFCOMM - ok
22:59:13.0365 6448 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:59:13.0372 6448 RpcEptMapper - ok
22:59:13.0392 6448 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
22:59:13.0397 6448 RpcLocator - ok
22:59:13.0424 6448 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
22:59:13.0430 6448 RpcSs - ok
22:59:13.0449 6448 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:59:13.0471 6448 rspndr - ok
22:59:13.0485 6448 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
22:59:13.0487 6448 SamSs - ok
22:59:13.0503 6448 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:59:13.0530 6448 sbp2port - ok
22:59:13.0551 6448 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:59:13.0578 6448 SCardSvr - ok
22:59:13.0602 6448 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:59:13.0629 6448 scfilter - ok
22:59:13.0658 6448 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
22:59:13.0691 6448 Schedule - ok
22:59:13.0715 6448 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
22:59:13.0717 6448 SCPolicySvc - ok
22:59:13.0733 6448 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:59:13.0756 6448 SDRSVC - ok
22:59:13.0786 6448 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:59:13.0823 6448 secdrv - ok
22:59:13.0847 6448 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
22:59:13.0882 6448 seclogon - ok
22:59:13.0898 6448 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
22:59:13.0907 6448 SENS - ok
22:59:13.0921 6448 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:59:13.0929 6448 SensrSvc - ok
22:59:13.0943 6448 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
22:59:13.0989 6448 Serenum - ok
22:59:14.0019 6448 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
22:59:14.0102 6448 Serial - ok
22:59:14.0115 6448 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
22:59:14.0138 6448 sermouse - ok
22:59:14.0163 6448 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
22:59:14.0185 6448 SessionEnv - ok
22:59:14.0211 6448 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:59:14.0276 6448 sffdisk - ok
22:59:14.0298 6448 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:59:14.0333 6448 sffp_mmc - ok
22:59:14.0354 6448 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:59:14.0372 6448 sffp_sd - ok
22:59:14.0400 6448 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
22:59:14.0427 6448 sfloppy - ok
22:59:14.0465 6448 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:59:14.0503 6448 SharedAccess - ok
22:59:14.0528 6448 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:59:14.0547 6448 ShellHWDetection - ok
22:59:14.0569 6448 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
22:59:14.0634 6448 SiSRaid2 - ok
22:59:14.0647 6448 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:59:14.0672 6448 SiSRaid4 - ok
22:59:14.0713 6448 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
22:59:14.0717 6448 SkypeUpdate - ok
22:59:14.0732 6448 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:59:14.0738 6448 Smb - ok
22:59:14.0767 6448 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:59:14.0792 6448 SNMPTRAP - ok
22:59:14.0824 6448 [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan C:\Windows\syswow64\speedfan.sys
22:59:14.0888 6448 speedfan - ok
22:59:14.0903 6448 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
22:59:14.0950 6448 spldr - ok
22:59:14.0986 6448 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
22:59:15.0048 6448 Spooler - ok
22:59:15.0135 6448 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
22:59:15.0290 6448 sppsvc - ok
22:59:15.0310 6448 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:59:15.0326 6448 sppuinotify - ok
22:59:15.0361 6448 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
22:59:15.0495 6448 srv - ok
22:59:15.0519 6448 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:59:15.0576 6448 srv2 - ok
22:59:15.0596 6448 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:59:15.0617 6448 srvnet - ok
22:59:15.0659 6448 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:59:15.0670 6448 SSDPSRV - ok
22:59:15.0685 6448 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:59:15.0692 6448 SstpSvc - ok
22:59:15.0740 6448 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
22:59:15.0746 6448 Stereo Service - ok
22:59:15.0785 6448 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
22:59:15.0810 6448 stexstor - ok
22:59:15.0852 6448 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
22:59:15.0916 6448 stisvc - ok
22:59:15.0935 6448 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
22:59:15.0970 6448 swenum - ok
22:59:15.0999 6448 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
22:59:16.0068 6448 swprv - ok
22:59:16.0121 6448 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
22:59:16.0224 6448 SysMain - ok
22:59:16.0247 6448 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:59:16.0286 6448 TabletInputService - ok
22:59:16.0317 6448 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:59:16.0343 6448 TapiSrv - ok
22:59:16.0358 6448 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
22:59:16.0366 6448 TBS - ok
22:59:16.0443 6448 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:59:16.0587 6448 Tcpip - ok
22:59:16.0654 6448 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:59:16.0668 6448 TCPIP6 - ok
22:59:16.0699 6448 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:59:16.0705 6448 tcpipreg - ok
22:59:16.0742 6448 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:59:16.0773 6448 TDPIPE - ok
22:59:16.0798 6448 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:59:16.0833 6448 TDTCP - ok
22:59:16.0872 6448 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:59:16.0907 6448 tdx - ok
22:59:16.0925 6448 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
22:59:16.0946 6448 TermDD - ok
22:59:16.0987 6448 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
22:59:17.0010 6448 TermService - ok
22:59:17.0031 6448 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
22:59:17.0036 6448 Themes - ok
22:59:17.0052 6448 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
22:59:17.0054 6448 THREADORDER - ok
22:59:17.0071 6448 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
22:59:17.0091 6448 TrkWks - ok
22:59:17.0143 6448 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:59:17.0186 6448 TrustedInstaller - ok
22:59:17.0211 6448 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:59:17.0228 6448 tssecsrv - ok
22:59:17.0250 6448 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:59:17.0342 6448 TsUsbFlt - ok
22:59:17.0371 6448 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
22:59:17.0376 6448 TsUsbGD - ok
22:59:17.0394 6448 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:59:17.0432 6448 tunnel - ok
22:59:17.0466 6448 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:59:17.0490 6448 uagp35 - ok
22:59:17.0511 6448 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:59:17.0531 6448 udfs - ok
22:59:17.0563 6448 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:59:17.0581 6448 UI0Detect - ok
22:59:17.0619 6448 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:59:17.0657 6448 uliagpkx - ok
22:59:17.0681 6448 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:59:17.0718 6448 umbus - ok
22:59:17.0737 6448 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
22:59:17.0767 6448 UmPass - ok
22:59:17.0791 6448 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
22:59:17.0834 6448 upnphost - ok
22:59:17.0862 6448 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:59:17.0912 6448 usbccgp - ok
22:59:17.0965 6448 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:59:17.0973 6448 usbcir - ok
22:59:17.0993 6448 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
22:59:18.0029 6448 usbehci - ok
22:59:18.0063 6448 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:59:18.0121 6448 usbhub - ok
22:59:18.0149 6448 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
22:59:18.0177 6448 usbohci - ok
22:59:18.0206 6448 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:59:18.0252 6448 usbprint - ok
22:59:18.0276 6448 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:59:18.0385 6448 USBSTOR - ok
22:59:18.0405 6448 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
22:59:18.0418 6448 usbuhci - ok
22:59:18.0440 6448 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
22:59:18.0446 6448 UxSms - ok
22:59:18.0457 6448 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
22:59:18.0460 6448 VaultSvc - ok
22:59:18.0489 6448 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:59:18.0526 6448 vdrvroot - ok
22:59:18.0551 6448 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
22:59:18.0601 6448 vds - ok
22:59:18.0622 6448 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:59:18.0639 6448 vga - ok
22:59:18.0664 6448 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
22:59:18.0713 6448 VgaSave - ok
22:59:18.0737 6448 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
22:59:18.0777 6448 vhdmp - ok
22:59:18.0842 6448 [ F41D49D99A12057841547FF4224FB580 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
22:59:18.0955 6448 VIAHdAudAddService - ok
22:59:18.0992 6448 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
22:59:19.0019 6448 viaide - ok
22:59:19.0047 6448 [ D60ED94BA878FEE30810FC17A798C290 ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
22:59:19.0075 6448 VIAKaraokeService - ok
22:59:19.0095 6448 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:59:19.0142 6448 volmgr - ok
22:59:19.0180 6448 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:59:19.0190 6448 volmgrx - ok
22:59:19.0237 6448 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:59:19.0339 6448 volsnap - ok
22:59:19.0393 6448 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:59:19.0434 6448 vsmraid - ok
22:59:19.0480 6448 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
22:59:19.0623 6448 VSS - ok
22:59:19.0639 6448 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
22:59:19.0680 6448 vwifibus - ok
22:59:19.0700 6448 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
22:59:19.0719 6448 W32Time - ok
22:59:19.0756 6448 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
22:59:19.0760 6448 WacomPen - ok
22:59:19.0778 6448 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:59:19.0800 6448 WANARP - ok
22:59:19.0818 6448 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:59:19.0821 6448 Wanarpv6 - ok
22:59:19.0864 6448 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
22:59:19.0938 6448 wbengine - ok
22:59:19.0960 6448 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:59:19.0987 6448 WbioSrvc - ok
22:59:20.0008 6448 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:59:20.0018 6448 wcncsvc - ok
22:59:20.0060 6448 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:59:20.0073 6448 WcsPlugInService - ok
22:59:20.0094 6448 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
22:59:20.0100 6448 Wd - ok
22:59:20.0144 6448 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:59:20.0244 6448 Wdf01000 - ok
22:59:20.0280 6448 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:59:20.0286 6448 WdiServiceHost - ok
22:59:20.0297 6448 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:59:20.0300 6448 WdiSystemHost - ok
22:59:20.0325 6448 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
22:59:20.0369 6448 WebClient - ok
22:59:20.0391 6448 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:59:20.0401 6448 Wecsvc - ok
22:59:20.0441 6448 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:59:20.0449 6448 wercplsupport - ok
22:59:20.0564 6448 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
22:59:20.0572 6448 WerSvc - ok
22:59:20.0618 6448 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:59:20.0693 6448 WfpLwf - ok
22:59:20.0715 6448 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:59:20.0751 6448 WIMMount - ok
22:59:20.0768 6448 WinDefend - ok
22:59:20.0779 6448 WinHttpAutoProxySvc - ok
22:59:20.0823 6448 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:59:20.0849 6448 Winmgmt - ok
22:59:20.0907 6448 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
22:59:21.0052 6448 WinRM - ok
22:59:21.0105 6448 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
22:59:21.0136 6448 Wlansvc - ok
22:59:21.0266 6448 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:59:21.0314 6448 wlidsvc - ok
22:59:21.0338 6448 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
22:59:21.0366 6448 WmiAcpi - ok
22:59:21.0410 6448 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:59:21.0431 6448 wmiApSrv - ok
22:59:21.0461 6448 WMPNetworkSvc - ok
22:59:21.0471 6448 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:59:21.0504 6448 WPCSvc - ok
22:59:21.0531 6448 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:59:21.0555 6448 WPDBusEnum - ok
22:59:21.0588 6448 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:59:21.0625 6448 ws2ifsl - ok
22:59:21.0655 6448 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
22:59:21.0665 6448 wscsvc - ok
22:59:21.0672 6448 WSearch - ok
22:59:21.0746 6448 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
22:59:21.0901 6448 wuauserv - ok
22:59:21.0941 6448 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:59:21.0975 6448 WudfPf - ok
22:59:22.0004 6448 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:59:22.0025 6448 WUDFRd - ok
22:59:22.0064 6448 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:59:22.0070 6448 wudfsvc - ok
22:59:22.0141 6448 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
22:59:22.0170 6448 WwanSvc - ok
22:59:22.0209 6448 ================ Scan global ===============================
22:59:22.0239 6448 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
22:59:22.0330 6448 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
22:59:22.0430 6448 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
22:59:22.0455 6448 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
22:59:22.0512 6448 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
22:59:22.0529 6448 [Global] - ok
22:59:22.0530 6448 ================ Scan MBR ==================================
22:59:22.0552 6448 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
22:59:22.0906 6448 \Device\Harddisk0\DR0 - ok
22:59:22.0924 6448 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
22:59:23.0397 6448 \Device\Harddisk1\DR1 - ok
22:59:23.0399 6448 ================ Scan VBR ==================================
22:59:23.0407 6448 [ 17825C08D6F828241EF4B070CCF60396 ] \Device\Harddisk0\DR0\Partition1
22:59:23.0411 6448 \Device\Harddisk0\DR0\Partition1 - ok
22:59:23.0423 6448 [ 1A99AC51C8395497A6C08B5420F98DD4 ] \Device\Harddisk1\DR1\Partition1
22:59:23.0427 6448 \Device\Harddisk1\DR1\Partition1 - ok
22:59:23.0437 6448 [ FDAC175890F99FEB48F8742DB0F79C21 ] \Device\Harddisk1\DR1\Partition2
22:59:23.0441 6448 \Device\Harddisk1\DR1\Partition2 - ok
22:59:23.0463 6448 [ 82C7A250F7D78B0A82AD1794788AB913 ] \Device\Harddisk1\DR1\Partition3
22:59:23.0465 6448 \Device\Harddisk1\DR1\Partition3 - ok
22:59:23.0465 6448 ============================================================
22:59:23.0465 6448 Scan finished
22:59:23.0465 6448 ============================================================
22:59:23.0478 4976 Detected object count: 0
22:59:23.0478 4976 Actual detected object count: 0

Re: Po zapnutí PC nejde net - log z combofixu

Napsal: 19 lis 2012 23:05
od motji
Mbr rootkita ani podobnou potvůrku nemáte. Momentálně to s pc vypadá jak?

Re: Po zapnutí PC nejde net - log z combofixu

Napsal: 19 lis 2012 23:10
od zoldak21
Po zapnutí dnes zase internet nešel, opět jediné co pomohlo byl combofix :/.
Ihned po zapnutí zapnuta kontrola NODem, nenašlo to nic.
Před asi 2 hodinami jsem zkusil vypnout NODa a nainstalovat Avasta. Jakmile jsem ho nainstaloval, přestal jít internet. Když jsem Avasta odinstaloval, zase internet naskočil.
Dnes tady potřebuji něco dodělat, ale jak budu PC zítra zapínat, chci zkusit nouzový režim s prací v síti, jestli půjde internet.

Re: Po zapnutí PC nejde net - log z combofixu

Napsal: 19 lis 2012 23:23
od motji
To je divné :?: . Různé antiviry neinstalujte, zbytečně si taháte do pc další drivery... Zkusíme na tu záhadu přijít.

:arrow: Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
savembr:0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

/md5start
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
hal.dll
logevent.dll
netlogon.dll
ntelogon.dll
scecli.dll
sceclt.dll
ws2_32.dll
autochk.exe
csrss.exe
explorer.exe
lsass.exe
services.exe
smss.exe
spoolsv.exe
svchost.exe
userinit.exe
winlogon.exe
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
cdrom.sys
Changer.sys
fastfat.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
mv61xx.sys
ndis.sys
ntfs.sys
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
symmpi.sys
tcpip.sys
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
/md5stop

C:\windows\system32\spool\prtprocs|dll;true;true;true /FP
%systemroot%\system32\drivers\*.sys /5
%systemroot%\system32\drivers\*.sys /X
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\*.* /5
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\config\*.sav
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\*.* /U /s
%systemroot%\*. /mp /s
%ALLUSERSPROFILE%\Data Aplikací\*.*
%ALLUSERSPROFILE%\Data Aplikací\*.exe /s
%ALLUSERSPROFILE%\Dáta aplikácií\*.*
%ALLUSERSPROFILE%\Dáta aplikácií\*.exe /s
%APPDATA%\*.
%APPDATA%\*.*
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe


HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /s
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\BITS /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager" /v BootExecute /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager" /v "PendingFileRenameOperations" /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde :)

Re: Po zapnutí PC nejde net - log z combofixu

Napsal: 20 lis 2012 15:06
od zoldak21
na logu se pracuje již, tak jen poznatek ze zapínání dnes:
zapnutí PC v nouzovém s prací v síti - internet normálně šel
restartoval jsem a nechal PC naběhnout normálně = net nešel
zapl jsem combofix a pak net naskočil, ihned potom jsem PC restartoval (nic jiného jsem nepouštěl od naběhnutí, jen combofix a po zapnutí netu se přihlásilo Skype, QIP atd) a po novém naběhnutí net zase nešel a pomohl zase až combofix

Re: Po zapnutí PC nejde net - log z combofixu

Napsal: 20 lis 2012 15:40
od motji
zabalte mi složku qoobox a někam upněte, třeba na www.leteckaposta.cz. Bohužel tu ted mco nebudu, mám pokažený pc :(

Re: Po zapnutí PC nejde net - log z combofixu

Napsal: 20 lis 2012 16:06
od zoldak21
http://leteckaposta.cz/111233578 tady je
ten log bude zachvíli, poprvé mi žádný nevyskočil nebo jsem ho omylem zavřel, tak jsem to pustil znovu :)

Re: Po zapnutí PC nejde net - log z combofixu

Napsal: 20 lis 2012 16:19
od zoldak21
logy jsou dlouhé, tak jsem je dal také na leteckoupostu
extras: http://leteckaposta.cz/902496838
otl: http://leteckaposta.cz/813668147

Re: Po zapnutí PC nejde net - log z combofixu

Napsal: 20 lis 2012 23:00
od motji
Počkejte, když zapnete combofix, restartuje se u něj pc?
Odkdy ten net nejde? Zkuste po startu vypnout qip a skype.

Re: Po zapnutí PC nejde net - log z combofixu

Napsal: 21 lis 2012 20:49
od zoldak21
Ne, proběhne combofix normálně. Pak net vždy jde. Jen jsem zkoušel, jestli mi to třeba nestahuje FireFox nebo něco. Tak jsem zkusil, že jsem nic nezapínal ale ihned po combofixu a naskočení jsem dal restart. Jestli net půjde nebo ne - nešel.
Jinak dnes po zapnutí PC internet normálně šel :). Přitom se s tím nic nedělalo :). Tak uvidíme, co zítra :).
Bude to tak 15 dní odhadem,přesně si již nevzpomenu :(.
Všechny časy jsou v UTC+01:00
Stránka 1 z 5

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz