RogueKiller - jak pokračovat dále? - kontrola logu

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

RitterQa
Level 1.5
Level 1.5
Příspěvky: 136
Registrován: prosinec 12
Pohlaví: Žena
Stav:
Offline

RogueKiller - jak pokračovat dále? - kontrola logu

Příspěvekod RitterQa » 26 led 2013 18:17

Dnes se mi objevil na notebooku vir - oznámení PČR, na jedné stránce radili pustit tento program, který vir najde a zničí. Program skutečně něco našel, ale nevím jak mám postupovat dále.
Přílohy
55555.jpg
Naposledy upravil(a) RitterQa dne 27 led 2013 18:43, celkem upraveno 1 x.

Reklama
Uživatelský avatar
Orcus
člen Security týmu
Elite Level 10.5
Elite Level 10.5
Příspěvky: 10645
Registrován: duben 10
Bydliště: Okolo rostou 3 růže =o)
Pohlaví: Muž
Stav:
Offline

Re: RogueKiller - jak pojračovat dále?

Příspěvekod Orcus » 26 led 2013 18:25

Láska hřeje, ale uhlí je uhlí. :fire:



Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.

Pár rad k bezpečnosti PC.

Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix

Pokud budete spokojeni , můžete podpořit naše fórum.

RitterQa
Level 1.5
Level 1.5
Příspěvky: 136
Registrován: prosinec 12
Pohlaví: Žena
Stav:
Offline

Re: RogueKiller - jak pojračovat dále?

Příspěvekod RitterQa » 26 led 2013 18:29

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:28:15, on 26.1.2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Windows\PLFSetI.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\AVG Secure Search\ROC_JAN2013_TB.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\Lucka\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t58m1w751
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://isearch.avg.com/?cid={63F8C084-66D7-4B46-ACC2-79B62859039F}&mid=90f5e1ddfd2747d09aa4d16f6bbadb10-91db13d564798313031c481a27efce12950e2530&lang=cs&ds=gm011&pr=sa&d=2012-07-11 07:50:42&v=11.1.1.7&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t58m1w751
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t58m1w751
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
R3 - URLSearchHook: (no name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.0.2.14\AVG Secure Search_toolbar.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - (no file)
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.0.2.14\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MediaGet2] C:\Users\Lucka\AppData\Local\MediaGet2\mediaget.exe --minimized
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [ROC_JAN2013_TB] "C:\Program Files (x86)\AVG Secure Search\ROC_JAN2013_TB.exe" /PROMPT /CMPID=JAN2013_TB
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_Plugin.exe -update plugin
O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://software.kuaiche.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{B375193A-ADC3-4D55-978A-C42B9CD3CEFD}: NameServer = 62.129.50.20,85.135.32.100
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.0.1\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater14.0.1 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14286 bytes

Uživatelský avatar
Orcus
člen Security týmu
Elite Level 10.5
Elite Level 10.5
Příspěvky: 10645
Registrován: duben 10
Bydliště: Okolo rostou 3 růže =o)
Pohlaví: Muž
Stav:
Offline

Re: RogueKiller - jak pojračovat dále?

Příspěvekod Orcus » 26 led 2013 18:46

Odinstaluj:
AVG Security Toolbar
Bing Bar

Fixni:

Kód: Vybrat vše

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t58m1w751
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://isearch.avg.com/?cid={63F8C084-66D7-4B46-ACC2-79B62859039F}&mid=90f5e1ddfd2747d09aa4d16f6bbadb10-91db13d564798313031c481a27efce12950e2530&lang=cs&ds=gm011&pr=sa&d=2012-07-11 07:50:42&v=11.1.1.7&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t58m1w751
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACA ... 5t58m1w751
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file)
R3 - URLSearchHook: (no name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.0.2.14\AVG Secure Search_toolbar.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - (no file)
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.0.2.14\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [ROC_JAN2013_TB] "C:\Program Files (x86)\AVG Secure Search\ROC_JAN2013_TB.exe" /PROMPT /CMPID=JAN2013_TB
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_Plugin.exe -update plugin

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.

===================================================

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Provést rychlý sken a klikni na tlačítko Skenovat
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Zobrazit výsledky
- pak zvol možnost uložit log a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.
Láska hřeje, ale uhlí je uhlí. :fire:



Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.

Pár rad k bezpečnosti PC.

Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix

Pokud budete spokojeni , můžete podpořit naše fórum.

RitterQa
Level 1.5
Level 1.5
Příspěvky: 136
Registrován: prosinec 12
Pohlaví: Žena
Stav:
Offline

Re: RogueKiller - jak pojračovat dále?

Příspěvekod RitterQa » 26 led 2013 19:00

To co nefixnu se mi smaže?

EDIT: už jsem pochopila, že co fixnu tak smažu :)

Uživatelský avatar
Pic
Moderátor
Guru Level 13
Guru Level 13
Příspěvky: 23292
Registrován: září 06
Bydliště: Východní Čechy
Pohlaví: Muž
Stav:
Offline

Re: RogueKiller - jak pojračovat dále?

Příspěvekod Pic » 26 led 2013 19:21

Smaže se to co fixneš!
Přečti si pravidla tohoto fóra! Přečetl jsi si nejprve manuál? Piš tak, abychom Ti rozuměli! Na SZ neodpovídám na požadavky řešení Vašich problémů s PC!
Nic není dokonalé, ani člověk!

RitterQa
Level 1.5
Level 1.5
Příspěvky: 136
Registrován: prosinec 12
Pohlaví: Žena
Stav:
Offline

Re: RogueKiller - jak pojračovat dále?

Příspěvekod RitterQa » 26 led 2013 19:28

Už vím :D, přečetla jsem si to v tom programu - předtím jsem si toho nevšimla.
Já totiž mám za to, že když něco fixuji tak to zachovávám :)

RitterQa
Level 1.5
Level 1.5
Příspěvky: 136
Registrován: prosinec 12
Pohlaví: Žena
Stav:
Offline

Re: RogueKiller - jak pojračovat dále?

Příspěvekod RitterQa » 26 led 2013 19:33

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.70.0.1100
www.malwarebytes.org

Verze: v2013.01.26.09

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Lucka :: LUCKA-PC [administrátor]

Ochrana: Povolena

26.1.2013 19:27:21
MBAM-log-2013-01-26 (19-32-46).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 217619
Uplynulý čas: 4 minut, 50 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 1
C:\ProgramData\96640227 (Rogue.Multiple) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 5
C:\Users\Lucka\wgsdgsdgdsgsd.exe (Trojan.FakeMS) -> Nebyla provedena žádná instrukce.
C:\ProgramData\dsgsdgdsgdsgw.bat (Exploit.Drop.GSA) -> Nebyla provedena žádná instrukce.
C:\ProgramData\dsgsdgdsgdsgw.pad (Exploit.Drop.GSA) -> Nebyla provedena žádná instrukce.
C:\ProgramData\dsgsdgdsgdsgw.reg (Exploit.Drop.GSA) -> Nebyla provedena žádná instrukce.
C:\Users\Public\Desktop\MP3 Downloader.lnk (Rogue.Link) -> Nebyla provedena žádná instrukce.

(konec)

Uživatelský avatar
Orcus
člen Security týmu
Elite Level 10.5
Elite Level 10.5
Příspěvky: 10645
Registrován: duben 10
Bydliště: Okolo rostou 3 růže =o)
Pohlaví: Muž
Stav:
Offline

Re: RogueKiller - jak pojračovat dále?

Příspěvekod Orcus » 26 led 2013 20:27

Znovu spusť MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- ujistit se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Remove Selected
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit

====================================================

Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

====================================================

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je označen pro odstranění, stačí restartovat počítač.

Pokud budou problémy , spusť v nouz. režimu.
Láska hřeje, ale uhlí je uhlí. :fire:



Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.

Pár rad k bezpečnosti PC.

Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a Diallix

Pokud budete spokojeni , můžete podpořit naše fórum.

Uživatelský avatar
Damned
Tvůrce článků
Master Level 9
Master Level 9
Příspěvky: 8353
Registrován: prosinec 06
Bydliště: Rokycany
Pohlaví: Muž
Stav:
Offline
Kontakt:

Re: RogueKiller - jak pojračovat dále?

Příspěvekod Damned » 26 led 2013 20:35

Zajímala by mne ta hodnota DNS, protože 62.129.50.20 je nějakej PODA (ns1.poda.cz). Navíc se ti tam mlátí AVG Security Search a WebRep
Nic není nemožné, proto tam, kde jsme s rozumem v koncích, neváháme použít kladivo.
Chceš-li vědět, co je nového, podívej se do starých knih.
Damnedovy češtiny - překlady programů pro údržbu PC
HiJackThis 2+návod FCleaner+čeština Wise Registry Cleaner

RitterQa
Level 1.5
Level 1.5
Příspěvky: 136
Registrován: prosinec 12
Pohlaví: Žena
Stav:
Offline

Re: RogueKiller - jak pojračovat dále?

Příspěvekod RitterQa » 26 led 2013 21:13

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.70.0.1100
www.malwarebytes.org

Verze: v2013.01.26.09

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Lucka :: LUCKA-PC [administrátor]

Ochrana: Povolena

26.1.2013 21:07:31
mbam-log-2013-01-26 (21-07-31).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 217606
Uplynulý čas: 4 minut, 34 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 1
C:\ProgramData\96640227 (Rogue.Multiple) -> Přesun do karantény a smazání se zdařilo.

Nalezené soubory: 5
C:\Users\Lucka\wgsdgsdgdsgsd.exe (Trojan.FakeMS) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\dsgsdgdsgdsgw.bat (Exploit.Drop.GSA) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\dsgsdgdsgdsgw.pad (Exploit.Drop.GSA) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\dsgsdgdsgdsgw.reg (Exploit.Drop.GSA) -> Přesun do karantény a smazání se zdařilo.
C:\Users\Public\Desktop\MP3 Downloader.lnk (Rogue.Link) -> Přesun do karantény a smazání se zdařilo.

(konec)

RitterQa
Level 1.5
Level 1.5
Příspěvky: 136
Registrován: prosinec 12
Pohlaví: Žena
Stav:
Offline

Re: RogueKiller - jak pojračovat dále?

Příspěvekod RitterQa » 26 led 2013 21:25

21:19:50.0153 3504 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
21:19:50.0325 3504 ============================================================
21:19:50.0325 3504 Current date / time: 2013/01/26 21:19:50.0325
21:19:50.0325 3504 SystemInfo:
21:19:50.0325 3504
21:19:50.0325 3504 OS Version: 6.1.7600 ServicePack: 0.0
21:19:50.0325 3504 Product type: Workstation
21:19:50.0325 3504 ComputerName: LUCKA-PC
21:19:50.0325 3504 UserName: Lucka
21:19:50.0325 3504 Windows directory: C:\Windows
21:19:50.0325 3504 System windows directory: C:\Windows
21:19:50.0325 3504 Running under WOW64
21:19:50.0325 3504 Processor architecture: Intel x64
21:19:50.0325 3504 Number of processors: 2
21:19:50.0325 3504 Page size: 0x1000
21:19:50.0325 3504 Boot type: Normal boot
21:19:50.0325 3504 ============================================================
21:19:50.0887 3504 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:19:50.0887 3504 ============================================================
21:19:50.0887 3504 \Device\Harddisk0\DR0:
21:19:50.0887 3504 MBR partitions:
21:19:50.0887 3504 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1964800, BlocksNum 0x32000
21:19:50.0887 3504 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1996800, BlocksNum 0x23A97AB0
21:19:50.0887 3504 ============================================================
21:19:50.0934 3504 C: <-> \Device\Harddisk0\DR0\Partition2
21:19:50.0934 3504 ============================================================
21:19:50.0934 3504 Initialize success
21:19:50.0934 3504 ============================================================
21:19:53.0164 2664 ============================================================
21:19:53.0164 2664 Scan started
21:19:53.0164 2664 Mode: Manual;
21:19:53.0164 2664 ============================================================
21:19:53.0742 2664 ================ Scan system memory ========================
21:19:53.0742 2664 System memory - ok
21:19:53.0742 2664 ================ Scan services =============================
21:19:53.0976 2664 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
21:19:53.0976 2664 1394ohci - ok
21:19:54.0116 2664 [ A3769020F7E8A70FD3E824C050F33306 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
21:19:54.0116 2664 acedrv11 - ok
21:19:54.0163 2664 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
21:19:54.0178 2664 ACPI - ok
21:19:54.0194 2664 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
21:19:54.0210 2664 AcpiPmi - ok
21:19:54.0288 2664 [ 8B46D5A1D3EF08232C04D0EAFB871FB2 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
21:19:54.0288 2664 Adobe LM Service - ok
21:19:54.0490 2664 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
21:19:54.0506 2664 adp94xx - ok
21:19:54.0662 2664 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
21:19:54.0678 2664 adpahci - ok
21:19:54.0709 2664 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
21:19:54.0709 2664 adpu320 - ok
21:19:54.0740 2664 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:19:54.0756 2664 AeLookupSvc - ok
21:19:54.0912 2664 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
21:19:54.0927 2664 AFD - ok
21:19:55.0068 2664 [ B65F8DBA54F251906BBE8611B5A0E7AB ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
21:19:55.0068 2664 AgereModemAudio - ok
21:19:55.0192 2664 [ AF4748EF93416159459769A24A0053AF ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
21:19:55.0224 2664 AgereSoftModem - ok
21:19:55.0286 2664 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
21:19:55.0286 2664 agp440 - ok
21:19:55.0348 2664 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
21:19:55.0348 2664 ALG - ok
21:19:55.0395 2664 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
21:19:55.0395 2664 aliide - ok
21:19:55.0411 2664 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
21:19:55.0411 2664 amdide - ok
21:19:55.0442 2664 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
21:19:55.0458 2664 AmdK8 - ok
21:19:55.0458 2664 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
21:19:55.0458 2664 AmdPPM - ok
21:19:55.0504 2664 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:19:55.0504 2664 amdsata - ok
21:19:55.0520 2664 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
21:19:55.0536 2664 amdsbs - ok
21:19:55.0551 2664 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:19:55.0551 2664 amdxata - ok
21:19:55.0582 2664 [ 9815014F3E30357168DA272088C6F12F ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
21:19:55.0598 2664 ApfiltrService - ok
21:19:55.0660 2664 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
21:19:55.0660 2664 AppID - ok
21:19:55.0692 2664 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:19:55.0707 2664 AppIDSvc - ok
21:19:55.0754 2664 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
21:19:55.0754 2664 Appinfo - ok
21:19:55.0816 2664 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:19:55.0816 2664 Apple Mobile Device - ok
21:19:55.0863 2664 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
21:19:55.0863 2664 arc - ok
21:19:55.0879 2664 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
21:19:55.0879 2664 arcsas - ok
21:19:55.0941 2664 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
21:19:55.0941 2664 aswFsBlk - ok
21:19:55.0972 2664 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
21:19:55.0972 2664 aswMonFlt - ok
21:19:56.0066 2664 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
21:19:56.0066 2664 aswRdr - ok
21:19:56.0128 2664 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
21:19:56.0175 2664 aswSnx - ok
21:19:56.0238 2664 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
21:19:56.0253 2664 aswSP - ok
21:19:56.0284 2664 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
21:19:56.0284 2664 aswTdi - ok
21:19:56.0331 2664 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:19:56.0331 2664 AsyncMac - ok
21:19:56.0362 2664 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
21:19:56.0362 2664 atapi - ok
21:19:56.0440 2664 [ 5D4529AC4156E16BEDB01441AE0CF984 ] athr C:\Windows\system32\DRIVERS\athrx.sys
21:19:56.0487 2664 athr - ok
21:19:56.0565 2664 [ B4BDE3F758A34658A37DFED3D9783CD8 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
21:19:56.0565 2664 atksgt - ok
21:19:56.0674 2664 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:19:56.0690 2664 AudioEndpointBuilder - ok
21:19:56.0706 2664 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:19:56.0706 2664 AudioSrv - ok
21:19:56.0799 2664 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:19:56.0799 2664 avast! Antivirus - ok
21:19:56.0830 2664 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:19:56.0830 2664 AxInstSV - ok
21:19:56.0893 2664 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
21:19:56.0908 2664 b06bdrv - ok
21:19:56.0955 2664 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:19:56.0955 2664 b57nd60a - ok
21:19:57.0018 2664 [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
21:19:57.0064 2664 BCM43XX - ok
21:19:57.0096 2664 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
21:19:57.0111 2664 BDESVC - ok
21:19:57.0142 2664 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
21:19:57.0142 2664 Beep - ok
21:19:57.0205 2664 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
21:19:57.0220 2664 BFE - ok
21:19:57.0283 2664 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
21:19:57.0330 2664 BITS - ok
21:19:57.0423 2664 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:19:57.0423 2664 blbdrive - ok
21:19:57.0532 2664 [ F2060A34C8A75BC24A9222EB4F8C07BD ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
21:19:57.0532 2664 Bonjour Service - ok
21:19:57.0564 2664 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:19:57.0579 2664 bowser - ok
21:19:57.0642 2664 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:19:57.0657 2664 BrFiltLo - ok
21:19:57.0657 2664 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:19:57.0657 2664 BrFiltUp - ok
21:19:57.0704 2664 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
21:19:57.0704 2664 Browser - ok
21:19:57.0751 2664 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:19:57.0766 2664 Brserid - ok
21:19:57.0766 2664 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:19:57.0766 2664 BrSerWdm - ok
21:19:57.0798 2664 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:19:57.0798 2664 BrUsbMdm - ok
21:19:57.0798 2664 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:19:57.0813 2664 BrUsbSer - ok
21:19:57.0876 2664 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
21:19:57.0876 2664 BthEnum - ok
21:19:57.0891 2664 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
21:19:57.0891 2664 BTHMODEM - ok
21:19:57.0938 2664 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
21:19:57.0954 2664 BthPan - ok
21:19:58.0016 2664 [ D59773C7FDD3D795D6FE402EEEA8D71E ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
21:19:58.0032 2664 BTHPORT - ok
21:19:58.0094 2664 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
21:19:58.0094 2664 bthserv - ok
21:19:58.0156 2664 [ 8504842634DD144C075B6B0C982CCEC4 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
21:19:58.0156 2664 BTHUSB - ok
21:19:58.0203 2664 [ 6BCFDC2B5B7F66D484486D4BD4B39A6B ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
21:19:58.0203 2664 btwaudio - ok
21:19:58.0234 2664 [ 82DC8B7C626E526681C1BEBED2BC3FF9 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
21:19:58.0250 2664 btwavdt - ok
21:19:58.0328 2664 [ 9B3BD0ECD82CC08409C55A36D8F56B93 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
21:19:58.0328 2664 btwdins - ok
21:19:58.0375 2664 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
21:19:58.0375 2664 btwl2cap - ok
21:19:58.0422 2664 [ 28E105AD3B79F440BF94780F507BF66A ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
21:19:58.0422 2664 btwrchid - ok
21:19:58.0453 2664 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:19:58.0453 2664 cdfs - ok
21:19:58.0500 2664 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:19:58.0500 2664 cdrom - ok
21:19:58.0531 2664 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
21:19:58.0531 2664 CertPropSvc - ok
21:19:58.0593 2664 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
21:19:58.0593 2664 circlass - ok
21:19:58.0656 2664 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
21:19:58.0671 2664 CLFS - ok
21:19:58.0765 2664 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:19:58.0765 2664 clr_optimization_v2.0.50727_32 - ok
21:19:58.0843 2664 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:19:58.0843 2664 clr_optimization_v2.0.50727_64 - ok
21:19:58.0936 2664 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:19:58.0968 2664 clr_optimization_v4.0.30319_32 - ok
21:19:59.0014 2664 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:19:59.0014 2664 clr_optimization_v4.0.30319_64 - ok
21:19:59.0061 2664 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
21:19:59.0077 2664 CmBatt - ok
21:19:59.0077 2664 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
21:19:59.0077 2664 cmdide - ok
21:19:59.0108 2664 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
21:19:59.0124 2664 CNG - ok
21:19:59.0155 2664 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
21:19:59.0155 2664 Compbatt - ok
21:19:59.0186 2664 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
21:19:59.0186 2664 CompositeBus - ok
21:19:59.0202 2664 COMSysApp - ok
21:19:59.0217 2664 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
21:19:59.0233 2664 crcdisk - ok
21:19:59.0280 2664 [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:19:59.0280 2664 CryptSvc - ok
21:19:59.0311 2664 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:19:59.0342 2664 DcomLaunch - ok
21:19:59.0373 2664 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
21:19:59.0389 2664 defragsvc - ok
21:19:59.0436 2664 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:19:59.0436 2664 DfsC - ok
21:19:59.0482 2664 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
21:19:59.0498 2664 Dhcp - ok
21:19:59.0529 2664 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
21:19:59.0529 2664 discache - ok
21:19:59.0560 2664 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
21:19:59.0560 2664 Disk - ok
21:19:59.0685 2664 [ D5BCB77BE83CF99F508943945D46343D ] DKbFltr C:\Windows\syswow64\Drivers\DKbFltr.sys
21:19:59.0685 2664 DKbFltr - ok
21:19:59.0732 2664 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:19:59.0748 2664 Dnscache - ok
21:19:59.0841 2664 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
21:19:59.0841 2664 dot3svc - ok
21:19:59.0872 2664 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
21:19:59.0872 2664 DPS - ok
21:19:59.0919 2664 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:19:59.0919 2664 drmkaud - ok
21:19:59.0997 2664 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:20:00.0028 2664 DXGKrnl - ok
21:20:00.0075 2664 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
21:20:00.0075 2664 EapHost - ok
21:20:00.0184 2664 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
21:20:00.0278 2664 ebdrv - ok
21:20:00.0325 2664 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
21:20:00.0325 2664 EFS - ok
21:20:00.0387 2664 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:20:00.0418 2664 ehRecvr - ok
21:20:00.0450 2664 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
21:20:00.0465 2664 ehSched - ok
21:20:00.0512 2664 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
21:20:00.0528 2664 elxstor - ok
21:20:00.0621 2664 [ 7C35C6865957289D9EFE6CC73F4AB2E1 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
21:20:00.0621 2664 ePowerSvc - ok
21:20:00.0637 2664 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
21:20:00.0637 2664 ErrDev - ok
21:20:00.0699 2664 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
21:20:00.0699 2664 EventSystem - ok
21:20:00.0715 2664 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
21:20:00.0715 2664 exfat - ok
21:20:00.0762 2664 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:20:00.0762 2664 fastfat - ok
21:20:00.0793 2664 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
21:20:00.0824 2664 Fax - ok
21:20:00.0855 2664 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
21:20:00.0855 2664 fdc - ok
21:20:00.0871 2664 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
21:20:00.0871 2664 fdPHost - ok
21:20:00.0886 2664 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
21:20:00.0886 2664 FDResPub - ok
21:20:00.0918 2664 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:20:00.0918 2664 FileInfo - ok
21:20:00.0933 2664 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:20:00.0933 2664 Filetrace - ok
21:20:00.0980 2664 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
21:20:00.0980 2664 flpydisk - ok
21:20:00.0996 2664 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:20:01.0011 2664 FltMgr - ok
21:20:01.0074 2664 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\Windows\system32\FntCache.dll
21:20:01.0105 2664 FontCache - ok
21:20:01.0152 2664 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:20:01.0152 2664 FontCache3.0.0.0 - ok
21:20:01.0198 2664 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:20:01.0198 2664 FsDepends - ok
21:20:01.0261 2664 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
21:20:01.0261 2664 fssfltr - ok
21:20:01.0432 2664 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
21:20:01.0479 2664 fsssvc - ok
21:20:01.0526 2664 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:20:01.0526 2664 Fs_Rec - ok
21:20:01.0588 2664 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:20:01.0588 2664 fvevol - ok
21:20:01.0651 2664 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
21:20:01.0651 2664 gagp30kx - ok
21:20:01.0713 2664 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
21:20:01.0760 2664 gpsvc - ok
21:20:01.0869 2664 [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
21:20:01.0869 2664 Greg_Service - ok
21:20:01.0963 2664 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:20:01.0963 2664 gupdate - ok
21:20:02.0010 2664 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:20:02.0010 2664 gupdatem - ok
21:20:02.0072 2664 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:20:02.0072 2664 hcw85cir - ok
21:20:02.0119 2664 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:20:02.0134 2664 HdAudAddService - ok
21:20:02.0166 2664 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:20:02.0166 2664 HDAudBus - ok
21:20:02.0181 2664 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
21:20:02.0181 2664 HidBatt - ok
21:20:02.0181 2664 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
21:20:02.0197 2664 HidBth - ok
21:20:02.0212 2664 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
21:20:02.0212 2664 HidIr - ok
21:20:02.0244 2664 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
21:20:02.0259 2664 hidserv - ok
21:20:02.0275 2664 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:20:02.0275 2664 HidUsb - ok
21:20:02.0306 2664 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:20:02.0306 2664 hkmsvc - ok
21:20:02.0337 2664 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:20:02.0337 2664 HomeGroupListener - ok
21:20:02.0368 2664 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:20:02.0368 2664 HomeGroupProvider - ok
21:20:02.0415 2664 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
21:20:02.0415 2664 HpSAMD - ok
21:20:02.0462 2664 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:20:02.0478 2664 HTTP - ok
21:20:02.0493 2664 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:20:02.0493 2664 hwpolicy - ok
21:20:02.0509 2664 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
21:20:02.0509 2664 i8042prt - ok
21:20:02.0587 2664 [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
21:20:02.0587 2664 IAANTMON - ok
21:20:02.0665 2664 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
21:20:02.0680 2664 iaStor - ok
21:20:02.0727 2664 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:20:02.0743 2664 iaStorV - ok
21:20:02.0805 2664 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:20:02.0852 2664 idsvc - ok
21:20:03.0055 2664 [ DFEAF0A1D98D397035012C8E28D1520F ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
21:20:03.0242 2664 igfx - ok
21:20:03.0320 2664 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
21:20:03.0320 2664 iirsp - ok
21:20:03.0398 2664 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
21:20:03.0445 2664 IKEEXT - ok
21:20:03.0538 2664 [ 9AA6A93852E36FE76C3F7FC2904F3B01 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:20:03.0601 2664 IntcAzAudAddService - ok
21:20:03.0663 2664 [ D485D3BD3E2179AA86853A182F70699F ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
21:20:03.0663 2664 IntcHdmiAddService - ok
21:20:03.0710 2664 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
21:20:03.0710 2664 intelide - ok
21:20:03.0757 2664 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:20:03.0772 2664 intelppm - ok
21:20:03.0804 2664 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:20:03.0804 2664 IPBusEnum - ok
21:20:03.0835 2664 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:20:03.0835 2664 IpFilterDriver - ok
21:20:03.0866 2664 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:20:03.0882 2664 iphlpsvc - ok
21:20:03.0944 2664 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
21:20:03.0944 2664 IPMIDRV - ok
21:20:03.0960 2664 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:20:03.0960 2664 IPNAT - ok
21:20:04.0022 2664 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:20:04.0022 2664 IRENUM - ok
21:20:04.0038 2664 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
21:20:04.0038 2664 isapnp - ok
21:20:04.0069 2664 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
21:20:04.0084 2664 iScsiPrt - ok
21:20:04.0147 2664 [ 249EE2D26CB1530F3BEDE0AC8B9E3099 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
21:20:04.0147 2664 k57nd60a - ok
21:20:04.0178 2664 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:20:04.0178 2664 kbdclass - ok
21:20:04.0194 2664 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:20:04.0194 2664 kbdhid - ok
21:20:04.0240 2664 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
21:20:04.0240 2664 KeyIso - ok
21:20:04.0272 2664 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:20:04.0272 2664 KSecDD - ok
21:20:04.0287 2664 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:20:04.0287 2664 KSecPkg - ok
21:20:04.0318 2664 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:20:04.0318 2664 ksthunk - ok
21:20:04.0350 2664 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
21:20:04.0350 2664 KtmRm - ok
21:20:04.0396 2664 [ 2AC603C3188C704CFCE353659AA7AD71 ] L1E C:\Windows\system32\DRIVERS\L1E62x64.sys
21:20:04.0396 2664 L1E - ok
21:20:04.0459 2664 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:20:04.0490 2664 LanmanServer - ok
21:20:04.0521 2664 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:20:04.0521 2664 LanmanWorkstation - ok
21:20:04.0677 2664 [ 955982BF4421B77722196552B62E8DC2 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
21:20:04.0677 2664 lirsgt - ok
21:20:04.0708 2664 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:20:04.0708 2664 lltdio - ok
21:20:04.0755 2664 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:20:04.0771 2664 lltdsvc - ok
21:20:04.0802 2664 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:20:04.0802 2664 lmhosts - ok
21:20:04.0849 2664 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
21:20:04.0849 2664 LSI_FC - ok
21:20:04.0864 2664 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
21:20:04.0880 2664 LSI_SAS - ok
21:20:04.0880 2664 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:20:04.0896 2664 LSI_SAS2 - ok
21:20:04.0911 2664 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:20:04.0927 2664 LSI_SCSI - ok
21:20:04.0942 2664 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
21:20:04.0942 2664 luafv - ok
21:20:05.0005 2664 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
21:20:05.0005 2664 MBAMProtector - ok
21:20:05.0098 2664 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:20:05.0098 2664 MBAMScheduler - ok
21:20:05.0176 2664 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
21:20:05.0176 2664 MBAMService - ok
21:20:05.0223 2664 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:20:05.0223 2664 Mcx2Svc - ok
21:20:05.0270 2664 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
21:20:05.0270 2664 megasas - ok
21:20:05.0286 2664 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
21:20:05.0301 2664 MegaSR - ok
21:20:05.0348 2664 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
21:20:05.0348 2664 MMCSS - ok
21:20:05.0364 2664 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
21:20:05.0364 2664 Modem - ok
21:20:05.0426 2664 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:20:05.0426 2664 monitor - ok
21:20:05.0457 2664 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:20:05.0457 2664 mouclass - ok
21:20:05.0488 2664 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:20:05.0488 2664 mouhid - ok
21:20:05.0504 2664 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:20:05.0520 2664 mountmgr - ok
21:20:05.0566 2664 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:20:05.0566 2664 MozillaMaintenance - ok
21:20:05.0598 2664 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
21:20:05.0613 2664 mpio - ok
21:20:05.0644 2664 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:20:05.0660 2664 mpsdrv - ok
21:20:05.0691 2664 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:20:05.0722 2664 MpsSvc - ok
21:20:05.0738 2664 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:20:05.0738 2664 MRxDAV - ok
21:20:05.0785 2664 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:20:05.0785 2664 mrxsmb - ok
21:20:05.0832 2664 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:20:05.0832 2664 mrxsmb10 - ok
21:20:05.0878 2664 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:20:05.0878 2664 mrxsmb20 - ok
21:20:05.0910 2664 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
21:20:05.0910 2664 msahci - ok
21:20:05.0925 2664 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
21:20:05.0925 2664 msdsm - ok
21:20:05.0972 2664 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
21:20:05.0972 2664 MSDTC - ok
21:20:06.0019 2664 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:20:06.0019 2664 Msfs - ok
21:20:06.0050 2664 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:20:06.0050 2664 mshidkmdf - ok
21:20:06.0066 2664 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
21:20:06.0066 2664 msisadrv - ok
21:20:06.0097 2664 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:20:06.0112 2664 MSiSCSI - ok
21:20:06.0112 2664 msiserver - ok
21:20:06.0144 2664 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:20:06.0144 2664 MSKSSRV - ok
21:20:06.0159 2664 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:20:06.0175 2664 MSPCLOCK - ok
21:20:06.0175 2664 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:20:06.0175 2664 MSPQM - ok
21:20:06.0237 2664 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:20:06.0237 2664 MsRPC - ok
21:20:06.0284 2664 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:20:06.0300 2664 mssmbios - ok
21:20:06.0315 2664 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:20:06.0315 2664 MSTEE - ok
21:20:06.0331 2664 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
21:20:06.0331 2664 MTConfig - ok
21:20:06.0378 2664 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
21:20:06.0378 2664 Mup - ok
21:20:06.0424 2664 [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
21:20:06.0424 2664 mwlPSDFilter - ok
21:20:06.0440 2664 [ 0BEFE32CA56D6EE89D58175725596A85 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
21:20:06.0440 2664 mwlPSDNServ - ok
21:20:06.0456 2664 [ D43BC633B8660463E446E28E14A51262 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
21:20:06.0456 2664 mwlPSDVDisk - ok
21:20:06.0518 2664 [ 0F5FAAC852DB4C340B7A2F187E3358B8 ] MWLService C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
21:20:06.0518 2664 MWLService - ok
21:20:06.0549 2664 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
21:20:06.0580 2664 napagent - ok
21:20:06.0674 2664 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:20:06.0674 2664 NativeWifiP - ok
21:20:06.0721 2664 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
21:20:06.0752 2664 NDIS - ok
21:20:06.0814 2664 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:20:06.0814 2664 NdisCap - ok
21:20:06.0846 2664 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:20:06.0861 2664 NdisTapi - ok
21:20:06.0877 2664 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:20:06.0877 2664 Ndisuio - ok
21:20:06.0908 2664 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:20:06.0908 2664 NdisWan - ok
21:20:06.0924 2664 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 97 hostů