Havěť - Babylon Search Vyřešeno

[Speed_dead]

Když jsem updatoval Daemon Tools, nějak jsem se uklik a ulovil jsem Babyloon Search, jehož se mě nedaří zbavit.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:50:40, on 9.8.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16635)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
E:\Program FIles 2\Ashampoo HDD Control 2\AHDDC2_Guard.exe
C:\Program Files (x86)\ICQ7M\ICQ.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Ashampoo\Ashampoo Snap 6\ashsnap.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe
E:\Program FIles 2\Photo Studio 15\Program32\ZPSTray.exe
C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Cobian Backup 11\Cobian.exe
C:\Program Files (x86)\1-abc\Backup\Backup.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
E:\Download\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Cobian Backup 11] "C:\Program Files (x86)\Cobian Backup 11\Cobian.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKCU\..\Run: [ICQ] "C:\Program Files (x86)\ICQ7M\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [StartMenuX] C:\Program Files\Start Menu X\StartMenuX.exe
O4 - HKCU\..\Run: [Backup] "C:\Program Files (x86)\1-abc\Backup\BKPStarter.exe"
O4 - HKCU\..\Run: [AshSnap] C:\Program Files (x86)\Ashampoo\Ashampoo Snap 6\ashsnap.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe" -bootmode
O4 - HKCU\..\Run: [EPSON PX710W Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFSE.EXE /FU "C:\Users\User\AppData\Local\Temp\E_SC895.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] E:\Program FIles 2\Photo Studio 15\Program32\ZPSTRAY.EXE
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Startup: Dropbox.lnk = C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: Add to CaptureSaver - C:\Program Files (x86)\CaptureSaver\\AddFromIE.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll
O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Ashampoo Core Tuner 2 Service (ACT2_Service) - Unknown owner - E:\Program FIles 2\Ashampoo Core Tuner 2\ACT2Service.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Ashampoo HDD Control 2 Service (AHDDC2) - Unknown owner - E:\Program FIles 2\Ashampoo HDD Control 2\AHDDC2_Service.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: Bacula File Backup Service (Bacula-fd) - Unknown owner - C:\Program Files\Bacula\bacula-fd.exe
O23 - Service: Cobian Backup 11 Volume Shadow Copy Requester (cbVSCService11) - CobianSoft, Luis Cobian - C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - E:\Program FIles 2\Ashampoo HDD Control 2\DfsdkS64.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\Windows\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13047 bytes

[Reklama]

[memphisto]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

[Speed_dead]

AFT Cleaner - používám Chrome, co mám vybrat

Anti-Malware jsem se to pokoušel čistit už před dotazem - vymazal jsem 3 položky Babylon Search, ale stále tam je

[jaro3]

Pokračuj s AdwCleanerem.

[Speed_dead]

# AdwCleaner v2.306 - Log vytvooen 10/08/2013 v 11:55:58
# Aktualizováno 19/07/2013 Xplode
# Operaení systém : Windows 7 Ultimate Service Pack 1 (64 bits)
# Uživatel : User - SPEEDEAD
# Spuštin systém : Normální
# Spuštino z : E:\Download\AdwCleaner (1).exe
# Volba [Prohledat]


***** [Služby] *****


***** [Soubory / Složky] *****

Složka Nalezeno : C:\Program Files (x86)\Common Files\Wondershare
Složka Nalezeno : C:\Program Files (x86)\Wondershare
Složka Nalezeno : C:\ProgramData\Babylon
Složka Nalezeno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
Složka Nalezeno : C:\ProgramData\Wondershare

***** [Registry] *****

Klíe Nalezeno : HKCU\Software\APN PIP
Klíe Nalezeno : HKCU\Software\BI
Klíe Nalezeno : HKCU\Software\InstallCore
Klíe Nalezeno : HKCU\Software\systweak
Klíe Nalezeno : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Prod.cap
Klíe Nalezeno : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Klíe Nalezeno : HKLM\Software\PIP
Klíe Nalezeno : HKLM\Software\TENCENT
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Klíe Nalezeno : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Klíe Nalezeno : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}

***** [Internetové prohlížeee] *****

-\\ Internet Explorer v10.0.9200.16635

[OK] Registry jsou eisté.

-\\ Google Chrome v28.0.1500.95

*************************

AdwCleaner[R1].txt - [2899 octets] - [16/06/2013 10:01:31]
AdwCleaner[R2].txt - [2758 octets] - [17/06/2013 18:24:22]
AdwCleaner[R3].txt - [2818 octets] - [18/06/2013 18:32:46]
AdwCleaner[R4].txt - [2988 octets] - [10/08/2013 11:55:58]

########## EOF - C:\AdwCleaner[R4].txt - [3048 octets] ##########

[memphisto]

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

[Speed_dead]

RogueKiller V8.6.5 _x64_ [Aug 5 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : User [Práva správce]
Mód : Kontrola -- Datum : 08/10/2013 23:01:25
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> NALEZENO
[SCREENSVR][SUSP PATH] HKCU\[...]\Desktop : SCRNSAVE.EXE (C:\Windows\LIVEAQ~1.SCR [7]) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: KINGSTON SV300S37A120G ATA Device +++++
--- User ---
[MBR] 2f5b8f846dd663b14913972b17b25d25
[BSP] 5e66531f82ab49e1762bbb2f86d21edd : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 114371 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: KINGSTON SV300S37A120G ATA Device +++++
--- User ---
[MBR] 911d611a122b83e78ee99fca2ab3a784
[BSP] 0dfd37f6e2900d6a1a37d352ed26b40a : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_08102013_230125.txt >>

[memphisto]

Ještě v tom adw to nech smazat. To jsem přehlídl, že to je před mazáním a pak dodej log.

[Speed_dead]

Tady je zbytek

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.4.1 (08.10.2013:1)
OS: Windows 7 Ultimate x64
Ran by User on so 10.08.2013 at 23:07:10,50
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\nctaudiocdgrabber2.dll
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bi
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
Successfully deleted: [Registry Key] "hkey_local_machine\software\pip"



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\wondershare"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\software informer"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Users\User\appdata\local\wondershare"
Successfully deleted: [Folder] "C:\Program Files (x86)\wondershare"
Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\wondershare"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 10.08.2013 at 23:10:30,41
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[memphisto]

Ještě dodej ten log z adw po smazání

Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje "Smazání- Finished "
- Klikni na "Zprávy " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller


Stáhni si TDSSKiller

Na svojí plochu. Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller.2.2.7.1._(datum)_log.txt , vlož sem prosím celý obsah logu.

[Speed_dead]

Část 1/3

---

Malwarebytes Anti-Malware 1.75.0.1300
http://www.malwarebytes.org

Verze: v2013.08.11.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16635
User :: SPEEDEAD [administrátor]

11.8.2013 12:07:54
mbam-log-2013-08-11 (12-07-54).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 263460
Uplynulý čas: 1 minut, 49 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

*************************************************************************************************************************************
RogueKiller jsem dával výše, ale mám to tu trochu zmatený (dával jsem sem logy postupně)

RogueKiller V8.6.5 _x64_ [Aug 5 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : User [Práva správce]
Mód : Kontrola -- Datum : 08/10/2013 23:01:25
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 3 ¤¤¤
[HJ POL] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ POL] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> NALEZENO
[SCREENSVR][SUSP PATH] HKCU\[...]\Desktop : SCRNSAVE.EXE (C:\Windows\LIVEAQ~1.SCR [7]) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: KINGSTON SV300S37A120G ATA Device +++++
--- User ---
[MBR] 2f5b8f846dd663b14913972b17b25d25
[BSP] 5e66531f82ab49e1762bbb2f86d21edd : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 114371 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: KINGSTON SV300S37A120G ATA Device +++++
--- User ---
[MBR] 911d611a122b83e78ee99fca2ab3a784
[BSP] 0dfd37f6e2900d6a1a37d352ed26b40a : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097152 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_08102013_230125.txt >>

---

Část 1/3

[Speed_dead]

Část 2/3

---

08:08:21.0700 6344 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
08:08:21.0934 6344 ============================================================
08:08:21.0934 6344 Current date / time: 2013/08/11 08:08:21.0934
08:08:21.0934 6344 SystemInfo:
08:08:21.0934 6344
08:08:21.0934 6344 OS Version: 6.1.7601 ServicePack: 1.0
08:08:21.0934 6344 Product type: Workstation
08:08:21.0934 6344 ComputerName: SPEEDEAD
08:08:21.0935 6344 UserName: User
08:08:21.0935 6344 Windows directory: C:\Windows
08:08:21.0935 6344 System windows directory: C:\Windows
08:08:21.0935 6344 Running under WOW64
08:08:21.0935 6344 Processor architecture: Intel x64
08:08:21.0935 6344 Number of processors: 4
08:08:21.0935 6344 Page size: 0x1000
08:08:21.0935 6344 Boot type: Normal boot
08:08:21.0935 6344 ============================================================
08:08:22.0093 6344 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:08:22.0103 6344 Drive \Device\Harddisk1\DR1 - Size: 0x2BAA1476000 (2794.52 Gb), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:08:22.0122 6344 ============================================================
08:08:22.0122 6344 \Device\Harddisk0\DR0:
08:08:22.0122 6344 MBR partitions:
08:08:22.0122 6344 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
08:08:22.0122 6344 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800
08:08:22.0122 6344 \Device\Harddisk1\DR1:
08:08:22.0122 6344 GPT partitions:
08:08:22.0122 6344 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {98F4442D-1D6B-449E-9EDB-6462B08407A5}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
08:08:22.0122 6344 \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {8877384D-022D-427D-B697-DE17E3960D75}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x5D4C9800
08:08:22.0122 6344 MBR partitions:
08:08:22.0123 6344 ============================================================
08:08:22.0124 6344 C: <-> \Device\Harddisk0\DR0\Partition2
08:08:22.0139 6344 E: <-> \Device\Harddisk1\DR1\Partition2
08:08:22.0139 6344 ============================================================
08:08:22.0139 6344 Initialize success
08:08:22.0139 6344 ============================================================
08:08:23.0328 6588 ============================================================
08:08:23.0328 6588 Scan started
08:08:23.0328 6588 Mode: Manual;
08:08:23.0328 6588 ============================================================
08:08:23.0585 6588 ================ Scan system memory ========================
08:08:23.0585 6588 System memory - ok
08:08:23.0586 6588 ================ Scan services =============================
08:08:23.0614 6588 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
08:08:23.0615 6588 1394ohci - ok
08:08:23.0625 6588 [ 2A5E5246F22530E351C9F3F2C1CD63B9 ] ABBYY.Licensing.FineReader.Professional.9.0 C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
08:08:23.0628 6588 ABBYY.Licensing.FineReader.Professional.9.0 - ok
08:08:23.0633 6588 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
08:08:23.0635 6588 ACPI - ok
08:08:23.0641 6588 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
08:08:23.0641 6588 AcpiPmi - ok
08:08:23.0642 6588 ACT2PM - ok
08:08:23.0646 6588 ACT2_Service - ok
08:08:23.0650 6588 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:08:23.0650 6588 AdobeARMservice - ok
08:08:23.0669 6588 [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:08:23.0671 6588 AdobeFlashPlayerUpdateSvc - ok
08:08:23.0677 6588 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
08:08:23.0679 6588 adp94xx - ok
08:08:23.0684 6588 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
08:08:23.0685 6588 adpahci - ok
08:08:23.0689 6588 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
08:08:23.0690 6588 adpu320 - ok
08:08:23.0693 6588 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
08:08:23.0694 6588 AeLookupSvc - ok
08:08:23.0700 6588 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
08:08:23.0702 6588 AFD - ok
08:08:23.0706 6588 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
08:08:23.0706 6588 agp440 - ok
08:08:23.0708 6588 AHDDC2 - ok
08:08:23.0711 6588 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
08:08:23.0712 6588 ALG - ok
08:08:23.0714 6588 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
08:08:23.0715 6588 aliide - ok
08:08:23.0717 6588 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
08:08:23.0718 6588 amdide - ok
08:08:23.0720 6588 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
08:08:23.0721 6588 AmdK8 - ok
08:08:23.0723 6588 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
08:08:23.0724 6588 AmdPPM - ok
08:08:23.0727 6588 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
08:08:23.0727 6588 amdsata - ok
08:08:23.0731 6588 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
08:08:23.0732 6588 amdsbs - ok
08:08:23.0734 6588 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
08:08:23.0735 6588 amdxata - ok
08:08:23.0738 6588 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
08:08:23.0738 6588 AppID - ok
08:08:23.0740 6588 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
08:08:23.0741 6588 AppIDSvc - ok
08:08:23.0743 6588 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
08:08:23.0744 6588 Appinfo - ok
08:08:23.0746 6588 [ BA957E7ACD2B44FA3B01FAA64F6A9060 ] AppleCharger C:\Windows\system32\DRIVERS\AppleCharger.sys
08:08:23.0746 6588 AppleCharger - ok
08:08:23.0748 6588 [ 95EF7247C50C7241FDAE39A9B3AFF4AE ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
08:08:23.0749 6588 AppleChargerSrv - ok
08:08:23.0753 6588 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
08:08:23.0754 6588 AppMgmt - ok
08:08:23.0757 6588 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
08:08:23.0758 6588 arc - ok
08:08:23.0761 6588 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
08:08:23.0761 6588 arcsas - ok
08:08:23.0770 6588 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
08:08:23.0771 6588 aspnet_state - ok
08:08:23.0773 6588 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
08:08:23.0773 6588 AsyncMac - ok
08:08:23.0776 6588 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
08:08:23.0776 6588 atapi - ok
08:08:23.0798 6588 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:08:23.0801 6588 AudioEndpointBuilder - ok
08:08:23.0808 6588 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
08:08:23.0811 6588 AudioSrv - ok
08:08:23.0814 6588 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
08:08:23.0815 6588 AxInstSV - ok
08:08:23.0821 6588 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
08:08:23.0823 6588 b06bdrv - ok
08:08:23.0827 6588 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
08:08:23.0828 6588 b57nd60a - ok
08:08:23.0834 6588 [ 47D770645F1E9769951D4A530EFE0272 ] Bacula-fd C:\Program Files\Bacula\bacula-fd.exe
08:08:23.0835 6588 Bacula-fd - ok
08:08:23.0840 6588 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
08:08:23.0840 6588 BDESVC - ok
08:08:23.0842 6588 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
08:08:23.0843 6588 Beep - ok
08:08:23.0851 6588 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
08:08:23.0854 6588 BFE - ok
08:08:23.0863 6588 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
08:08:23.0867 6588 BITS - ok
08:08:23.0870 6588 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
08:08:23.0870 6588 blbdrive - ok
08:08:23.0874 6588 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
08:08:23.0875 6588 bowser - ok
08:08:23.0877 6588 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:08:23.0877 6588 BrFiltLo - ok
08:08:23.0879 6588 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:08:23.0880 6588 BrFiltUp - ok
08:08:23.0883 6588 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
08:08:23.0883 6588 BridgeMP - ok
08:08:23.0886 6588 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
08:08:23.0887 6588 Browser - ok
08:08:23.0891 6588 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
08:08:23.0892 6588 Brserid - ok
08:08:23.0895 6588 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
08:08:23.0895 6588 BrSerWdm - ok
08:08:23.0898 6588 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
08:08:23.0898 6588 BrUsbMdm - ok
08:08:23.0900 6588 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
08:08:23.0900 6588 BrUsbSer - ok
08:08:23.0903 6588 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
08:08:23.0903 6588 BTHMODEM - ok
08:08:23.0907 6588 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
08:08:23.0908 6588 bthserv - ok
08:08:23.0910 6588 catchme - ok
08:08:23.0914 6588 [ 58BF7714A312698108A96D0DE2BB6825 ] cbVSCService11 C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
08:08:23.0915 6588 cbVSCService11 - ok
08:08:23.0917 6588 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
08:08:23.0918 6588 cdfs - ok
08:08:23.0921 6588 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
08:08:23.0922 6588 cdrom - ok
08:08:23.0925 6588 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
08:08:23.0926 6588 CertPropSvc - ok
08:08:23.0928 6588 [ C58EC27035731337ADD1326880086B16 ] CH341SER_A64 C:\Windows\system32\Drivers\CH341S64.SYS
08:08:23.0929 6588 CH341SER_A64 - ok
08:08:23.0931 6588 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
08:08:23.0932 6588 circlass - ok
08:08:23.0937 6588 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
08:08:23.0938 6588 CLFS - ok
08:08:23.0943 6588 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:08:23.0944 6588 clr_optimization_v2.0.50727_32 - ok
08:08:23.0948 6588 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:08:23.0948 6588 clr_optimization_v2.0.50727_64 - ok
08:08:23.0955 6588 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:08:23.0956 6588 clr_optimization_v4.0.30319_32 - ok
08:08:23.0959 6588 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:08:23.0960 6588 clr_optimization_v4.0.30319_64 - ok
08:08:23.0962 6588 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
08:08:23.0963 6588 CmBatt - ok
08:08:23.0965 6588 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
08:08:23.0966 6588 cmdide - ok
08:08:23.0972 6588 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
08:08:23.0974 6588 CNG - ok
08:08:23.0976 6588 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
08:08:23.0976 6588 Compbatt - ok
08:08:23.0979 6588 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
08:08:23.0979 6588 CompositeBus - ok
08:08:23.0981 6588 COMSysApp - ok
08:08:23.0989 6588 cpuz136 - ok
08:08:23.0991 6588 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
08:08:23.0991 6588 crcdisk - ok
08:08:23.0996 6588 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll
08:08:23.0997 6588 CryptSvc - ok
08:08:24.0003 6588 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
08:08:24.0005 6588 CSC - ok
08:08:24.0012 6588 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
08:08:24.0015 6588 CscService - ok
08:08:24.0023 6588 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
08:08:24.0025 6588 DcomLaunch - ok
08:08:24.0030 6588 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
08:08:24.0032 6588 defragsvc - ok
08:08:24.0035 6588 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
08:08:24.0036 6588 DfsC - ok
08:08:24.0037 6588 DfSdkS - ok
08:08:24.0043 6588 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
08:08:24.0044 6588 Dhcp - ok
08:08:24.0047 6588 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
08:08:24.0047 6588 discache - ok
08:08:24.0050 6588 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
08:08:24.0050 6588 Disk - ok
08:08:24.0054 6588 [ 7712DE427603F528D8CBD9F7355A14F8 ] diskpt C:\Windows\system32\drivers\diskpt.sys
08:08:24.0056 6588 diskpt - ok
08:08:24.0059 6588 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
08:08:24.0060 6588 Dnscache - ok
08:08:24.0064 6588 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
08:08:24.0066 6588 dot3svc - ok
08:08:24.0069 6588 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
08:08:24.0070 6588 DPS - ok
08:08:24.0072 6588 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
08:08:24.0073 6588 drmkaud - ok
08:08:24.0077 6588 [ 6A0E850DDCB136AA3D2FB7234382DF12 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
08:08:24.0079 6588 dtsoftbus01 - ok
08:08:24.0088 6588 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
08:08:24.0092 6588 DXGKrnl - ok
08:08:24.0094 6588 EagleX64 - ok
08:08:24.0099 6588 [ 398904F1FBF13CEF0FCB822E9CA5F2D5 ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
08:08:24.0100 6588 eamonm - ok
08:08:24.0103 6588 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
08:08:24.0104 6588 EapHost - ok
08:08:24.0130 6588 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
08:08:24.0143 6588 ebdrv - ok
08:08:24.0147 6588 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
08:08:24.0148 6588 EFS - ok
08:08:24.0151 6588 [ 9E39134330C18CBAC0F24C1283701D7E ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
08:08:24.0152 6588 ehdrv - ok
08:08:24.0159 6588 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
08:08:24.0162 6588 ehRecvr - ok
08:08:24.0165 6588 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
08:08:24.0166 6588 ehSched - ok
08:08:24.0179 6588 [ 7FE34FD5652C54BDA8D2DF8AC92E833A ] ekrn C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
08:08:24.0184 6588 ekrn - ok
08:08:24.0191 6588 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
08:08:24.0193 6588 elxstor - ok
08:08:24.0197 6588 [ 392EC4EA0C265F5BC50D057BEAA593CD ] epfw C:\Windows\system32\DRIVERS\epfw.sys
08:08:24.0198 6588 epfw - ok
08:08:24.0201 6588 [ 0C9EC63C5BAE9506161F14B8A5C10280 ] EpfwLWF C:\Windows\system32\DRIVERS\EpfwLWF.sys
08:08:24.0201 6588 EpfwLWF - ok
08:08:24.0204 6588 [ AD03E0C95E750F3FBE84EDA87B2C4E08 ] epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys
08:08:24.0205 6588 epfwwfp - ok
08:08:24.0207 6588 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
08:08:24.0208 6588 ErrDev - ok
08:08:24.0211 6588 [ 3DBC10CBC436288801FAEE66DE91AE47 ] EtronHub3 C:\Windows\system32\Drivers\EtronHub3.sys
08:08:24.0211 6588 EtronHub3 - ok
08:08:24.0214 6588 [ DE261095A2220D400D9603E1E42D4185 ] EtronXHCI C:\Windows\system32\Drivers\EtronXHCI.sys
08:08:24.0215 6588 EtronXHCI - ok
08:08:24.0221 6588 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
08:08:24.0223 6588 EventSystem - ok
08:08:24.0226 6588 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
08:08:24.0227 6588 exfat - ok
08:08:24.0231 6588 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
08:08:24.0232 6588 fastfat - ok
08:08:24.0239 6588 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
08:08:24.0242 6588 Fax - ok
08:08:24.0245 6588 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
08:08:24.0245 6588 fdc - ok
08:08:24.0247 6588 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
08:08:24.0248 6588 fdPHost - ok
08:08:24.0250 6588 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
08:08:24.0251 6588 FDResPub - ok
08:08:24.0254 6588 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
08:08:24.0254 6588 FileInfo - ok
08:08:24.0256 6588 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
08:08:24.0256 6588 Filetrace - ok
08:08:24.0259 6588 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
08:08:24.0259 6588 flpydisk - ok
08:08:24.0263 6588 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
08:08:24.0265 6588 FltMgr - ok
08:08:24.0275 6588 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
08:08:24.0280 6588 FontCache - ok
08:08:24.0283 6588 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:08:24.0284 6588 FontCache3.0.0.0 - ok
08:08:24.0286 6588 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
08:08:24.0287 6588 FsDepends - ok
08:08:24.0289 6588 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
08:08:24.0289 6588 Fs_Rec - ok
08:08:24.0292 6588 [ 290EBA98AD0CE0D1B880B5D71194B069 ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
08:08:24.0293 6588 Futuremark SystemInfo Service - ok
08:08:24.0297 6588 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
08:08:24.0298 6588 fvevol - ok
08:08:24.0301 6588 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
08:08:24.0301 6588 gagp30kx - ok
08:08:24.0303 6588 gdrv - ok
08:08:24.0311 6588 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
08:08:24.0315 6588 gpsvc - ok
08:08:24.0318 6588 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:08:24.0319 6588 gupdate - ok
08:08:24.0321 6588 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:08:24.0322 6588 gupdatem - ok
08:08:24.0325 6588 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
08:08:24.0326 6588 gusvc - ok
08:08:24.0328 6588 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
08:08:24.0328 6588 hcw85cir - ok
08:08:24.0333 6588 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:08:24.0335 6588 HdAudAddService - ok
08:08:24.0338 6588 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
08:08:24.0338 6588 HDAudBus - ok
08:08:24.0341 6588 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
08:08:24.0342 6588 HidBatt - ok
08:08:24.0344 6588 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
08:08:24.0345 6588 HidBth - ok
08:08:24.0347 6588 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
08:08:24.0348 6588 HidIr - ok
08:08:24.0350 6588 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
08:08:24.0351 6588 hidserv - ok
08:08:24.0353 6588 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
08:08:24.0354 6588 HidUsb - ok
08:08:24.0357 6588 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
08:08:24.0358 6588 hkmsvc - ok
08:08:24.0361 6588 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:08:24.0363 6588 HomeGroupListener - ok
08:08:24.0366 6588 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:08:24.0368 6588 HomeGroupProvider - ok
08:08:24.0371 6588 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
08:08:24.0371 6588 HpSAMD - ok
08:08:24.0378 6588 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
08:08:24.0381 6588 HTTP - ok
08:08:24.0384 6588 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
08:08:24.0385 6588 hwpolicy - ok
08:08:24.0388 6588 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
08:08:24.0388 6588 i8042prt - ok
08:08:24.0393 6588 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
08:08:24.0395 6588 iaStorV - ok
08:08:24.0398 6588 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
08:08:24.0398 6588 IDriverT - ok
08:08:24.0406 6588 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:08:24.0410 6588 idsvc - ok
08:08:24.0413 6588 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
08:08:24.0413 6588 iirsp - ok
08:08:24.0421 6588 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
08:08:24.0425 6588 IKEEXT - ok
08:08:24.0433 6588 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
08:08:24.0436 6588 Intel(R) Capability Licensing Service Interface - ok
08:08:24.0438 6588 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
08:08:24.0439 6588 intelide - ok
08:08:24.0441 6588 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
08:08:24.0442 6588 intelppm - ok
08:08:24.0445 6588 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
08:08:24.0445 6588 IPBusEnum - ok
08:08:24.0448 6588 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:08:24.0449 6588 IpFilterDriver - ok
08:08:24.0455 6588 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
08:08:24.0457 6588 iphlpsvc - ok
08:08:24.0460 6588 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
08:08:24.0461 6588 IPMIDRV - ok
08:08:24.0464 6588 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
08:08:24.0464 6588 IPNAT - ok
08:08:24.0467 6588 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
08:08:24.0467 6588 IRENUM - ok
08:08:24.0469 6588 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
08:08:24.0470 6588 isapnp - ok
08:08:24.0474 6588 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
08:08:24.0475 6588 iScsiPrt - ok
08:08:24.0477 6588 [ D596D915CF091DA1F8CE4BD38BB5D509 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
08:08:24.0477 6588 iusb3hcs - ok
08:08:24.0482 6588 [ 023896E23B61543A15A230EED996D911 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
08:08:24.0484 6588 iusb3hub - ok
08:08:24.0492 6588 [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
08:08:24.0495 6588 iusb3xhc - ok
08:08:24.0500 6588 [ 78ABBE558F57144047F10A0F50FE4B2F ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
08:08:24.0500 6588 jhi_service - ok
08:08:24.0503 6588 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
08:08:24.0504 6588 kbdclass - ok
08:08:24.0506 6588 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
08:08:24.0506 6588 kbdhid - ok
08:08:24.0508 6588 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
08:08:24.0509 6588 KeyIso - ok
08:08:24.0512 6588 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
08:08:24.0512 6588 KSecDD - ok
08:08:24.0516 6588 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
08:08:24.0517 6588 KSecPkg - ok
08:08:24.0519 6588 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
08:08:24.0520 6588 ksthunk - ok
08:08:24.0525 6588 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
08:08:24.0527 6588 KtmRm - ok
08:08:24.0530 6588 [ A43A9920D2409BB9DA747D2FD20A2E61 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
08:08:24.0531 6588 L1C - ok
08:08:24.0535 6588 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
08:08:24.0536 6588 LanmanServer - ok
08:08:24.0540 6588 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:08:24.0541 6588 LanmanWorkstation - ok
08:08:24.0545 6588 [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
08:08:24.0545 6588 LGBusEnum - ok
08:08:24.0548 6588 [ CDDC07D414B08FECD48E4940C29F483F ] LGSHidFilt C:\Windows\system32\DRIVERS\LGSHidFilt.Sys
08:08:24.0549 6588 LGSHidFilt - ok
08:08:24.0551 6588 [ 64D2D4FDC00B9CF396B4FD4B07BCD06E ] LGSUsbFilt C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys
08:08:24.0551 6588 LGSUsbFilt - ok
08:08:24.0554 6588 [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
08:08:24.0554 6588 LGVirHid - ok
08:08:24.0557 6588 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
08:08:24.0557 6588 lltdio - ok
08:08:24.0562 6588 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
08:08:24.0563 6588 lltdsvc - ok
08:08:24.0566 6588 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
08:08:24.0566 6588 lmhosts - ok
08:08:24.0570 6588 [ 2C24DC448DBE8DB9BE1441B824C57E79 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
08:08:24.0571 6588 LMS - ok
08:08:24.0574 6588 [ 1B3F331CBBDB6805C07134F70B7F9CCF ] lowcdc C:\Windows\system32\DRIVERS\lowcdc.sys
08:08:24.0574 6588 lowcdc - ok
08:08:24.0579 6588 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
08:08:24.0580 6588 LSI_FC - ok
08:08:24.0583 6588 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
08:08:24.0583 6588 LSI_SAS - ok
08:08:24.0586 6588 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:08:24.0587 6588 LSI_SAS2 - ok
08:08:24.0590 6588 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:08:24.0590 6588 LSI_SCSI - ok
08:08:24.0593 6588 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
08:08:24.0594 6588 luafv - ok
08:08:24.0596 6588 [ DED333DBDBBCC3555A6E6244522E2F1A ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
08:08:24.0597 6588 LVPr2M64 - ok
08:08:24.0599 6588 [ DED333DBDBBCC3555A6E6244522E2F1A ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys
08:08:24.0599 6588 LVPr2Mon - ok
08:08:24.0602 6588 [ A35679E56E78091E1042A2D7ADBF2958 ] LVPrcS64 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
08:08:24.0603 6588 LVPrcS64 - ok
08:08:24.0607 6588 [ 024DA28053D57E9E32BEE52600576BBB ] MarvinBus C:\Windows\system32\DRIVERS\MarvinBus64.sys
08:08:24.0608 6588 MarvinBus - ok
08:08:24.0611 6588 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
08:08:24.0611 6588 MBAMProtector - ok
08:08:24.0616 6588 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
08:08:24.0618 6588 MBAMScheduler - ok
08:08:24.0625 6588 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
08:08:24.0628 6588 MBAMService - ok
08:08:24.0631 6588 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
08:08:24.0632 6588 Mcx2Svc - ok
08:08:24.0635 6588 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
08:08:24.0635 6588 megasas - ok
08:08:24.0639 6588 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
08:08:24.0640 6588 MegaSR - ok
08:08:24.0643 6588 [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
08:08:24.0644 6588 MEIx64 - ok
08:08:24.0646 6588 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
08:08:24.0647 6588 MMCSS - ok
08:08:24.0649 6588 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
08:08:24.0650 6588 Modem - ok
08:08:24.0653 6588 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
08:08:24.0653 6588 monitor - ok
08:08:24.0656 6588 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
08:08:24.0656 6588 mouclass - ok
08:08:24.0658 6588 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
08:08:24.0659 6588 mouhid - ok
08:08:24.0661 6588 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
08:08:24.0662 6588 mountmgr - ok
08:08:24.0665 6588 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
08:08:24.0666 6588 mpio - ok
08:08:24.0669 6588 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
08:08:24.0670 6588 mpsdrv - ok
08:08:24.0678 6588 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
08:08:24.0682 6588 MpsSvc - ok
08:08:24.0685 6588 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
08:08:24.0686 6588 MRxDAV - ok
08:08:24.0689 6588 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
08:08:24.0690 6588 mrxsmb - ok

---

Část 2/3