Prosím o kontrolu logu, notebook se nechce vypínat Vyřešeno

[RudolfIV]

Dobrý večer, nechce se vypínat, už hodně často, zamrzá a po vypnutí natvrdo se dlouho spouští, budu vděčen


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:46:35, on 22.9.2013
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16384)
Boot mode: Normal

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhostex.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x86__8wekyb3d8bbwe\LiveComm.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
C:\Users\uživatel\Downloads\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mixidj.delta-search.com/?babsrc= ... 6&tsp=4923
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\ProgramData\LangSoft\WebIE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Nitro PDF Printer Monitor] "C:\Program Files\Nitro PDF\Professional\NitroPDFPrinterMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s
O4 - HKCU\..\Run: [C:\Users\uživatel\Downloads\tvonline.exe] C:\Users\uživatel\Downloads\tvonline.exe /exenoupdates /exelang 0 /prereqs "1"
O4 - HKCU\..\Run: [C:\Users\uživatel\Downloads\tvonline (1).exe] "C:\Users\uživatel\Downloads\tvonline (1).exe" /exenoupdates /exelang 0 /prereqs "1"
O4 - HKCU\..\Run: [C:\Users\uživatel\Downloads\tvonline (2).exe] "C:\Users\uživatel\Downloads\tvonline (2).exe" /exenoupdates /exelang 0 /prereqs "1"
O4 - Global Startup: CodecPackTrayMenu.lnk = C:\Windows\System32\C2MP\TrayMenu.exe
O4 - Global Startup: CodecPackUpdateChecker.lnk = C:\Windows\System32\C2MP\UpdateChecker.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\ProgramData\LangSoft\WebIE.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @oem33.inf,%AEADISRV.SvcDesc%;Andrea ADI Filters Service (AEADIFilters) - Andrea Electronics Corporation - C:\Windows\system32\AEADISRV.EXE
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\AtService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype C2C Service - Unknown owner - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: Stardock Start8 (Start8) - Stardock Software, Inc - C:\Program Files\Stardock\Start8\Start8Srv.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

--
End of file - 9806 bytes

[Reklama]

[memphisto]

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranìní historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit doèasné soubory Windows, vysypat koš atd.

Stáhni si Malwarebytes' Anti-Malware
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Update Malwarebytes' Anti-Malware (Aktualizace Malwarebytes' Anti-Malware) a Launch Malwarebytes' Anti-Malware (Spustit aplikaci Malwarebytes' Anti-Malware), pokud jo tak klikni na tlačítko Finish
- pokud bude nalezena aktualizace, tak se stáhne a nainstaluje
- program se po té spustí a nech vybranou možnost Perform Quick Scan (Provést rychlý sken) a klikni na tlačítko Scan (Skenovat)
- po probìhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Show Results
- pak zvol možnost Save Logfile a ulož si log na plochu
- po té klikni na tlačítko Exit, objeví se ti hláška tak zvol Ano
(zatím nic nemaž!).
Vlož sem pak obsah toho logu.

Stáhni AdwCleaner
Ulož si ho na svojí plochu
Ukonči všechny programy, okna a prohlížeče
Spusť program poklepáním a klikni na „Search“
Po skenu se objeví log (jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

[RudolfIV]

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.09.22.04

Windows 8 x86 NTFS
Internet Explorer 10.0.9200.16384
Trkl :: PC [administrátor]

22.9.2013 21:40:51
MBAM-log-2013-09-22 (21-50-41).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 195637
Uplynulý čas: 9 minut, 38 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 13
HKCR\AppID\{38495740-0035-4471-851E-F5BBB86AB085} (PUP.Optional.DefaultTab.A) -> Nebyla provedena žádná instrukce.
HKCR\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007} (PUP.Optional.DefaultTab.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2D33ED6-EBBD-467C-BF6F-F175D9B51363} (PUP.Optional.DefaultTab.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAD84EE2-624D-4e7c-A8BB-41EFD720FD77} (PUP.Optional.DefaultTab.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A} (PUP.Optional.DefaultTab.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4C77DF33-166A-92E7-0A00-A97D0BC43582} (PUP.Optional.Tarma.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{62D82EC1-0D3A-DF54-8E3E-07E1337A5311} (PUP.Optional.MultiPlug.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD} (PUP.Optional.MultiPlug.A) -> Nebyla provedena žádná instrukce.
HKCU\Software\1ClickDownload (PUP.Optional.1ClickDownload.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Google\Chrome\Extensions\dnllcmllkjofnojidnaknldfehfhehoo (PUP.Optional.HDVidCodec.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk (PUP.Optional.Gophoto.A) -> Nebyla provedena žádná instrukce.
HKCR\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755} (PUP.Optional.SearchNewTab) -> Nebyla provedena žádná instrukce.
HKCR\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F} (PUP.Optional.SearchNewTab) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 1
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.StartPage) -> Špatný: (http://mixidj.delta-search.com/?babsrc= ... 6&tsp=4923) Dobrý: (http://www.google.com) -> Nebyla provedena žádná instrukce.

Nalezené složky: 3
C:\Program Files\HDvidCodec.com (PUP.Optional.HDVidCodec.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Gophoto.it (PUP.Optional.Gophoto.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\SearchNewTab (PUP.Optional.SearchNewTab) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 11
C:\ProgramData\InstallMate\{FCF004F6-320E-42F7-A01C-7A2C27132600}\Setup.exe (PUP.Optional.Tarma.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\InstallMate\{FCF004F6-320E-42F7-A01C-7A2C27132600}\TsuDll.dll (PUP.Optional.Tarma.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\sAvennshare!\zkiZjW.exe (PUP.Optional.MultiPlug.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\SearchNewTab\Z092J0P32p.exe (PUP.Optional.MultiPlug.A) -> Nebyla provedena žádná instrukce.
C:\Users\uživatel\AppData\Local\Temp\UpdUninstall.exe (PUP.Optional.Amonetize.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\HDvidCodec.com\HDvidCodec10.crx (PUP.Optional.HDVidCodec.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\HDvidCodec.com\HDvidCodecIE.exe (PUP.Optional.HDVidCodec.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\Gophoto.it\gophotoit16.crx (PUP.Optional.Gophoto.A) -> Nebyla provedena žádná instrukce.
C:\ProgramData\SearchNewTab\8k7XaW0bY.dat (PUP.Optional.SearchNewTab) -> Nebyla provedena žádná instrukce.
C:\ProgramData\SearchNewTab\8k7XaW0bY.tlb (PUP.Optional.SearchNewTab) -> Nebyla provedena žádná instrukce.
C:\ProgramData\SearchNewTab\Z092J0P32p.dat (PUP.Optional.SearchNewTab) -> Nebyla provedena žádná instrukce.

(konec)




# AdwCleaner v3.004 - Report created 22/09/2013 at 21:52:56
# Updated 15/09/2013 by Xplode
# Operating System : Windows 8 Pro (32 bits)
# Username : Trkl - PC
# Running from : C:\Users\uživatel\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Found C:\Program Files\Gophoto.it
Folder Found C:\Program Files\HDvidCodec.com
Folder Found C:\ProgramData\sAvennshare!
Folder Found C:\ProgramData\SearchNewTab

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\1ClickDownload
Key Found : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16384

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://mixidj.delta-search.com/?babsrc= ... 6&tsp=4923

-\\ Mozilla Firefox v

-\\ Google Chrome v27.0.1453.116

[ File : C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [5546 octets] - [01/09/2013 00:49:21]
AdwCleaner[R1].txt - [1537 octets] - [22/09/2013 21:52:56]
AdwCleaner[S0].txt - [5319 octets] - [01/09/2013 00:50:07]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1657 octets] ##########

[jaro3]

. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
Klikni na „ Vymazat-Clean“
Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

[RudolfIV]

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.09.22.04

Windows 8 x86 NTFS
Internet Explorer 10.0.9200.16384
Trkl :: PC [administrátor]

23.9.2013 20:59:53
mbam-log-2013-09-23 (20-59-53).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 195264
Uplynulý čas: 9 minut, 26 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 13
HKCR\AppID\{38495740-0035-4471-851E-F5BBB86AB085} (PUP.Optional.DefaultTab.A) -> Přesun do karantény a smazání se zdařilo.
HKCR\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007} (PUP.Optional.DefaultTab.A) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2D33ED6-EBBD-467C-BF6F-F175D9B51363} (PUP.Optional.DefaultTab.A) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAD84EE2-624D-4e7c-A8BB-41EFD720FD77} (PUP.Optional.DefaultTab.A) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A} (PUP.Optional.DefaultTab.A) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4C77DF33-166A-92E7-0A00-A97D0BC43582} (PUP.Optional.Tarma.A) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{62D82EC1-0D3A-DF54-8E3E-07E1337A5311} (PUP.Optional.MultiPlug.A) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD} (PUP.Optional.MultiPlug.A) -> Přesun do karantény a smazání se zdařilo.
HKCU\Software\1ClickDownload (PUP.Optional.1ClickDownload.A) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Google\Chrome\Extensions\dnllcmllkjofnojidnaknldfehfhehoo (PUP.Optional.HDVidCodec.A) -> Přesun do karantény a smazání se zdařilo.
HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk (PUP.Optional.Gophoto.A) -> Přesun do karantény a smazání se zdařilo.
HKCR\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755} (PUP.Optional.SearchNewTab) -> Přesun do karantény a smazání se zdařilo.
HKCR\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F} (PUP.Optional.SearchNewTab) -> Přesun do karantény a smazání se zdařilo.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 1
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.StartPage) -> Špatný: (http://mixidj.delta-search.com/?babsrc= ... 6&tsp=4923) Dobrý: (http://www.google.com) -> Přesun do karantény a opravení se zdařilo.

Nalezené složky: 3
C:\Program Files\HDvidCodec.com (PUP.Optional.HDVidCodec.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\Gophoto.it (PUP.Optional.Gophoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\SearchNewTab (PUP.Optional.SearchNewTab) -> Přesun do karantény a smazání se zdařilo.

Nalezené soubory: 11
C:\ProgramData\InstallMate\{FCF004F6-320E-42F7-A01C-7A2C27132600}\Setup.exe (PUP.Optional.Tarma.A) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\InstallMate\{FCF004F6-320E-42F7-A01C-7A2C27132600}\TsuDll.dll (PUP.Optional.Tarma.A) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\sAvennshare!\zkiZjW.exe (PUP.Optional.MultiPlug.A) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\SearchNewTab\Z092J0P32p.exe (PUP.Optional.MultiPlug.A) -> Přesun do karantény a smazání se zdařilo.
C:\Users\uživatel\AppData\Local\Temp\UpdUninstall.exe (PUP.Optional.Amonetize.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\HDvidCodec.com\HDvidCodec10.crx (PUP.Optional.HDVidCodec.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\HDvidCodec.com\HDvidCodecIE.exe (PUP.Optional.HDVidCodec.A) -> Přesun do karantény a smazání se zdařilo.
C:\Program Files\Gophoto.it\gophotoit16.crx (PUP.Optional.Gophoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\SearchNewTab\8k7XaW0bY.dat (PUP.Optional.SearchNewTab) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\SearchNewTab\8k7XaW0bY.tlb (PUP.Optional.SearchNewTab) -> Přesun do karantény a smazání se zdařilo.
C:\ProgramData\SearchNewTab\Z092J0P32p.dat (PUP.Optional.SearchNewTab) -> Přesun do karantény a smazání se zdařilo.

(konec)


# AdwCleaner v3.005 - Report created 23/09/2013 at 21:32:35
# Updated 22/09/2013 by Xplode
# Operating System : Windows 8 Pro (32 bits)
# Username : Trkl - PC
# Running from : C:\Users\uživatel\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\sAvennshare!

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16384


-\\ Mozilla Firefox v

-\\ Google Chrome v27.0.1453.116

[ File : C:\Users\uživatel\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [5546 octets] - [01/09/2013 00:49:21]
AdwCleaner[R1].txt - [1737 octets] - [22/09/2013 21:52:56]
AdwCleaner[R2].txt - [1797 octets] - [22/09/2013 21:55:57]
AdwCleaner[R3].txt - [1154 octets] - [23/09/2013 21:31:26]
AdwCleaner[S0].txt - [5319 octets] - [01/09/2013 00:50:07]
AdwCleaner[S1].txt - [1082 octets] - [23/09/2013 21:32:35]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1142 octets] ##########


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.2 (09.22.2013:1)
OS: Windows 8 Pro x86
Ran by Trkl on po 23.09.2013 at 21:38:05,43
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C8DE8BCA-BFC7-4D50-83DF-F37079594014}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 23.09.2013 at 21:43:18,45
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


RogueKiller V8.6.12 [Sep 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 8 (6.2.9200 ) 32 bits version
Spuštěno v : Normální režim
Uživatel : Trkl [Práva správce]
Mód : Kontrola -- Datum : 09/23/2013 21:53:39
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 2 ¤¤¤
[SUSP PATH] slsvc.exe -- C:\Windows\slsvc.exe [-] -> SMAZÁNO [TermProc]
[SUSP PATH] PersonalizeEnabler.exe -- C:\Windows\PersonalizeEnabler.exe [-] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 12 ¤¤¤
[RUN][SUSP UNIC] HKCU\[...]\Run : C:\Users\uživatel\Downloads\tvonline.exe (C:\Users\uživatel\Downloads\tvonline.exe /exenoupdates /exelang 0 /prereqs "1" [x]) -> NALEZENO
[RUN][SUSP UNIC] HKCU\[...]\Run : C:\Users\uživatel\Downloads\tvonline (1).exe ("C:\Users\uživatel\Downloads\tvonline (1).exe" /exenoupdates /exelang 0 /prereqs "1" [x]) -> NALEZENO
[RUN][SUSP UNIC] HKCU\[...]\Run : C:\Users\uživatel\Downloads\tvonline (2).exe ("C:\Users\uživatel\Downloads\tvonline (2).exe" /exenoupdates /exelang 0 /prereqs "1" [x]) -> NALEZENO
[RUN][SUSP UNIC] HKUS\S-1-5-21-1966805583-2561213867-1644749085-1001\[...]\Run : C:\Users\uživatel\Downloads\tvonline.exe (C:\Users\uživatel\Downloads\tvonline.exe /exenoupdates /exelang 0 /prereqs "1" [x]) -> NALEZENO
[RUN][SUSP UNIC] HKUS\S-1-5-21-1966805583-2561213867-1644749085-1001\[...]\Run : C:\Users\uživatel\Downloads\tvonline (1).exe ("C:\Users\uživatel\Downloads\tvonline (1).exe" /exenoupdates /exelang 0 /prereqs "1" [x]) -> NALEZENO
[RUN][SUSP UNIC] HKUS\S-1-5-21-1966805583-2561213867-1644749085-1001\[...]\Run : C:\Users\uživatel\Downloads\tvonline (2).exe ("C:\Users\uživatel\Downloads\tvonline (2).exe" /exenoupdates /exelang 0 /prereqs "1" [x]) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] IRP[IRP_MJ_CREATE] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED ([Address] Unknown @ 0x8540F1F8)
[Address] IRP[IRP_MJ_CLOSE] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED ([Address] Unknown @ 0x8540F1F8)
[Address] IRP[IRP_MJ_DEVICE_CONTROL] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED ([Address] Unknown @ 0x8540F1F8)
[Address] IRP[IRP_MJ_INTERNAL_DEVICE_CONTROL] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED ([Address] Unknown @ 0x8540F1F8)
[Address] IRP[IRP_MJ_POWER] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED ([Address] Unknown @ 0x8540F1F8)
[Address] IRP[IRP_MJ_SYSTEM_CONTROL] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED ([Address] Unknown @ 0x8540F1F8)
[Address] IRP[IRP_MJ_PNP] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED ([Address] Unknown @ 0x8540F1F8)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 genuine.microsoft.com
127.0.0.1 mpa.one.microsoft.com
127.0.0.1 sls.microsoft.com

127.0.0.1 www.langsoft.cz
127.0.0.1 iws.intranet.cz
127.0.0.1 www.pctranslator.cz


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standardní diskové jednotky) - Hitachi HTS542512K9A300 +++++
--- User ---
[MBR] b2e726fa9d61e22781f72d389a9592f9
[BSP] 7a9d59d01e4e9a43aa377119d6c60c50 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 114371 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) (Standardní diskové jednotky) - USB2.0 CARD-READER USB Device +++++
--- User ---
[MBR] cd56d018ac78906d8b5f67324bb05f30
[BSP] 4c41fa72f19cc53652585a1acaf99d7f : MBR Code unknown
Partition table:
0 - [ACTIVE] FAT32 (0x0b) [VISIBLE] Offset (sectors): 63 | Size: 2096380 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[0]_S_09232013_215339.txt >>

[jaro3]

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.

Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "

- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Spusť znovu RogueKiller
Pokud používáš Win Vista či W7, klikni na RogueKiller pravým a dej spustit jako správce.
Pak klikni na Oprava Host a Zpráva - otevře se log, ten sem vlož.

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.

[RudolfIV]

Dobrý večer, či den, nevím tentokrát jestli jsem to udělal správně - v RogueKiller se nechtělo objevit tlačítko smazat, tak jsem podle jejich nápovědy spustil prohledat a pak teprve smazat a zpráva, u druhého Rogue Killer to samé, akorát pak oprava host a zpráva. Tady logy

RogueKiller V8.6.12 [Sep 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 8 (6.2.9200 ) 32 bits version
Spuštěno v : Normální režim
Uživatel : Trkl [Práva správce]
Mód : Kontrola -- Datum : 09/25/2013 20:42:52
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 2 ¤¤¤
[SUSP PATH] slsvc.exe -- C:\Windows\slsvc.exe [-] -> SMAZÁNO [TermProc]
[SUSP PATH] PersonalizeEnabler.exe -- C:\Windows\PersonalizeEnabler.exe [-] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 12 ¤¤¤
[RUN][SUSP UNIC] HKCU\[...]\Run : C:\Users\uživatel\Downloads\tvonline.exe (C:\Users\uživatel\Downloads\tvonline.exe /exenoupdates /exelang 0 /prereqs "1" [x]) -> NALEZENO
[RUN][SUSP UNIC] HKCU\[...]\Run : C:\Users\uživatel\Downloads\tvonline (1).exe ("C:\Users\uživatel\Downloads\tvonline (1).exe" /exenoupdates /exelang 0 /prereqs "1" [x]) -> NALEZENO
[RUN][SUSP UNIC] HKCU\[...]\Run : C:\Users\uživatel\Downloads\tvonline (2).exe ("C:\Users\uživatel\Downloads\tvonline (2).exe" /exenoupdates /exelang 0 /prereqs "1" [x]) -> NALEZENO
[RUN][SUSP UNIC] HKUS\S-1-5-21-1966805583-2561213867-1644749085-1001\[...]\Run : C:\Users\uživatel\Downloads\tvonline.exe (C:\Users\uživatel\Downloads\tvonline.exe /exenoupdates /exelang 0 /prereqs "1" [x]) -> NALEZENO
[RUN][SUSP UNIC] HKUS\S-1-5-21-1966805583-2561213867-1644749085-1001\[...]\Run : C:\Users\uživatel\Downloads\tvonline (1).exe ("C:\Users\uživatel\Downloads\tvonline (1).exe" /exenoupdates /exelang 0 /prereqs "1" [x]) -> NALEZENO
[RUN][SUSP UNIC] HKUS\S-1-5-21-1966805583-2561213867-1644749085-1001\[...]\Run : C:\Users\uživatel\Downloads\tvonline (2).exe ("C:\Users\uživatel\Downloads\tvonline (2).exe" /exenoupdates /exelang 0 /prereqs "1" [x]) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> NALEZENO
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] IRP[IRP_MJ_CREATE] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED ([Address] Unknown @ 0x8560F1F8)
[Address] IRP[IRP_MJ_CLOSE] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED ([Address] Unknown @ 0x8560F1F8)
[Address] IRP[IRP_MJ_DEVICE_CONTROL] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED ([Address] Unknown @ 0x8560F1F8)
[Address] IRP[IRP_MJ_INTERNAL_DEVICE_CONTROL] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED ([Address] Unknown @ 0x8560F1F8)
[Address] IRP[IRP_MJ_POWER] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED ([Address] Unknown @ 0x8560F1F8)
[Address] IRP[IRP_MJ_SYSTEM_CONTROL] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED ([Address] Unknown @ 0x8560F1F8)
[Address] IRP[IRP_MJ_PNP] : C:\Windows\System32\drivers\mountmgr.sys -> HOOKED ([Address] Unknown @ 0x8560F1F8)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 genuine.microsoft.com
127.0.0.1 mpa.one.microsoft.com
127.0.0.1 sls.microsoft.com

127.0.0.1 www.langsoft.cz
127.0.0.1 iws.intranet.cz
127.0.0.1 www.pctranslator.cz


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standardní diskové jednotky) - Hitachi HTS542512K9A300 +++++
--- User ---
[MBR] b2e726fa9d61e22781f72d389a9592f9
[BSP] 7a9d59d01e4e9a43aa377119d6c60c50 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 114371 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_09252013_204252.txt >>
RKreport[0]_S_09232013_215339.txt



RogueKiller V8.6.12 [Sep 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows 8 (6.2.9200 ) 32 bits version
Spuštěno v : Normální režim
Uživatel : Trkl [Práva správce]
Mód : Oprava HOSTS -- Datum : 09/25/2013 20:57:16
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 2 ¤¤¤
[SUSP PATH] slsvc.exe -- C:\Windows\slsvc.exe [-] -> SMAZÁNO [TermProc]
[SUSP PATH] PersonalizeEnabler.exe -- C:\Windows\PersonalizeEnabler.exe [-] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 genuine.microsoft.com
127.0.0.1 mpa.one.microsoft.com
127.0.0.1 sls.microsoft.com

127.0.0.1 www.langsoft.cz
127.0.0.1 iws.intranet.cz
127.0.0.1 www.pctranslator.cz


¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost


Dokončeno : << RKreport[0]_H_09252013_205716.txt >>
RKreport[0]_D_09252013_204429.txt;RKreport[0]_S_09232013_215339.txt;RKreport[0]_S_09252013_204252.txt
RKreport[0]_S_09252013_205705.txt



21:00:25.0564 1260 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:00:25.0783 1260 ============================================================
21:00:25.0783 1260 Current date / time: 2013/09/25 21:00:25.0783
21:00:25.0783 1260 SystemInfo:
21:00:25.0783 1260
21:00:25.0783 1260 OS Version: 6.2.9200 ServicePack: 0.0
21:00:25.0783 1260 Product type: Workstation
21:00:25.0783 1260 ComputerName: PC
21:00:25.0783 1260 UserName: Trkl
21:00:25.0783 1260 Windows directory: C:\Windows
21:00:25.0783 1260 System windows directory: C:\Windows
21:00:25.0783 1260 Processor architecture: Intel x86
21:00:25.0783 1260 Number of processors: 2
21:00:25.0783 1260 Page size: 0x1000
21:00:25.0783 1260 Boot type: Normal boot
21:00:25.0783 1260 ============================================================
21:00:26.0454 1260 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:00:26.0469 1260 ============================================================
21:00:26.0469 1260 \Device\Harddisk0\DR0:
21:00:26.0485 1260 MBR partitions:
21:00:26.0485 1260 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:00:26.0485 1260 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800
21:00:26.0485 1260 ============================================================
21:00:26.0500 1260 C: <-> \Device\Harddisk0\DR0\Partition2
21:00:26.0500 1260 ============================================================
21:00:26.0500 1260 Initialize success
21:00:26.0500 1260 ============================================================
21:00:33.0676 3556 ============================================================
21:00:33.0676 3556 Scan started
21:00:33.0676 3556 Mode: Manual;
21:00:33.0676 3556 ============================================================
21:00:34.0581 3556 ================ Scan system memory ========================
21:00:34.0581 3556 System memory - ok
21:00:34.0581 3556 ================ Scan services =============================
21:00:34.0909 3556 [ E7B9E170EFF01486D3118E372BA0AF21 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
21:00:34.0909 3556 1394ohci - ok
21:00:34.0956 3556 [ 96191579DDB1A201A2FB79C1D05680B4 ] 3ware C:\Windows\system32\drivers\3ware.sys
21:00:34.0956 3556 3ware - ok
21:00:34.0971 3556 [ 682595B152AA55B2237D40EB9A3271FC ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:00:34.0971 3556 ACPI - ok
21:00:34.0987 3556 [ 3A5DA97644B9E2662CFF186A8798519C ] acpiex C:\Windows\system32\Drivers\acpiex.sys
21:00:34.0987 3556 acpiex - ok
21:00:34.0987 3556 [ 87C4AE693CA8AB6E2A13B7C7453466DB ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
21:00:34.0987 3556 acpipagr - ok
21:00:35.0002 3556 [ C7D2BA04BA3C6CA702C2615A0C50469C ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
21:00:35.0002 3556 AcpiPmi - ok
21:00:35.0018 3556 [ 38E110C96B2ACAB4D9A701777C9BCD98 ] acpitime C:\Windows\System32\drivers\acpitime.sys
21:00:35.0018 3556 acpitime - ok
21:00:35.0065 3556 [ FB9ECE3F7B8A03E474E611031AD4CD23 ] ADIHdAudAddService C:\Windows\system32\drivers\ADIHdAud.sys
21:00:35.0080 3556 ADIHdAudAddService - ok
21:00:35.0174 3556 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
21:00:35.0174 3556 AdobeARMservice - ok
21:00:35.0283 3556 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:00:35.0283 3556 AdobeFlashPlayerUpdateSvc - ok
21:00:35.0361 3556 [ 2FE756FD6E0336990D0B3652A07EBB9B ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:00:35.0377 3556 adp94xx - ok
21:00:35.0392 3556 [ CC579EC50EE5435A4070306C0E4EF9E6 ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:00:35.0392 3556 adpahci - ok
21:00:35.0424 3556 [ 82743090D0259BF9F1373AD48372CBAC ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:00:35.0424 3556 adpu320 - ok
21:00:35.0455 3556 [ 12D23758621B00B8D3134095EC3325FD ] AEADIFilters C:\Windows\system32\AEADISRV.EXE
21:00:35.0470 3556 AEADIFilters - ok
21:00:35.0533 3556 [ 79CF09E53A6D3EF6851B6A779D4B18B3 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:00:35.0533 3556 AeLookupSvc - ok
21:00:35.0580 3556 [ 6043C72306D5C7B8BC823A1CC49F53B8 ] AFD C:\Windows\system32\drivers\afd.sys
21:00:35.0580 3556 AFD - ok
21:00:35.0580 3556 [ 6416F9B6B220F0A890525C38235AFAD7 ] AgereModemAudio C:\Program Files\LSI SoftModem\agrsmsvc.exe
21:00:35.0595 3556 AgereModemAudio - ok
21:00:35.0642 3556 [ 7560F465F1CE69C53BF17559EE195548 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
21:00:35.0642 3556 AgereSoftModem - ok
21:00:35.0673 3556 [ 73BB2C687305C4195ED7511587B041AA ] agp440 C:\Windows\system32\drivers\agp440.sys
21:00:35.0673 3556 agp440 - ok
21:00:35.0720 3556 [ B5A707E902BE5FC9B93C389FBA6EDF9C ] ALG C:\Windows\System32\alg.exe
21:00:35.0720 3556 ALG - ok
21:00:35.0782 3556 [ 8F12F6811F8C4C248E2FAA8779C6FCFE ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
21:00:35.0782 3556 AllUserInstallAgent - ok
21:00:35.0845 3556 [ E44885EA3E89A54BF14C78892CE85EA0 ] amdagp C:\Windows\system32\drivers\amdagp.sys
21:00:35.0845 3556 amdagp - ok
21:00:35.0876 3556 [ E546E3E390EFD4C2AB908E29C5BEA55D ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
21:00:35.0876 3556 AmdK8 - ok
21:00:35.0892 3556 [ DF8CD36E27310F425A7ABB586AB05550 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
21:00:35.0892 3556 AmdPPM - ok
21:00:35.0892 3556 [ 8D5D89177552EDFD5C9730CCE79F7FCC ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:00:35.0892 3556 amdsata - ok
21:00:35.0923 3556 [ 5725597CF5E002FB665C6C69787DAA8A ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
21:00:35.0923 3556 amdsbs - ok
21:00:35.0923 3556 [ FB336B5F110770CF22F6BFEB1906E773 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:00:35.0923 3556 amdxata - ok
21:00:35.0938 3556 [ CB3613E82A5B058AB6A69846B0DDC6C5 ] AppID C:\Windows\system32\drivers\appid.sys
21:00:35.0938 3556 AppID - ok
21:00:35.0970 3556 [ 721C445A7EE59589B26EE0DC767A7967 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:00:35.0970 3556 AppIDSvc - ok
21:00:36.0001 3556 [ 9EC93DFD472298D7006627C5F81DE250 ] Appinfo C:\Windows\System32\appinfo.dll
21:00:36.0001 3556 Appinfo - ok
21:00:36.0001 3556 [ 8F0F777B167CADDF9D206180B8558433 ] AppMgmt C:\Windows\System32\appmgmts.dll
21:00:36.0016 3556 AppMgmt - ok
21:00:36.0016 3556 [ A0982052EE6B01DC9B0CB7FEFD13040F ] arc C:\Windows\system32\drivers\arc.sys
21:00:36.0016 3556 arc - ok
21:00:36.0032 3556 [ 7E17A734B0D33B8F9287F28F1C583DD7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:00:36.0032 3556 arcsas - ok
21:00:36.0063 3556 [ B9FE438B3CAD82B2014710349A2022F7 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
21:00:36.0063 3556 aswFsBlk - ok
21:00:36.0079 3556 [ AE5549DD21F6DE06406031EF1D51ACC3 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
21:00:36.0079 3556 aswMonFlt - ok
21:00:36.0094 3556 [ A29EF1A46E110F392588F7395BB55F32 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
21:00:36.0094 3556 aswRdr - ok
21:00:36.0110 3556 [ FA72FA503F580C3C628DD8C7D7622E37 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
21:00:36.0110 3556 aswRvrt - ok
21:00:36.0141 3556 [ 4D53349D848C6BADB3D4ACBE98C27676 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
21:00:36.0141 3556 aswSnx - ok
21:00:36.0157 3556 [ 813024DFD54A41B3AFAE2B1E2796CB80 ] aswSP C:\Windows\system32\drivers\aswSP.sys
21:00:36.0157 3556 aswSP - ok
21:00:36.0172 3556 [ 5E18413310134130D7772F0668698CB7 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
21:00:36.0172 3556 aswTdi - ok
21:00:36.0219 3556 [ A5F637D61719D37A5B4868C385E363C0 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
21:00:36.0219 3556 aswVmm - ok
21:00:36.0235 3556 [ E12BC771325E70C2A875136B0BAF491E ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:00:36.0235 3556 AsyncMac - ok
21:00:36.0266 3556 [ 48D8C3F2006698691F5AE0BB595FDCC8 ] atapi C:\Windows\system32\drivers\atapi.sys
21:00:36.0266 3556 atapi - ok
21:00:36.0360 3556 [ 5D0B3D0338741C022DDF2E62C179901F ] ATService C:\Program Files\Fingerprint Sensor\AtService.exe
21:00:36.0375 3556 ATService - ok
21:00:36.0453 3556 [ A4A081BCF29A13141A02F36E6C19B56C ] ATSwpWDF C:\Windows\System32\Drivers\ATSwpWDF.sys
21:00:36.0453 3556 ATSwpWDF - ok
21:00:36.0516 3556 [ 252EB0813E33927F6BFD1223F0B3CD2F ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
21:00:36.0516 3556 AudioEndpointBuilder - ok
21:00:36.0547 3556 [ C6283C0BEB1E2CCE58F0703DCAB13987 ] Audiosrv C:\Windows\System32\Audiosrv.dll
21:00:36.0562 3556 Audiosrv - ok
21:00:36.0640 3556 [ 9330941C8F6DF417F6DBBE998DB6687E ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:00:36.0640 3556 avast! Antivirus - ok
21:00:36.0703 3556 [ 3F642D45EC0BE2E4843C35A2A1AA93D5 ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:00:36.0703 3556 AxInstSV - ok
21:00:36.0781 3556 [ 81BE5C97BADA05A17525F7F96C8AEF1C ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
21:00:36.0781 3556 b57nd60x - ok
21:00:36.0843 3556 [ A96A499B6C931B7242D964D5D695A506 ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
21:00:36.0859 3556 BasicDisplay - ok
21:00:36.0874 3556 [ D313E4D7DF0187CEDA121793F937EA89 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
21:00:36.0874 3556 BasicRender - ok
21:00:36.0906 3556 [ C63A675938990568FB78E366C5E4CACB ] BDESVC C:\Windows\System32\bdesvc.dll
21:00:36.0921 3556 BDESVC - ok
21:00:36.0937 3556 [ E53DDF8C101E3CB6A0483D592A8CC476 ] Beep C:\Windows\system32\drivers\Beep.sys
21:00:36.0937 3556 Beep - ok
21:00:36.0952 3556 [ E53E0DE96BE9EABD01F7D26D2DD40236 ] BFE C:\Windows\System32\bfe.dll
21:00:36.0968 3556 BFE - ok
21:00:37.0046 3556 [ 6723B30920D4371367F468DF6061A7E9 ] BITS C:\Windows\System32\qmgr.dll
21:00:37.0062 3556 BITS - ok
21:00:37.0108 3556 [ D7148E90581185DB2CC6A2EED9C8281C ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:00:37.0108 3556 bowser - ok
21:00:37.0171 3556 [ 00F71A3AF06D56430DF0E9458668F04F ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
21:00:37.0171 3556 BrokerInfrastructure - ok
21:00:37.0202 3556 [ 771EE7009E428CCC3476838CB22DBA8D ] Browser C:\Windows\System32\browser.dll
21:00:37.0202 3556 Browser - ok
21:00:37.0218 3556 [ 6FCAE779413713A4E433BC1DCFE5DBB2 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
21:00:37.0218 3556 BthAvrcpTg - ok
21:00:37.0264 3556 [ 17D4AA75DA616992763E7398DE43CFD3 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
21:00:37.0280 3556 BthEnum - ok
21:00:37.0311 3556 [ 3EEEA1B69C16A8D159B53896EC78420C ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
21:00:37.0311 3556 BthHFEnum - ok
21:00:37.0327 3556 [ 64FA4CDA349E8B3E184EB036E114CBC9 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
21:00:37.0327 3556 bthhfhid - ok
21:00:37.0374 3556 [ 0C706A8B022A44413F6C36ECEAAA2838 ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
21:00:37.0374 3556 BTHMODEM - ok
21:00:37.0389 3556 [ 0233CC205AD2480B707CF5F30BA7F6FE ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
21:00:37.0389 3556 BthPan - ok
21:00:37.0467 3556 [ 972CF63CED8EF3F942DF84F742A646EC ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
21:00:37.0483 3556 BTHPORT - ok
21:00:37.0545 3556 [ 171AF9795CABEC4985D45640D3A5F8F0 ] bthserv C:\Windows\system32\bthserv.dll
21:00:37.0545 3556 bthserv - ok
21:00:37.0608 3556 [ B537C59F6D89D61481408A66FFA72951 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
21:00:37.0608 3556 BTHUSB - ok
21:00:37.0670 3556 [ EE0759239E448426EEF240A73AC45EAC ] Cam5603C C:\Windows\System32\Drivers\Bs350u2.sys
21:00:37.0686 3556 Cam5603C - ok
21:00:37.0733 3556 [ 00B4FA77732C7823D292ECD672660882 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:00:37.0733 3556 cdfs - ok
21:00:37.0764 3556 [ 4E707EC5071DD8F5C29A7410780BD4C3 ] cdrom C:\Windows\System32\drivers\cdrom.sys
21:00:37.0764 3556 cdrom - ok
21:00:37.0795 3556 [ BAEE72BFBEC7B96AA85F861A6F4FE428 ] CertPropSvc C:\Windows\System32\certprop.dll
21:00:37.0795 3556 CertPropSvc - ok
21:00:37.0826 3556 [ 17BE1CB162768E886B2BBA63F8B89371 ] circlass C:\Windows\System32\drivers\circlass.sys
21:00:37.0826 3556 circlass - ok
21:00:37.0857 3556 [ D5370A0D3A8F7E531FE9BA3E3C81BAC8 ] CLFS C:\Windows\system32\drivers\CLFS.sys
21:00:37.0857 3556 CLFS - ok
21:00:37.0873 3556 [ 16744C84320D33880E38DF7409585EBF ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
21:00:37.0873 3556 CmBatt - ok
21:00:37.0888 3556 [ FC5C6FC2D889D34CDFE50ECBCE0EDDD6 ] CNG C:\Windows\system32\Drivers\cng.sys
21:00:37.0888 3556 CNG - ok
21:00:37.0951 3556 [ E65DF0F65ECD3F74012C5C6D4F0523FD ] cnghwassist C:\Windows\system32\DRIVERS\cnghwassist.sys
21:00:37.0951 3556 cnghwassist - ok
21:00:38.0044 3556 [ C7A0E61D5714AC20DE52D4F66EC773B8 ] Com4QLBEx C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
21:00:38.0044 3556 Com4QLBEx - ok
21:00:38.0060 3556 [ 357444DE560252A907F8B687005B3DCA ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
21:00:38.0060 3556 CompositeBus - ok
21:00:38.0076 3556 COMSysApp - ok
21:00:38.0107 3556 [ F1B79B7B595B0D7990756C12FA64F00E ] condrv C:\Windows\system32\drivers\condrv.sys
21:00:38.0107 3556 condrv - ok
21:00:38.0138 3556 [ D01F685F8B4598D144B0CCE9FF95D8D5 ] cpudrv C:\Program Files\SystemRequirementsLab\cpudrv.sys
21:00:38.0138 3556 cpudrv - ok
21:00:38.0201 3556 [ 42EAE3259F8F39C7E22D0F385DBFADA9 ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:00:38.0201 3556 CryptSvc - ok
21:00:38.0247 3556 [ 8AF45624AD6EA2F4D44B06E7E06983AD ] CSC C:\Windows\system32\drivers\csc.sys
21:00:38.0247 3556 CSC - ok
21:00:38.0278 3556 [ A36C84BAC3128A6A3F41136A6ED426B1 ] CscService C:\Windows\System32\cscsvc.dll
21:00:38.0294 3556 CscService - ok
21:00:38.0341 3556 [ 05107EAC6D02D8789BABB79199152BC6 ] dam C:\Windows\system32\drivers\dam.sys
21:00:38.0341 3556 dam - ok
21:00:38.0419 3556 [ BCD3562ACB27B8137BF809F61BA44E80 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:00:38.0450 3556 DcomLaunch - ok
21:00:38.0513 3556 [ 3D36FBE5ABAF0D531085C5D3381DC770 ] defragsvc C:\Windows\System32\defragsvc.dll
21:00:38.0528 3556 defragsvc - ok
21:00:38.0559 3556 [ E5935B79D5AE9288AEB72487E1A1B662 ] DeviceAssociationService C:\Windows\system32\das.dll
21:00:38.0559 3556 DeviceAssociationService - ok
21:00:38.0606 3556 [ D87B33F7F58822B431320769FD1668D8 ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
21:00:38.0622 3556 DeviceInstall - ok
21:00:38.0669 3556 [ B21FDAC50FCD4CE53C203F097273532A ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
21:00:38.0684 3556 Dfsc - ok
21:00:38.0715 3556 [ D8FF12C3C892A707FE84BF457AFBD46C ] Dhcp C:\Windows\system32\dhcpcore.dll
21:00:38.0715 3556 Dhcp - ok
21:00:38.0731 3556 [ C0C87CCE88C4532B575AD60A95E7FD57 ] discache C:\Windows\system32\drivers\discache.sys
21:00:38.0731 3556 discache - ok
21:00:38.0731 3556 [ 4E3237D8266580412CCA774321056111 ] disk C:\Windows\system32\drivers\disk.sys
21:00:38.0731 3556 disk - ok
21:00:38.0762 3556 [ 9B20A9DB154249E0E40036BC8BDC3E38 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
21:00:38.0762 3556 dmvsc - ok
21:00:38.0825 3556 [ 1626A054AE163343B80C8EECA51FDB26 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:00:38.0840 3556 Dnscache - ok
21:00:38.0871 3556 [ 7F0C01E0C0BB063136DF09845FFC4CE1 ] dot3svc C:\Windows\System32\dot3svc.dll
21:00:38.0871 3556 dot3svc - ok
21:00:38.0903 3556 [ 07D96198AFB530CF4A0A9B5C0E49073F ] DPS C:\Windows\system32\dps.dll
21:00:38.0903 3556 DPS - ok
21:00:38.0965 3556 [ E48E86694E57723C67478F3AC082D42B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:00:38.0965 3556 drmkaud - ok
21:00:39.0059 3556 [ 0EF9D082E38EC861DD4886896666103B ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
21:00:39.0074 3556 DsmSvc - ok
21:00:39.0137 3556 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\Windows\System32\drivers\dtsoftbus01.sys
21:00:39.0152 3556 dtsoftbus01 - ok
21:00:39.0339 3556 [ 124BFF0C570E00C5BA27B13BB16600B7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:00:39.0339 3556 DXGKrnl - ok
21:00:39.0402 3556 [ 59ECF01342E0CDB726C7948E36A43309 ] EapHost C:\Windows\System32\eapsvc.dll
21:00:39.0402 3556 EapHost - ok
21:00:39.0480 3556 [ 747ED861374E5589EE56D28E01BDCFE1 ] EFS C:\Windows\System32\lsass.exe
21:00:39.0480 3556 EFS - ok
21:00:39.0542 3556 [ BC7119CF5B5BC9F54C8FAE221C3227F2 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
21:00:39.0542 3556 EhStorClass - ok
21:00:39.0573 3556 [ 1A5945FA87A05A97A1175657B7BA4EDB ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
21:00:39.0573 3556 EhStorTcgDrv - ok
21:00:39.0620 3556 [ 539CA34FBC74EC366A0D751028C32A08 ] epmntdrv C:\Windows\system32\epmntdrv.sys
21:00:39.0636 3556 epmntdrv - ok
21:00:39.0651 3556 [ 8B22B788A329645F08AB4F86B9580AF3 ] ErrDev C:\Windows\System32\drivers\errdev.sys
21:00:39.0651 3556 ErrDev - ok
21:00:39.0667 3556 [ 1F2F4AB15CE03ECC257FEB2F6DC5A013 ] EuGdiDrv C:\Windows\system32\EuGdiDrv.sys
21:00:39.0667 3556 EuGdiDrv - ok
21:00:39.0745 3556 [ 39FB0D2C74D4201F01BA30D06162525A ] EventSystem C:\Windows\system32\es.dll
21:00:39.0761 3556 EventSystem - ok
21:00:39.0870 3556 [ 00FA69825F68032B601AA1C60E75F06A ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
21:00:39.0885 3556 EvtEng - ok
21:00:39.0948 3556 [ B60B2A0E110D640440263268FC02C726 ] exfat C:\Windows\system32\drivers\exfat.sys
21:00:39.0948 3556 exfat - ok
21:00:39.0979 3556 [ C8B18803E1521225BDBA86B5F7D2E9FC ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:00:39.0979 3556 fastfat - ok
21:00:40.0057 3556 [ 22A38E2F78153AB500482FD0D4A9DB65 ] Fax C:\Windows\system32\fxssvc.exe
21:00:40.0073 3556 Fax - ok
21:00:40.0104 3556 [ 9709867A1354A4D10046ADE31DA67511 ] fdc C:\Windows\System32\drivers\fdc.sys
21:00:40.0104 3556 fdc - ok
21:00:40.0119 3556 [ E099DF1CE3285FCA613AF84D792DBC15 ] fdPHost C:\Windows\system32\fdPHost.dll
21:00:40.0135 3556 fdPHost - ok
21:00:40.0135 3556 [ 141B98F42D71B4F5CFB0D8D4769FBA0C ] FDResPub C:\Windows\system32\fdrespub.dll
21:00:40.0135 3556 FDResPub - ok
21:00:40.0166 3556 [ 75846E35191416EF2ED3D9893CD9EBC7 ] fhsvc C:\Windows\system32\fhsvc.dll
21:00:40.0166 3556 fhsvc - ok
21:00:40.0244 3556 [ 1018AE04A4D36BA60247C2C22D7BA7D1 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:00:40.0244 3556 FileInfo - ok
21:00:40.0260 3556 [ 3A2F87EF4400B5E542E2C2BA8FAB4222 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:00:40.0260 3556 Filetrace - ok
21:00:40.0275 3556 [ F37314C92AB8C876DB478A36A6D9FF0E ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
21:00:40.0275 3556 flpydisk - ok
21:00:40.0291 3556 [ 13C0B6F6EFD0D5C6871C07B56CB5403D ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:00:40.0291 3556 FltMgr - ok
21:00:40.0369 3556 [ 3DB1B88F7BFABFAB2609D278EA241DEF ] FontCache C:\Windows\system32\FntCache.dll
21:00:40.0400 3556 FontCache - ok
21:00:40.0525 3556 [ 2AAF650823623D89B5FE5C399FC5D1BD ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:00:40.0525 3556 FontCache3.0.0.0 - ok
21:00:40.0541 3556 FreshIO - ok
21:00:40.0572 3556 [ 16D4CC9AE485BC60B6AE026FF2497DE8 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:00:40.0572 3556 FsDepends - ok
21:00:40.0587 3556 [ 28E64CAC27FE3A7CA34E2F93E9A8092A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:00:40.0587 3556 Fs_Rec - ok
21:00:40.0650 3556 [ D49DB3B4F82296B3BDF3336442A10516 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:00:40.0665 3556 fvevol - ok
21:00:40.0697 3556 [ BD9C0C40ED4DEB4FC7562DD62FA18FD7 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
21:00:40.0697 3556 FxPPM - ok
21:00:40.0697 3556 [ B5AD0B13AD7FD1C749FC45D81392B9DF ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:00:40.0697 3556 gagp30kx - ok
21:00:40.0743 3556 [ A9608FF3B1B577BFC969A7B6797B1FC1 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
21:00:40.0743 3556 gencounter - ok
21:00:40.0790 3556 [ 93CA4D9A0433BE0EDD0B9F2F26D5E54C ] ggflt C:\Windows\System32\drivers\ggflt.sys
21:00:40.0790 3556 ggflt - ok
21:00:40.0821 3556 [ 17E678AAB82CCDFB80E7614504933895 ] ggsemc C:\Windows\System32\drivers\ggsemc.sys
21:00:40.0821 3556 ggsemc - ok
21:00:40.0884 3556 [ 9F3695F4FAEA73BE6D0BA856C4D5C3BD ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
21:00:40.0884 3556 GPIOClx0101 - ok
21:00:40.0962 3556 [ B13CCD3028A44C6E16E03A3E1AD95FA4 ] gpsvc C:\Windows\System32\gpsvc.dll
21:00:40.0993 3556 gpsvc - ok
21:00:41.0087 3556 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
21:00:41.0087 3556 gupdate - ok
21:00:41.0102 3556 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
21:00:41.0102 3556 gupdatem - ok
21:00:41.0149 3556 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
21:00:41.0149 3556 gusvc - ok
21:00:41.0211 3556 [ C172F0D0329E46513B09E1FC60A27B9D ] HBtnKey C:\Windows\system32\DRIVERS\cpqbttn.sys
21:00:41.0211 3556 HBtnKey - ok
21:00:41.0258 3556 [ 0E3FC2062E796F6A9B1ED995E1CBB25E ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
21:00:41.0258 3556 HDAudBus - ok
21:00:41.0289 3556 [ 8CBCFA78D2B43CCC23BF5A4C09A700CA ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
21:00:41.0289 3556 HidBatt - ok
21:00:41.0305 3556 [ 9AF33AB459FE639783CF7CDBFFC7A449 ] HidBth C:\Windows\System32\drivers\hidbth.sys
21:00:41.0321 3556 HidBth - ok
21:00:41.0336 3556 [ D96C09F3C4A9C642C06089481F375C2D ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
21:00:41.0336 3556 hidi2c - ok
21:00:41.0352 3556 [ 11A4D12F4CADD18CDA334C2756FE450A ] HidIr C:\Windows\System32\drivers\hidir.sys
21:00:41.0352 3556 HidIr - ok
21:00:41.0399 3556 [ C0A9999E5B4C1953C6B07CD9105B41FD ] hidserv C:\Windows\system32\hidserv.dll
21:00:41.0399 3556 hidserv - ok
21:00:41.0414 3556 [ 1887E321B54832AD18CB0867DE359EE3 ] HidUsb C:\Windows\System32\drivers\hidusb.sys
21:00:41.0414 3556 HidUsb - ok
21:00:41.0477 3556 [ 40AAA716A3F2E494E7F533C45DA3E7E8 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:00:41.0477 3556 hkmsvc - ok
21:00:41.0508 3556 [ F36978787320658EBE7F853B7FDEE5FA ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:00:41.0523 3556 HomeGroupListener - ok
21:00:41.0570 3556 [ EFC6EEA348478FBAFCF2B2D03DE0B127 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:00:41.0601 3556 HomeGroupProvider - ok
21:00:41.0648 3556 [ 1210960FF8928950D2A786895B0C424A ] HpqKbFiltr C:\Windows\System32\drivers\HpqKbFiltr.sys
21:00:41.0664 3556 HpqKbFiltr - ok
21:00:41.0726 3556 [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
21:00:41.0742 3556 hpqwmiex - ok
21:00:41.0789 3556 [ D7544353157E11864C00A48BC90EF183 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:00:41.0789 3556 HpSAMD - ok
21:00:41.0851 3556 [ A4D4F99BB5B32D967651E77288384678 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:00:41.0867 3556 HTTP - ok
21:00:41.0882 3556 [ 4A3E6732E5BEF6DF531A217B5EBB5C54 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:00:41.0882 3556 hwpolicy - ok
21:00:41.0898 3556 [ 0F819743721DFB5906734243ED0CE935 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
21:00:41.0898 3556 hyperkbd - ok
21:00:41.0913 3556 [ A14A2EBA22929901F64B496C1D555982 ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
21:00:41.0913 3556 HyperVideo - ok
21:00:41.0929 3556 [ 11EDC37780E8A2F8E311D73F7658A4D7 ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
21:00:41.0929 3556 i8042prt - ok
21:00:42.0147 3556 [ 0D2BCE63A792B6FE1B2B6B98137D3E1F ] ialm C:\Windows\system32\DRIVERS\igxpmp32.sys
21:00:42.0194 3556 ialm - ok
21:00:42.0241 3556 [ C444F83C318BE18719DC1FDAEFF10898 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:00:42.0241 3556 iaStorV - ok
21:00:42.0428 3556 [ 1F50623259DF354776DF04C56504A2D7 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
21:00:42.0459 3556 igfx - ok
21:00:42.0615 3556 [ 7BB542C7156FA72CC83C1177BB190F94 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:00:42.0615 3556 iirsp - ok
21:00:42.0896 3556 [ C11ABA489324651697A23ACC84D744D2 ] IKEEXT C:\Windows\System32\ikeext.dll
21:00:42.0927 3556 IKEEXT - ok
21:00:42.0959 3556 [ A43BC9416741ABEA2B8DF60D2C0EA6A2 ] intelide C:\Windows\system32\drivers\intelide.sys
21:00:42.0959 3556 intelide - ok
21:00:42.0974 3556 [ 9081A954273763F0AC25DE0C2B2DB593 ] intelppm C:\Windows\System32\drivers\intelppm.sys
21:00:42.0974 3556 intelppm - ok
21:00:43.0005 3556 [ AB308167857138B84E4DECDF2000DD27 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:00:43.0005 3556 IpFilterDriver - ok
21:00:43.0083 3556 [ BA07258793CC554B38A78018730AFC43 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:00:43.0099 3556 iphlpsvc - ok
21:00:43.0115 3556 [ 7E4FEE6D5C5BC52199C481DAC564FE43 ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
21:00:43.0115 3556 IPMIDRV - ok
21:00:43.0193 3556 [ 57B0C0D982013C72911A3F5CBA795034 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:00:43.0193 3556 IPNAT - ok
21:00:43.0224 3556 [ 9D6DB34476AC6448B3CA59D8676F7CE6 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:00:43.0224 3556 IRENUM - ok
21:00:43.0239 3556 [ 2E1347C9CC7DDB43183AF725135ACF0D ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:00:43.0239 3556 isapnp - ok
21:00:43.0286 3556 [ 0E3BDF6F27031D5BBC030E14EB7EACCB ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
21:00:43.0286 3556 iScsiPrt - ok
21:00:43.0286 3556 [ 4533BE9F8D67BDCF5FECA87DCC345448 ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
21:00:43.0286 3556 kbdclass - ok
21:00:43.0302 3556 [ 8F73A6DAEF7F7D102FBBA6F3EBC47F97 ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
21:00:43.0302 3556 kbdhid - ok
21:00:43.0302 3556 [ F7E302012680B0617C904B58594E0376 ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
21:00:43.0317 3556 kdnic - ok
21:00:43.0349 3556 [ 747ED861374E5589EE56D28E01BDCFE1 ] KeyIso C:\Windows\system32\lsass.exe
21:00:43.0349 3556 KeyIso - ok
21:00:43.0364 3556 [ 65AE68224E27425871354430E542252A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:00:43.0364 3556 KSecDD - ok
21:00:43.0380 3556 [ 6FABC01A91D5F2D5B4DAD2F5F1C6C249 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:00:43.0380 3556 KSecPkg - ok
21:00:43.0442 3556 [ C2ADC979C11A858949ECC1B9233B884C ] KtmRm C:\Windows\system32\msdtckrm.dll
21:00:43.0458 3556 KtmRm - ok
21:00:43.0520 3556 [ 57BA03D561180AFABCB812A57704BFA7 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:00:43.0551 3556 LanmanServer - ok
21:00:43.0598 3556 [ 7867CD2CC05D8B1377DC7FEE93716015 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:00:43.0629 3556 LanmanWorkstation - ok
21:00:43.0645 3556 [ AD581D8BA8C2CE46933D44392BA35C24 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:00:43.0645 3556 lltdio - ok
21:00:43.0692 3556 [ BCDCFD2C2115334419EF025C533AB6C5 ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:00:43.0707 3556 lltdsvc - ok
21:00:43.0739 3556 [ FBA8BDF947B5289E85324F00043CC5D8 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:00:43.0754 3556 lmhosts - ok
21:00:43.0817 3556 [ 6B01CB678E1E390CEA9514D4774EFB51 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:00:43.0817 3556 LSI_SAS - ok
21:00:43.0832 3556 [ 4C3AFBA9ED36535313054AC26532E9DE ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
21:00:43.0832 3556 LSI_SAS2 - ok
21:00:43.0848 3556 [ 0715DC27611C202D04BC0365D666DD27 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:00:43.0848 3556 LSI_SCSI - ok
21:00:43.0863 3556 [ DB6B9554AA4F83212E80D5107D8C53EE ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
21:00:43.0863 3556 LSI_SSS - ok
21:00:43.0895 3556 [ 2ED5C59FF66818436934724FE443FBB7 ] LSM C:\Windows\System32\lsm.dll
21:00:43.0895 3556 LSM - ok
21:00:43.0926 3556 [ F731770C339FEB6563397D410793A756 ] luafv C:\Windows\system32\drivers\luafv.sys
21:00:43.0926 3556 luafv - ok
21:00:43.0957 3556 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
21:00:43.0957 3556 MBAMProtector - ok
21:00:44.0019 3556 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:00:44.0019 3556 MBAMScheduler - ok
21:00:44.0051 3556 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
21:00:44.0051 3556 MBAMService - ok
21:00:44.0082 3556 [ 125C3C5A315500A1AD54F0B4766AF815 ] megasas C:\Windows\system32\drivers\megasas.sys
21:00:44.0082 3556 megasas - ok
21:00:44.0129 3556 [ 05457CC7F5586C6E8D02FFA7F23FCEDF ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
21:00:44.0129 3556 MegaSR - ok
21:00:44.0207 3556 Microsoft SharePoint Workspace Audit Service - ok
21:00:44.0253 3556 [ D3C9785D97C09EE702FC06BDE74C7FE0 ] MMCSS C:\Windows\system32\mmcss.dll
21:00:44.0269 3556 MMCSS - ok
21:00:44.0285 3556 [ 049E433162AFE9B08C05D81D2C62CD61 ] Modem C:\Windows\system32\drivers\modem.sys
21:00:44.0285 3556 Modem - ok
21:00:44.0300 3556 [ 7E93949414DA50029E2B5746AD8BB3A3 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:00:44.0300 3556 monitor - ok
21:00:44.0316 3556 [ 9D3F069A705325E7B7CEA36BFB65E616 ] mouclass C:\Windows\System32\drivers\mouclass.sys
21:00:44.0316 3556 mouclass - ok
21:00:44.0316 3556 [ A6BA920D42A6154B3F272F4290D33B48 ] mouhid C:\Windows\System32\drivers\mouhid.sys
21:00:44.0316 3556 mouhid - ok
21:00:44.0331 3556 [ 13D8E3077EF0AE583F4634236D9A0992 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:00:44.0331 3556 mountmgr - ok
21:00:44.0331 3556 [ C8D0E7A4C5033EF0A7DD076F08CF2F70 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:00:44.0331 3556 mpsdrv - ok
21:00:44.0378 3556 [ 0D99C0E7582A42AFEE071A8558520155 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:00:44.0394 3556 MpsSvc - ok
21:00:44.0409 3556 [ 329E3ACBFC616666D3D04C6FDC1B71E0 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:00:44.0425 3556 MRxDAV - ok
21:00:44.0472 3556 [ 7E23F6BFB65A90F42359D803D1F335A3 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:00:44.0487 3556 mrxsmb - ok
21:00:44.0519 3556 [ B9F3DA35CDE171B5CBA70319AD7D5E59 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:00:44.0519 3556 mrxsmb10 - ok
21:00:44.0534 3556 [ BDF3BD11E6839190E1F70664B7CD2705 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:00:44.0534 3556 mrxsmb20 - ok
21:00:44.0643 3556 [ 61E23CF0A54EDBAE5CFE3322E960ECC9 ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
21:00:44.0643 3556 MsBridge - ok
21:00:44.0706 3556 [ 37594E0C3119827CA7F8D16D187239E0 ] MSDTC C:\Windows\System32\msdtc.exe
21:00:44.0721 3556 MSDTC - ok
21:00:44.0737 3556 [ 651DEF4337DD77E6A607CEE49D3C4B30 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:00:44.0737 3556 Msfs - ok
21:00:44.0768 3556 [ C660BE16B4201D1D48CFDF14F8BDB93E ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
21:00:44.0768 3556 msgpiowin32 - ok
21:00:44.0799 3556 [ 26BBD77D23FFABB14C3291A1B8555EA5 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:00:44.0799 3556 mshidkmdf - ok
21:00:44.0815 3556 [ 51808FEF911B77758A6CF7CEB469AF9E ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
21:00:44.0815 3556 mshidumdf - ok
21:00:44.0815 3556 [ F103DF830D370B7535FDA3D477C8D8A0 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:00:44.0815 3556 msisadrv - ok
21:00:44.0877 3556 [ 2C777DD7FD2340F9F9F8BD76B9810956 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:00:44.0877 3556 MSiSCSI - ok
21:00:44.0877 3556 msiserver - ok
21:00:44.0893 3556 [ 3FCF6AA904516872CF70ED248F86889B ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:00:44.0893 3556 MSKSSRV - ok

[RudolfIV]

Zpráva byla moc velká, tak je rozdělená

21:00:44.0924 3556 [ 10C229EAC28FDB8550EE93D955932F83 ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
21:00:44.0924 3556 MsLldp - ok
21:00:44.0924 3556 [ BA786F089895196E18120F66F996A3D2 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:00:44.0924 3556 MSPCLOCK - ok
21:00:44.0940 3556 [ 362950A5F7B1794DA9CB985AF7BBCC4B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:00:44.0940 3556 MSPQM - ok
21:00:44.0971 3556 [ 79A14AB6C6A5B01E9CE99937D1304D13 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:00:44.0971 3556 MsRPC - ok
21:00:44.0987 3556 [ A819A3006C27870AF05E408AD06FACFF ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
21:00:44.0987 3556 mssmbios - ok
21:00:44.0987 3556 [ FB1D61A2998A5C4456C6B73DD41D5352 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:00:44.0987 3556 MSTEE - ok
21:00:45.0002 3556 [ 3CC687876469F0FD3B2D936FA7A6EC59 ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
21:00:45.0002 3556 MTConfig - ok
21:00:45.0018 3556 [ 6779B2A319A563C68B56DE8491E9EA76 ] Mup C:\Windows\system32\Drivers\mup.sys
21:00:45.0018 3556 Mup - ok
21:00:45.0049 3556 [ 1DEF95DC467131BF4AB52A8F72C42D89 ] mvumis C:\Windows\system32\drivers\mvumis.sys
21:00:45.0049 3556 mvumis - ok
21:00:45.0111 3556 [ 34FEF8CBBD7C4FACDD6AB68E39E02062 ] napagent C:\Windows\system32\qagentRT.dll
21:00:45.0127 3556 napagent - ok
21:00:45.0158 3556 [ D48E3B33BD911BA28413A4337456724F ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:00:45.0158 3556 NativeWifiP - ok
21:00:45.0314 3556 [ E0E4A1F81A7D69C595A8A9DDAD084C19 ] NAUpdate C:\Program Files\Nero\Update\NASvc.exe
21:00:45.0330 3556 NAUpdate - ok
21:00:45.0392 3556 [ 4B947B7F1ADCF1AE86B0EB717D55CE0C ] NcaSvc C:\Windows\System32\ncasvc.dll
21:00:45.0408 3556 NcaSvc - ok
21:00:45.0439 3556 [ 466C47B1335533884C06CA88D073B759 ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
21:00:45.0439 3556 NcdAutoSetup - ok
21:00:45.0517 3556 [ C1068477FA29568D8C4AC262AF594871 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:00:45.0533 3556 NDIS - ok
21:00:45.0564 3556 [ 9B8BC481DEEAA07C51DA214D2CEF2FC9 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:00:45.0564 3556 NdisCap - ok
21:00:45.0595 3556 [ 1EA68DB9E05248EF9B940D6D0A0725B3 ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
21:00:45.0595 3556 NdisImPlatform - ok
21:00:45.0595 3556 [ 2964220E48230056BBF6D4CED10BF117 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:00:45.0595 3556 NdisTapi - ok
21:00:45.0611 3556 [ DDC67239BFE82DC5A878039B464B1968 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:00:45.0611 3556 Ndisuio - ok
21:00:45.0626 3556 [ 556DB924D61BC4A5E0F95D383E9B1009 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:00:45.0626 3556 NdisWan - ok
21:00:45.0626 3556 [ 556DB924D61BC4A5E0F95D383E9B1009 ] NDISWANLEGACY C:\Windows\system32\DRIVERS\ndiswan.sys
21:00:45.0626 3556 NDISWANLEGACY - ok
21:00:45.0642 3556 [ 9C05D1F7D2ED34D5F3653386B33637FA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:00:45.0642 3556 NDProxy - ok
21:00:45.0657 3556 [ 583F95CEFCD5D896B5531BD338030401 ] Ndu C:\Windows\system32\drivers\Ndu.sys
21:00:45.0657 3556 Ndu - ok
21:00:45.0657 3556 [ 4CA677A214248DB8227F8035B546F7D0 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:00:45.0657 3556 NetBIOS - ok
21:00:45.0689 3556 [ 303A053C25E468B9925C22288BEF8484 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:00:45.0689 3556 NetBT - ok
21:00:45.0704 3556 [ 747ED861374E5589EE56D28E01BDCFE1 ] Netlogon C:\Windows\system32\lsass.exe
21:00:45.0704 3556 Netlogon - ok
21:00:45.0767 3556 [ A54157CE7FF480834897CC0FA6DDF620 ] Netman C:\Windows\System32\netman.dll
21:00:45.0782 3556 Netman - ok
21:00:45.0813 3556 [ 2C58C6C773922EBCDF8580C22AB81790 ] netprofm C:\Windows\System32\netprofmsvc.dll
21:00:45.0829 3556 netprofm - ok
21:00:45.0969 3556 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:00:46.0016 3556 NetTcpPortSharing - ok
21:00:46.0266 3556 [ 2D8BE96190FBE41B27FEC87C63F4CDD4 ] netwlv32 C:\Windows\system32\DRIVERS\netwlv32.sys
21:00:46.0313 3556 netwlv32 - ok
21:00:46.0328 3556 [ 4B539272E9F5C3B8D9714D137FD340A6 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:00:46.0328 3556 nfrd960 - ok
21:00:46.0391 3556 [ CC5B6F39D39E43017B3C345AFC1F6C82 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:00:46.0422 3556 NlaSvc - ok
21:00:46.0469 3556 [ A00877C05933FBA8AFB3390DD72D4679 ] nmwcd C:\Windows\system32\drivers\ccdcmb.sys
21:00:46.0469 3556 nmwcd - ok
21:00:46.0531 3556 [ 9FF15F18E4E8758AC57BDB910D0238B3 ] nmwcdc C:\Windows\system32\drivers\ccdcmbo.sys
21:00:46.0531 3556 nmwcdc - ok
21:00:46.0593 3556 [ B0575681498D75E0C0432200702B4A0A ] nmwcdnsu C:\Windows\system32\drivers\nmwcdnsu.sys
21:00:46.0593 3556 nmwcdnsu - ok
21:00:46.0625 3556 [ 9699486E10F89163979FCD48A40FE805 ] nmwcdnsuc C:\Windows\system32\drivers\nmwcdnsuc.sys
21:00:46.0625 3556 nmwcdnsuc - ok
21:00:46.0687 3556 [ EAC569A77BE92B247FCA51E498B17DF1 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:00:46.0703 3556 Npfs - ok
21:00:46.0703 3556 [ 6E994702ED294CDBED7621590EC75735 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
21:00:46.0718 3556 npsvctrig - ok
21:00:46.0781 3556 [ 61C583D971CC3411CCD3D58704E9301B ] nsi C:\Windows\system32\nsisvc.dll
21:00:46.0796 3556 nsi - ok
21:00:46.0812 3556 [ 9588CCD14571FA22F8F2ECCF198AB448 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:00:46.0812 3556 nsiproxy - ok
21:00:46.0874 3556 [ 78541BBEC14065243D88D8958BB8AEC2 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:00:46.0890 3556 Ntfs - ok
21:00:46.0937 3556 [ 0F965AF67042AF539274738FFD0C8C71 ] Null C:\Windows\system32\drivers\Null.sys
21:00:46.0937 3556 Null - ok
21:00:46.0968 3556 [ BD23FF50A9A59AAF48052F5E7D0682B0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:00:46.0968 3556 nvraid - ok
21:00:46.0983 3556 [ 108DD54A5B1E73F583AF7DC94CCE52B8 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:00:46.0983 3556 nvstor - ok
21:00:47.0015 3556 [ 5ED87C9C51CFE59B1DDFF8290719E0E4 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:00:47.0015 3556 nv_agp - ok
21:00:47.0108 3556 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:00:47.0108 3556 ose - ok
21:00:47.0342 3556 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:00:47.0483 3556 osppsvc - ok
21:00:47.0545 3556 [ BB3916021D0AC8D33C02C1161B7A2621 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:00:47.0561 3556 p2pimsvc - ok
21:00:47.0592 3556 [ 433A776514D8A57DA92467991AE2FEFF ] p2psvc C:\Windows\system32\p2psvc.dll
21:00:47.0607 3556 p2psvc - ok
21:00:47.0654 3556 [ 8BCE63AF5B52642E832630F862DE96EF ] Parport C:\Windows\System32\drivers\parport.sys
21:00:47.0654 3556 Parport - ok
21:00:47.0670 3556 [ 14401940703A32D62EF015173D0DD008 ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:00:47.0685 3556 partmgr - ok
21:00:47.0701 3556 [ 49A439FEAB060F74B8EC7DBF44D4A7BA ] Parvdm C:\Windows\System32\drivers\parvdm.sys
21:00:47.0701 3556 Parvdm - ok
21:00:47.0717 3556 [ 1DAABA22886AB5568BF1527D35279895 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:00:47.0732 3556 PcaSvc - ok
21:00:47.0795 3556 [ F451DCACBAA67F3307305EBD4A39EA07 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
21:00:47.0795 3556 pccsmcfd - ok
21:00:47.0810 3556 [ EA828C84C8948D0E4994C1E0A45EB05F ] pci C:\Windows\system32\drivers\pci.sys
21:00:47.0810 3556 pci - ok
21:00:47.0841 3556 [ B4444133ED61F87FD49A2ADD28285115 ] pciide C:\Windows\system32\drivers\pciide.sys
21:00:47.0841 3556 pciide - ok
21:00:47.0857 3556 [ 6E11FDE71F2015007CDD4AE9D2D700C9 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:00:47.0857 3556 pcmcia - ok
21:00:47.0857 3556 [ 8A56B080B12950D448D556FE4BA6C68C ] pcw C:\Windows\system32\drivers\pcw.sys
21:00:47.0873 3556 pcw - ok
21:00:47.0873 3556 [ 810769DE828C28E986F9163B09EDEB66 ] pdc C:\Windows\system32\drivers\pdc.sys
21:00:47.0873 3556 pdc - ok
21:00:47.0904 3556 [ 50F9CC87D2F7DA89356C99B9F73580D6 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:00:47.0919 3556 PEAUTH - ok
21:00:48.0044 3556 [ D90D72035BA6DB320C9700E16552D0FE ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
21:00:48.0075 3556 PeerDistSvc - ok
21:00:48.0185 3556 [ CCF3E6C601D71A4CBB4C08B5591E5D26 ] pla C:\Windows\system32\pla.dll
21:00:48.0216 3556 pla - ok
21:00:48.0263 3556 [ D87B33F7F58822B431320769FD1668D8 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:00:48.0278 3556 PlugPlay - ok
21:00:48.0325 3556 [ 7BB1FAB338641C440FDCDEB8B243648A ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:00:48.0341 3556 PNRPAutoReg - ok
21:00:48.0356 3556 [ BB3916021D0AC8D33C02C1161B7A2621 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:00:48.0372 3556 PNRPsvc - ok
21:00:48.0434 3556 [ 226BAACBFA1BA1A4937935DBC23CB1CD ] Point32 C:\Windows\System32\drivers\point32.sys
21:00:48.0434 3556 Point32 - ok
21:00:48.0497 3556 [ 9DC57EB201F2F77E874084176EAD5BCF ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:00:48.0512 3556 PolicyAgent - ok
21:00:48.0590 3556 [ 4DF174DF7A1924273186F260DB63D162 ] Power C:\Windows\system32\umpo.dll
21:00:48.0621 3556 Power - ok
21:00:48.0668 3556 [ 03D522782A0BB5108C8A43A10EE51CB0 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:00:48.0668 3556 PptpMiniport - ok
21:00:48.0855 3556 [ 2D55A1BE48C6D5B695D05A829E528D42 ] PrintNotify C:\Windows\system32\spool\DRIVERS\W32X86\3\PrintConfig.dll
21:00:48.0933 3556 PrintNotify - ok
21:00:48.0965 3556 [ 03B982CAD4C2661076061F726200699E ] Processor C:\Windows\System32\drivers\processr.sys
21:00:48.0965 3556 Processor - ok
21:00:49.0011 3556 [ FEE5D89ABE17FBD24FE8A6FD91543316 ] ProfSvc C:\Windows\system32\profsvc.dll
21:00:49.0043 3556 ProfSvc - ok
21:00:49.0074 3556 [ 42E46DC7767F5AB664E3F6B36D9764AD ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:00:49.0074 3556 Psched - ok
21:00:49.0105 3556 [ 9D8D860A9CF57A47E0041C9BDA415130 ] QWAVE C:\Windows\system32\qwave.dll
21:00:49.0121 3556 QWAVE - ok
21:00:49.0167 3556 [ 29E548E1C511BFBE56FA6438488DE0E0 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:00:49.0167 3556 QWAVEdrv - ok
21:00:49.0183 3556 [ C07E9331431C78D41F30E62A15E1D324 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:00:49.0183 3556 RasAcd - ok
21:00:49.0245 3556 [ F63755B2DCE1BE7927F5CEAB7991EFED ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:00:49.0245 3556 RasAgileVpn - ok
21:00:49.0308 3556 [ 63A57B7DDF705E4D7D6B0FF86BDBBF96 ] RasAuto C:\Windows\System32\rasauto.dll
21:00:49.0323 3556 RasAuto - ok
21:00:49.0339 3556 [ 6E0649D7325D85C47C844EB3267E4625 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:00:49.0339 3556 Rasl2tp - ok
21:00:49.0370 3556 [ FA17FE26953E6B0DE7A5A966253869E9 ] RasMan C:\Windows\System32\rasmans.dll
21:00:49.0386 3556 RasMan - ok
21:00:49.0386 3556 [ 5BA6DB7AD04A8EADE0A41E6C8427582B ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:00:49.0386 3556 RasPppoe - ok
21:00:49.0401 3556 [ 3A421DDA09E3BF96E9D698D13FDC139E ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:00:49.0401 3556 RasSstp - ok
21:00:49.0433 3556 [ E0E033E0A8122FEC2AAF48B99EBC70F9 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:00:49.0433 3556 rdbss - ok
21:00:49.0448 3556 [ 4FB0345ADE5C2E15EA1A22F173E71D37 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
21:00:49.0448 3556 rdpbus - ok
21:00:49.0464 3556 [ 2CAD2A13569741C67CD9C52F97E0F992 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
21:00:49.0464 3556 RDPDR - ok
21:00:49.0479 3556 [ DD7A269C2E3CDEBDBC872A1BBB547FFD ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:00:49.0479 3556 RdpVideoMiniport - ok
21:00:49.0511 3556 [ EA0E833A1418C28E6085DFFA68731EA5 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:00:49.0511 3556 RDPWD - ok
21:00:49.0542 3556 [ 38A8012D03150D6852B9CDDB24280F1A ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:00:49.0557 3556 rdyboost - ok
21:00:49.0620 3556 [ 7031A7D5C3B773BFA14EA5956A18942A ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
21:00:49.0635 3556 RegSrvc - ok
21:00:49.0698 3556 [ 9F38A0A16958C33552C92EAE5AFC9E5F ] RemoteAccess C:\Windows\System32\mprdim.dll
21:00:49.0713 3556 RemoteAccess - ok
21:00:49.0776 3556 [ 8331C0CF128BD1A56440B2E82AAA5EB5 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:00:49.0791 3556 RemoteRegistry - ok
21:00:49.0807 3556 [ A2817ACF33596F3E097DDD4DF3190B7F ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
21:00:49.0807 3556 RFCOMM - ok
21:00:49.0838 3556 [ 34BBB60111AAB2BC2F17BCA77A803F20 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:00:49.0854 3556 RpcEptMapper - ok
21:00:49.0901 3556 [ A8DDFFFBA3F655C82AB5D4A249E4D414 ] RpcLocator C:\Windows\system32\locator.exe
21:00:49.0916 3556 RpcLocator - ok
21:00:49.0963 3556 [ BCD3562ACB27B8137BF809F61BA44E80 ] RpcSs C:\Windows\system32\rpcss.dll
21:00:49.0963 3556 RpcSs - ok
21:00:49.0994 3556 [ C7BD738B9BF45E797A6089AF946BAC47 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:00:49.0994 3556 rspndr - ok
21:00:50.0041 3556 [ E21867D4A8FF3824150E56979E333610 ] s3cap C:\Windows\System32\drivers\vms3cap.sys
21:00:50.0041 3556 s3cap - ok
21:00:50.0072 3556 [ 747ED861374E5589EE56D28E01BDCFE1 ] SamSs C:\Windows\system32\lsass.exe
21:00:50.0088 3556 SamSs - ok
21:00:50.0103 3556 [ 434F805B0B3840A52C19C96A7BB64AA3 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:00:50.0103 3556 sbp2port - ok
21:00:50.0166 3556 [ B1B737661EF9D779FEE8866CC38F7B98 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:00:50.0197 3556 SCardSvr - ok
21:00:50.0197 3556 [ 3F21FBE0550B41240B6A864F6C8C15E4 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:00:50.0197 3556 scfilter - ok
21:00:50.0244 3556 [ CDFE4C8A7AB71BD52B2804E5B4E9C4A2 ] Schedule C:\Windows\system32\schedsvc.dll
21:00:50.0275 3556 Schedule - ok
21:00:50.0322 3556 [ BAEE72BFBEC7B96AA85F861A6F4FE428 ] SCPolicySvc C:\Windows\System32\certprop.dll
21:00:50.0322 3556 SCPolicySvc - ok
21:00:50.0384 3556 [ 10446CEE425ACE208B99EC43FCADCAD1 ] sdbus C:\Windows\System32\drivers\sdbus.sys
21:00:50.0400 3556 sdbus - ok
21:00:50.0447 3556 [ B433671D5A6D36D35141A56B6E75D086 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:00:50.0478 3556 SDRSVC - ok
21:00:50.0493 3556 [ BCAE716C7A79CCE1012BF6BF910D31A3 ] sdstor C:\Windows\System32\drivers\sdstor.sys
21:00:50.0493 3556 sdstor - ok
21:00:50.0525 3556 [ A8CC993CED4DF9710ADAABC9DA66B660 ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:00:50.0525 3556 secdrv - ok
21:00:50.0540 3556 [ B83564D1603B821CCD82CC335C87AD97 ] seclogon C:\Windows\system32\seclogon.dll
21:00:50.0556 3556 seclogon - ok
21:00:50.0618 3556 [ 64355214ECE4573F553353597779EF11 ] SENS C:\Windows\System32\sens.dll
21:00:50.0634 3556 SENS - ok
21:00:50.0665 3556 [ 7E4F0DCAF6739C830B8043CCBF79ABBF ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:00:50.0681 3556 SensrSvc - ok
21:00:50.0681 3556 [ 3DE395F302C4DCD3D4792EB786A7B402 ] SerCx C:\Windows\system32\drivers\SerCx.sys
21:00:50.0681 3556 SerCx - ok
21:00:50.0696 3556 [ C706C88BAEE6B23C86C791EF47D901D4 ] Serenum C:\Windows\System32\drivers\serenum.sys
21:00:50.0696 3556 Serenum - ok
21:00:50.0696 3556 [ F492965E2EDDB1BCA2E000A1085BE082 ] Serial C:\Windows\System32\drivers\serial.sys
21:00:50.0696 3556 Serial - ok
21:00:50.0712 3556 [ 409C91880A6A70FDD33CFEDC43D0F808 ] sermouse C:\Windows\System32\drivers\sermouse.sys
21:00:50.0712 3556 sermouse - ok
21:00:50.0821 3556 [ 78F7BB9F4924BE164294C59B8C3FC096 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
21:00:50.0837 3556 ServiceLayer - ok
21:00:50.0915 3556 [ E19B1B639B5017BF6224744565B08E38 ] SessionEnv C:\Windows\system32\sessenv.dll
21:00:50.0930 3556 SessionEnv - ok
21:00:50.0961 3556 [ BDF7F7AC3700DAF0A19D19C008D408C0 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
21:00:50.0961 3556 sfloppy - ok
21:00:51.0055 3556 [ 578AA5D3C4A4C1052C9B13B4FA748B00 ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:00:51.0071 3556 SharedAccess - ok
21:00:51.0102 3556 [ C416B8E2EF38D100DA19C4DA8A3E8A17 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:00:51.0117 3556 ShellHWDetection - ok
21:00:51.0149 3556 [ A5A3C56B5E46F77E6992A3772F8E4C8D ] sisagp C:\Windows\system32\drivers\sisagp.sys
21:00:51.0149 3556 sisagp - ok
21:00:51.0164 3556 [ 39763193254A265FDA6F08EF375549DF ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
21:00:51.0164 3556 SiSRaid2 - ok
21:00:51.0195 3556 [ 2A95CC135283B3C56B783171532B62D0 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:00:51.0211 3556 SiSRaid4 - ok
21:00:51.0429 3556 [ D0776778A9FC5E37F2E9EB21FC8A9709 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
21:00:51.0445 3556 Skype C2C Service - ok
21:00:51.0492 3556 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
21:00:51.0492 3556 SkypeUpdate - ok
21:00:51.0554 3556 [ E2411CB89F0EC5E4D18AED0397AB07DD ] slsvc C:\Windows\slsvc.exe
21:00:51.0554 3556 slsvc - ok
21:00:51.0617 3556 [ 1FA732F662375B134B510B44686BABD2 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:00:51.0648 3556 SNMPTRAP - ok
21:00:51.0788 3556 [ 3A4F2C0BB87A0895ABEBA341AA1E341B ] Sony PC Companion C:\Program Files\Sony\Sony PC Companion\PCCService.exe
21:00:51.0788 3556 Sony PC Companion - ok
21:00:51.0866 3556 [ 3B3EDACFE0E7B117AF01A4C8F37C9913 ] spaceport C:\Windows\system32\drivers\spaceport.sys
21:00:51.0866 3556 spaceport - ok
21:00:51.0897 3556 [ C8E9372645392E23CF36B4C1686B1509 ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
21:00:51.0897 3556 SpbCx - ok
21:00:51.0944 3556 [ D246A6F32CD74A0AE1F00EF7C73A1DBC ] Spooler C:\Windows\System32\spoolsv.exe
21:00:51.0960 3556 Spooler - ok
21:00:52.0131 3556 [ ED4B93745C905B985BBE197970FFBF2E ] sppsvc C:\Windows\system32\sppsvc.exe
21:00:52.0163 3556 sppsvc - ok
21:00:52.0225 3556 [ 68103A2B441BBF3908EBB587F0704D6C ] sptd C:\Windows\System32\Drivers\sptd.sys
21:00:52.0241 3556 sptd - ok
21:00:52.0303 3556 [ 8B20E19AF56E21E9549D4CA496BB78D6 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:00:52.0303 3556 srv - ok
21:00:52.0334 3556 [ 1E5FB77B4D1A1FE002A1BB248FA7484A ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:00:52.0334 3556 srv2 - ok
21:00:52.0365 3556 [ 3CC26136D8A0180899F3FF02F44DD43B ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:00:52.0365 3556 srvnet - ok
21:00:52.0428 3556 [ 9B4B2E29751312BF65CBE301AFB746A1 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:00:52.0459 3556 SSDPSRV - ok
21:00:52.0459 3556 [ F23D18AF0C34B5167BA72F9B95EEAB06 ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:00:52.0475 3556 SstpSvc - ok
21:00:52.0537 3556 [ E82C5FB273972FC9D4F57D65746FCFA3 ] Start8 C:\Program Files\Stardock\Start8\Start8Srv.exe
21:00:52.0537 3556 Start8 - ok
21:00:52.0584 3556 [ CC17B7A7C4DD72BE2B10DAF254147A2B ] stexstor C:\Windows\system32\drivers\stexstor.sys
21:00:52.0584 3556 stexstor - ok
21:00:52.0677 3556 [ B9A28B6DA5EFEE202FAD396FEDFE73D8 ] StiSvc C:\Windows\System32\wiaservc.dll
21:00:52.0709 3556 StiSvc - ok
21:00:52.0740 3556 [ C34BCFA72A8BFE7D80092084B6A1E375 ] storahci C:\Windows\system32\drivers\storahci.sys
21:00:52.0740 3556 storahci - ok
21:00:52.0787 3556 [ B00DA575ADF228C1D33269CDE92A68EC ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
21:00:52.0787 3556 storflt - ok
21:00:52.0849 3556 [ 9AA77CAD9ADF035109B9E65EB3F8D61A ] StorSvc C:\Windows\system32\storsvc.dll
21:00:52.0865 3556 StorSvc - ok
21:00:52.0927 3556 [ 5C538C4975B53C31500BC535FF436CDC ] storvsc C:\Windows\system32\drivers\storvsc.sys
21:00:52.0927 3556 storvsc - ok
21:00:52.0958 3556 [ 8DF8D4AEADF32F5D4C6FFA9936E16A10 ] svsvc C:\Windows\system32\svsvc.dll
21:00:52.0989 3556 svsvc - ok
21:00:53.0005 3556 [ 8DCA45AD5E2D83E00A1952BE2B541A27 ] swenum C:\Windows\System32\drivers\swenum.sys
21:00:53.0005 3556 swenum - ok
21:00:53.0036 3556 [ B53421FCD315F35837A07716E9F7A1E7 ] swprv C:\Windows\System32\swprv.dll
21:00:53.0052 3556 swprv - ok
21:00:53.0145 3556 [ 0E8676FB3BB95AA40FDF7A4A31018C8B ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
21:00:53.0177 3556 SynTP - ok
21:00:53.0270 3556 [ 72EFFCDAAFDB8FB568A56B02D5703B76 ] SysMain C:\Windows\system32\sysmain.dll
21:00:53.0301 3556 SysMain - ok
21:00:53.0317 3556 [ E2B1F6EB353D82635977490AB163800F ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
21:00:53.0333 3556 SystemEventsBroker - ok
21:00:53.0364 3556 [ 3705A5E2A2834EA94EF073D87AF88D8F ] TabletInputService C:\Windows\System32\TabSvc.dll
21:00:53.0364 3556 TabletInputService - ok
21:00:53.0426 3556 [ 4A10477302BB35A17ED818CD8720478A ] TapiSrv C:\Windows\System32\tapisrv.dll
21:00:53.0457 3556 TapiSrv - ok
21:00:53.0551 3556 [ FF19CA1C64458F4E0F4F0FAEA22313C2 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:00:53.0567 3556 Tcpip - ok
21:00:53.0598 3556 [ FF19CA1C64458F4E0F4F0FAEA22313C2 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:00:53.0613 3556 TCPIP6 - ok
21:00:53.0676 3556 [ D40FB114D559FDDE599293E1B5107644 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:00:53.0676 3556 tcpipreg - ok
21:00:53.0676 3556 [ 0886D9F1B5A5334FBB143A260E4BFB5C ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:00:53.0676 3556 tdx - ok
21:00:53.0707 3556 [ 0E099CC6D72DD47CAB9CC3D5DDF0A93E ] terminpt C:\Windows\System32\drivers\terminpt.sys
21:00:53.0707 3556 terminpt - ok
21:00:53.0769 3556 [ 10DA7F780EF287FEA7D70C1633C68F0B ] TermService C:\Windows\System32\termsrv.dll
21:00:53.0801 3556 TermService - ok
21:00:53.0816 3556 [ 14378287DC6D4CF1E3279AA9EBD70665 ] Themes C:\Windows\system32\themeservice.dll
21:00:53.0816 3556 Themes - ok
21:00:53.0879 3556 [ D3C9785D97C09EE702FC06BDE74C7FE0 ] THREADORDER C:\Windows\system32\mmcss.dll
21:00:53.0894 3556 THREADORDER - ok
21:00:53.0910 3556 [ ED259852AE0DBE2FB53725194F55A728 ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
21:00:53.0925 3556 TimeBroker - ok
21:00:53.0988 3556 [ 9512B0ED87A530A786B4DDB97D22DB17 ] TomTomHOMEService C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
21:00:54.0003 3556 TomTomHOMEService - ok
21:00:54.0066 3556 [ 637E61491154755211931D8535BB75A5 ] TPM C:\Windows\system32\drivers\tpm.sys
21:00:54.0066 3556 TPM - ok
21:00:54.0128 3556 [ 7B19BA44B3A44494DBA300206FABA998 ] TrkWks C:\Windows\System32\trkwks.dll
21:00:54.0159 3556 TrkWks - ok
21:00:54.0253 3556 [ FD9F6ED4C26CA21B8DD2994F14BD98FC ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:00:54.0253 3556 TrustedInstaller - ok
21:00:54.0284 3556 [ B9E622309DE8C780E6818531586F2221 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:00:54.0284 3556 TsUsbFlt - ok
21:00:54.0300 3556 [ 074440A1C04913F7DF81839565A47917 ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
21:00:54.0300 3556 TsUsbGD - ok
21:00:54.0315 3556 [ 62EE13D4EE7DB793C13F33F51A21170E ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:00:54.0315 3556 tunnel - ok
21:00:54.0315 3556 [ E0750A399E378C8433165C843FD7F732 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:00:54.0315 3556 uagp35 - ok
21:00:54.0331 3556 [ B3B9DDEEFC3B823B3067DCADCD80014D ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
21:00:54.0331 3556 UASPStor - ok
21:00:54.0347 3556 [ 2654E9900694EA7605A23117D3BEFE01 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
21:00:54.0347 3556 UCX01000 - ok
21:00:54.0378 3556 [ 942D7B29F95DC6C5D14B8758044627C1 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:00:54.0378 3556 udfs - ok
21:00:54.0393 3556 [ 3F7B87F8E850907783AC681AF542601D ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:00:54.0409 3556 UI0Detect - ok
21:00:54.0425 3556 [ C4FE9CC8AA769B1D140C07308574969D ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:00:54.0425 3556 uliagpkx - ok
21:00:54.0440 3556 [ D54E16CE5FF8493E611CFF34F96F5A00 ] umbus C:\Windows\System32\drivers\umbus.sys
21:00:54.0440 3556 umbus - ok
21:00:54.0487 3556 [ 4F92FB5D2353C1B75F0C3138C1822FC3 ] UmPass C:\Windows\System32\drivers\umpass.sys
21:00:54.0487 3556 UmPass - ok
21:00:54.0534 3556 [ CC0CC034C75F8D445B7E561BA018E166 ] UmRdpService C:\Windows\System32\umrdp.dll
21:00:54.0549 3556 UmRdpService - ok
21:00:54.0581 3556 [ 4359A695FB0CF5C0C78A7FD2DACABC00 ] upnphost C:\Windows\System32\upnphost.dll
21:00:54.0596 3556 upnphost - ok
21:00:54.0643 3556 [ 8721F55D8BC9F89E3A63CEBDF5EF4FA3 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
21:00:54.0643 3556 upperdev - ok
21:00:54.0674 3556 [ ABFF3E6009343A2613D31FDC241A6D6E ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
21:00:54.0674 3556 usbccgp - ok
21:00:54.0705 3556 [ 614BDD1AB210F6DCE5EDFE0624717C94 ] usbcir C:\Windows\System32\drivers\usbcir.sys
21:00:54.0705 3556 usbcir - ok
21:00:54.0705 3556 [ 45D0D613CC52BE4AB7E812005C95D247 ] usbehci C:\Windows\System32\drivers\usbehci.sys
21:00:54.0705 3556 usbehci - ok
21:00:54.0721 3556 [ 8D1406D4522DC66AA2D46440CF29D299 ] usbhub C:\Windows\System32\drivers\usbhub.sys
21:00:54.0721 3556 usbhub - ok
21:00:54.0752 3556 [ C038764D6A507F50B9FEEAAF77E696D6 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
21:00:54.0752 3556 USBHUB3 - ok
21:00:54.0768 3556 [ A925F668D3D5E64D295B788A12AF31D5 ] usbohci C:\Windows\System32\drivers\usbohci.sys
21:00:54.0768 3556 usbohci - ok
21:00:54.0783 3556 [ 81F2E53B5945995FD5D459180EB21AE7 ] usbprint C:\Windows\System32\drivers\usbprint.sys
21:00:54.0783 3556 usbprint - ok
21:00:54.0830 3556 [ 252BCC1359A27A4277817076EBABB18A ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
21:00:54.0846 3556 usbscan - ok
21:00:54.0877 3556 [ 0F3ACD39400BBFA5AE7BA2FC86D5D446 ] usbser C:\Windows\system32\DRIVERS\usbser.sys
21:00:54.0893 3556 usbser - ok
21:00:54.0939 3556 [ 4E66C71D8D010BFB0DF1042D25E9CB0F ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
21:00:54.0939 3556 UsbserFilt - ok
21:00:55.0002 3556 [ 727CE341DF7EFDC94F2868393549F497 ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
21:00:55.0017 3556 USBSTOR - ok
21:00:55.0033 3556 [ 0A1FFF3F4A9CEE5FA5C28146DE41E06B ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
21:00:55.0033 3556 usbuhci - ok
21:00:55.0080 3556 [ A7A42FDE5D91EF214F1D2A80569FFC59 ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
21:00:55.0080 3556 USBXHCI - ok
21:00:55.0158 3556 [ 747ED861374E5589EE56D28E01BDCFE1 ] VaultSvc C:\Windows\system32\lsass.exe
21:00:55.0158 3556 VaultSvc - ok
21:00:55.0173 3556 [ 0AA85E1C967652071D283147AC4B17CD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:00:55.0173 3556 vdrvroot - ok
21:00:55.0251 3556 [ 893312F9BEE9C66FEEE6561E059A7CE9 ] vds C:\Windows\System32\vds.exe
21:00:55.0283 3556 vds - ok
21:00:55.0283 3556 [ F70882757673FA7D4E466D811E1AC029 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
21:00:55.0298 3556 VerifierExt - ok
21:00:55.0361 3556 [ 38DF48D22D63C1054DEF23629003B027 ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
21:00:55.0361 3556 vhdmp - ok
21:00:55.0392 3556 [ 91A67D2DDDD75D173A6590B75E305E3C ] viaagp C:\Windows\system32\drivers\viaagp.sys
21:00:55.0392 3556 viaagp - ok
21:00:55.0407 3556 [ 0C3370E2CFE0C1A51C37B58A1938837F ] ViaC7 C:\Windows\System32\drivers\viac7.sys
21:00:55.0407 3556 ViaC7 - ok
21:00:55.0423 3556 [ 11283532CE62BA51557D00E09262ED78 ] viaide C:\Windows\system32\drivers\viaide.sys
21:00:55.0423 3556 viaide - ok
21:00:55.0439 3556 [ 2E4777120FC246CCF76A69C7BB4AEF57 ] vmbus C:\Windows\system32\drivers\vmbus.sys
21:00:55.0439 3556 vmbus - ok
21:00:55.0439 3556 [ FA7B57977E55B60409FD9E36FC57395C ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
21:00:55.0439 3556 VMBusHID - ok
21:00:55.0501 3556 [ 57AE02EE534B4BF0E09462C6C2665D55 ] vmicheartbeat C:\Windows\System32\ICSvc.dll
21:00:55.0517 3556 vmicheartbeat - ok
21:00:55.0517 3556 [ 57AE02EE534B4BF0E09462C6C2665D55 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
21:00:55.0517 3556 vmickvpexchange - ok
21:00:55.0532 3556 [ 57AE02EE534B4BF0E09462C6C2665D55 ] vmicrdv C:\Windows\System32\ICSvc.dll
21:00:55.0532 3556 vmicrdv - ok
21:00:55.0548 3556 [ 57AE02EE534B4BF0E09462C6C2665D55 ] vmicshutdown C:\Windows\System32\ICSvc.dll
21:00:55.0548 3556 vmicshutdown - ok
21:00:55.0563 3556 [ 57AE02EE534B4BF0E09462C6C2665D55 ] vmictimesync C:\Windows\System32\ICSvc.dll
21:00:55.0563 3556 vmictimesync - ok
21:00:55.0563 3556 [ 57AE02EE534B4BF0E09462C6C2665D55 ] vmicvss C:\Windows\System32\ICSvc.dll
21:00:55.0579 3556 vmicvss - ok
21:00:55.0595 3556 [ 7E8BCEEA56197925D944CA7D230596F7 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:00:55.0595 3556 volmgr - ok
21:00:55.0673 3556 [ 9C21037D3983D9B93190D2AA16570395 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:00:55.0673 3556 volmgrx - ok
21:00:55.0704 3556 [ 8E15C3D58A8ADE841060661DBA6E7A9B ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:00:55.0704 3556 volsnap - ok
21:00:55.0735 3556 [ C5B79DA9C82C01EEFAABA713A858649E ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:00:55.0735 3556 vsmraid - ok
21:00:55.0797 3556 [ 700F5256DFCF1E65837F740EE0889F0F ] VSS C:\Windows\system32\vssvc.exe
21:00:55.0829 3556 VSS - ok
21:00:55.0891 3556 [ AB5F5CC034E31E496606E666657F3CC2 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
21:00:55.0907 3556 VSTXRAID - ok
21:00:55.0922 3556 [ 23044877230094EE20D057BC63ED19F0 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
21:00:55.0922 3556 vwifibus - ok
21:00:55.0985 3556 [ 56A40C6DFB12E33B88887C4F9D5917FF ] W32Time C:\Windows\system32\w32time.dll
21:00:56.0016 3556 W32Time - ok
21:00:56.0047 3556 [ B4254668F5806AAA051A320FE88146F6 ] WacomPen C:\Windows\System32\drivers\wacompen.sys
21:00:56.0047 3556 WacomPen - ok
21:00:56.0063 3556 [ 1B4CFB8C5D6C6E9D27453C6E535B28D8 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
21:00:56.0063 3556 Wanarp - ok
21:00:56.0063 3556 [ 1B4CFB8C5D6C6E9D27453C6E535B28D8 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:00:56.0063 3556 Wanarpv6 - ok
21:00:56.0109 3556 [ 09EA8F80C26FEAAE7D34AC82A871A909 ] wbengine C:\Windows\system32\wbengine.exe
21:00:56.0172 3556 wbengine - ok
21:00:56.0250 3556 [ D7AB5A0119A208B53784863DF403C2F2 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:00:56.0281 3556 WbioSrvc - ok
21:00:56.0312 3556 [ AB66316B4ED378A2CBEA61D6C5844A98 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
21:00:56.0328 3556 Wcmsvc - ok
21:00:56.0343 3556 [ 5DEE9734EAB11C82C31CE530DEEB0979 ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:00:56.0359 3556 wcncsvc - ok
21:00:56.0390 3556 [ 1B0A5043CC13F7DEB9873CC464FB11C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:00:56.0406 3556 WcsPlugInService - ok
21:00:56.0421 3556 [ 9BF0CE1E215789664EB563A52EC0B83B ] Wd C:\Windows\system32\drivers\wd.sys
21:00:56.0421 3556 Wd - ok
21:00:56.0437 3556 [ B73E9524D0034A1BC7CE10CED727A116 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
21:00:56.0437 3556 WdBoot - ok
21:00:56.0499 3556 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:00:56.0515 3556 Wdf01000 - ok
21:00:56.0546 3556 [ 357EA02565E599297D3729340FE0F961 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
21:00:56.0546 3556 WdFilter - ok
21:00:56.0562 3556 [ 2FC34E39DD120AB985DF1F63B10A4B4D ] WdiServiceHost C:\Windows\system32\wdi.dll
21:00:56.0577 3556 WdiServiceHost - ok
21:00:56.0577 3556 [ 2FC34E39DD120AB985DF1F63B10A4B4D ] WdiSystemHost C:\Windows\system32\wdi.dll
21:00:56.0593 3556 WdiSystemHost - ok
21:00:56.0640 3556 [ FD800739494EE57DC7849BD64BDA1EEC ] WebClient C:\Windows\System32\webclnt.dll
21:00:56.0655 3556 WebClient - ok
21:00:56.0687 3556 [ 476746404FC104242EE8F049F2A6FA4A ] Wecsvc C:\Windows\system32\wecsvc.dll
21:00:56.0702 3556 Wecsvc - ok
21:00:56.0718 3556 [ B8A6C4812FD65EF95EB0F723A48C2462 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:00:56.0733 3556 wercplsupport - ok
21:00:56.0749 3556 [ 4A1A99EB9B85679C0F97255E72A6DC85 ] WerSvc C:\Windows\System32\WerSvc.dll
21:00:56.0749 3556 WerSvc - ok
21:00:56.0811 3556 [ B7ADB3799F1B6D8172DFDCE1DA8937F5 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
21:00:56.0811 3556 WFPLWFS - ok
21:00:56.0827 3556 [ 1764AA30CDF8AF8995D4A3CEADF6AB0D ] WiaRpc C:\Windows\System32\wiarpc.dll
21:00:56.0843 3556 WiaRpc - ok
21:00:56.0858 3556 [ 8B7BBA41B67E92B73BAFEBDF570B3703 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:00:56.0874 3556 WIMMount - ok
21:00:56.0968 3556 [ 36A695E1683671009C2FEA38B5EB4CD4 ] WinDefend C:\Program Files\Windows Defender\MsMpEng.exe
21:00:56.0968 3556 WinDefend - ok
21:00:57.0061 3556 [ 80C91C7CAC9DC9FFE2E6B8427CE06D9A ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
21:00:57.0077 3556 WinHttpAutoProxySvc - ok
21:00:57.0186 3556 [ 62B866B25BA8A3FCAEC457738DDA726E ] winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:00:57.0186 3556 winmgmt - ok
21:00:57.0326 3556 [ EE08CA40473062F2962F1ED25C85306C ] WinRM C:\Windows\system32\WsmSvc.dll
21:00:57.0373 3556 WinRM - ok
21:00:57.0436 3556 [ 30122927052480564DB0695B0CEADE62 ] WinUSB C:\Windows\System32\drivers\WinUSB.sys
21:00:57.0436 3556 WinUSB - ok
21:00:57.0529 3556 [ EA8492A75CB6B192C87305159A1B44AF ] WlanSvc C:\Windows\System32\wlansvc.dll
21:00:57.0576 3556 WlanSvc - ok
21:00:57.0638 3556 [ DE73279C9AA9F07D010D39A925046D93 ] wlidsvc C:\Windows\system32\wlidsvc.dll
21:00:57.0685 3556 wlidsvc - ok
21:00:57.0732 3556 [ F8A31500A1B7EFDB95E5103A7C7275C1 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
21:00:57.0732 3556 WmiAcpi - ok
21:00:57.0810 3556 [ 8899BED47FE375EE665AD1821598E471 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:00:57.0810 3556 wmiApSrv - ok
21:00:57.0935 3556 [ C8D9BB66227B6309D1E394C7E02D40F2 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
21:00:57.0966 3556 WMPNetworkSvc - ok
21:00:57.0997 3556 [ 9C3F5C7B716247756575235A3218FD38 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
21:00:57.0997 3556 wpcfltr - ok
21:00:58.0044 3556 [ 32B4145D0513E913C13A73C3E640C931 ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:00:58.0060 3556 WPCSvc - ok
21:00:58.0075 3556 [ 9BB009547532C1F2DF14455CE1102A33 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:00:58.0091 3556 WPDBusEnum - ok
21:00:58.0153 3556 [ E5DCECD5A6A21AE48E94F6C9DC0E093C ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
21:00:58.0153 3556 WpdUpFltr - ok
21:00:58.0169 3556 [ D646A22FA57F29BB06018CB7C6E0CD6A ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:00:58.0169 3556 ws2ifsl - ok
21:00:58.0200 3556 [ 005950A4A8B36C551F25AF947CFA749D ] wscsvc C:\Windows\System32\wscsvc.dll
21:00:58.0216 3556 wscsvc - ok
21:00:58.0216 3556 WSearch - ok
21:00:58.0340 3556 [ FF4BE7A21D3188ADC840B9E5B18D964E ] WSService C:\Windows\System32\WSService.dll
21:00:58.0450 3556 WSService - ok
21:00:58.0574 3556 [ 1DB46028D06FA2A8E4F81A83B8138057 ] wuauserv C:\Windows\system32\wuaueng.dll
21:00:58.0684 3556 wuauserv - ok
21:00:58.0746 3556 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:00:58.0746 3556 WudfPf - ok
21:00:58.0746 3556 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
21:00:58.0762 3556 WUDFRd - ok
21:00:58.0762 3556 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFSensorLP C:\Windows\system32\DRIVERS\WUDFRd.sys
21:00:58.0762 3556 WUDFSensorLP - ok
21:00:58.0824 3556 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:00:58.0840 3556 wudfsvc - ok
21:00:58.0855 3556 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFWpdFs C:\Windows\system32\DRIVERS\WUDFRd.sys
21:00:58.0855 3556 WUDFWpdFs - ok
21:00:58.0855 3556 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFWpdMtp C:\Windows\system32\DRIVERS\WUDFRd.sys
21:00:58.0855 3556 WUDFWpdMtp - ok
21:00:58.0886 3556 [ 618AA3476AB6F3B3ED140323369705B1 ] WwanSvc C:\Windows\System32\wwansvc.dll
21:00:58.0902 3556 WwanSvc - ok
21:00:58.0918 3556 ================ Scan global ===============================
21:00:59.0011 3556 [ 8D41654D0A9E15635ACF5E18FF470AB1 ] C:\Windows\system32\basesrv.dll
21:00:59.0058 3556 [ 02B34ED781B4710F23E544CC6CFEB809 ] C:\Windows\system32\winsrv.dll
21:00:59.0120 3556 [ 78A87B9D36AAD6AFD6A24915389E1221 ] C:\Windows\system32\sxssrv.dll
21:00:59.0214 3556 [ 575FB4211BB07DB7D2179B1B05FE7EFD ] C:\Windows\system32\services.exe
21:00:59.0245 3556 [Global] - ok
21:00:59.0245 3556 ================ Scan MBR ==================================
21:00:59.0276 3556 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:00:59.0620 3556 \Device\Harddisk0\DR0 - ok
21:00:59.0635 3556 ================ Scan VBR ==================================
21:00:59.0635 3556 [ BA37C2B8005E651592910586A5D741B8 ] \Device\Harddisk0\DR0\Partition1
21:00:59.0635 3556 \Device\Harddisk0\DR0\Partition1 - ok
21:00:59.0651 3556 [ B2B420F8E84A90489E914B5958362FC1 ] \Device\Harddisk0\DR0\Partition2
21:00:59.0666 3556 \Device\Harddisk0\DR0\Partition2 - ok
21:00:59.0666 3556 ============================================================
21:00:59.0666 3556 Scan finished
21:00:59.0666 3556 ============================================================
21:00:59.0682 5396 Detected object count: 0
21:00:59.0682 5396 Actual detected object count: 0
21:04:52.0611 5440 Deinitialize success

[jaro3]

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[RudolfIV]

ComboFix 13-09-26.03 - Trkl 26.09.2013 19:26:57.1.2 - x86
Microsoft Windows 8 Pro 6.2.9200.0.1250.420.1029.18.2039.1299 [GMT 2:00]
Spuštěný z: c:\users\u×ivatel\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\windows\PFRO.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-26 do 2013-09-26 )))))))))))))))))))))))))))))))
.
.
2013-09-26 17:36 . 2013-09-26 17:37 -------- d-----w- c:\users\uživatel\AppData\Local\temp
2013-09-26 17:36 . 2013-09-26 17:36 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-24 19:02 . 2013-09-24 19:02 -------- d-----w- c:\users\uživatel\AppData\Local\Adobe
2013-09-23 19:38 . 2013-09-23 19:38 -------- d-----w- c:\windows\ERUNT
2013-09-22 19:39 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-09-22 19:39 . 2013-09-22 19:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-09-21 20:36 . 2013-09-21 20:36 -------- d-----w- c:\windows\ServiceProfiles\LocalService\winhttp
2013-09-21 16:31 . 2013-09-21 17:34 -------- d-----w- c:\users\uživatel\AppData\Roaming\vlc
2013-09-17 18:49 . 2013-09-17 18:49 -------- d-----w- c:\program files\HDvid Codec V1
2013-09-17 18:49 . 2013-09-17 18:49 -------- d-----w- c:\program files\FreeHDSport.TV
2013-09-17 18:49 . 2013-09-21 20:33 -------- d-----w- c:\program files\HDPlayer
2013-09-12 19:06 . 2013-09-18 19:39 -------- d-----w- C:\ONE TOUCH Upgrade S 2.8.0
2013-09-09 19:58 . 2013-09-09 19:58 -------- d-----w- c:\programdata\SummerSoft
2013-09-09 19:56 . 2013-09-09 19:58 -------- d-----w- c:\programdata\InstallMate
2013-09-09 17:06 . 2013-09-09 17:06 -------- d-----w- c:\users\uživatel\AppData\Roaming\UTAJEN~1
2013-09-07 11:35 . 2013-09-07 21:59 -------- d-----w- c:\program files\LinuxLive USB Creator
2013-09-07 09:20 . 2013-09-07 09:20 -------- d-----w- c:\program files\GetData
2013-09-05 13:45 . 2013-09-05 13:45 -------- d-----w- c:\users\uživatel\AppData\Local\ERS G-Studio
2013-08-31 22:38 . 2013-09-23 19:32 -------- d-----w- C:\AdwCleaner
2013-08-31 22:29 . 2013-08-31 22:29 -------- d-----w- c:\users\uživatel\AppData\Roaming\Malwarebytes
2013-08-31 22:28 . 2013-08-31 22:28 -------- d-----w- c:\programdata\Malwarebytes
2013-08-28 16:39 . 2013-08-28 16:39 -------- d-----w- c:\users\uživatel\AppData\Roaming\Mobile Action
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-30 07:48 . 2013-03-19 22:08 369584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-08-30 07:48 . 2013-03-19 22:08 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-08-30 07:48 . 2013-03-19 22:08 177864 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-08-30 07:48 . 2013-03-19 22:08 61680 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-08-30 07:48 . 2013-03-19 22:08 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-08-30 07:48 . 2013-03-19 22:08 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-08-30 07:48 . 2013-03-19 22:08 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-08-30 07:48 . 2013-03-19 22:08 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-08-30 07:47 . 2013-03-19 22:07 41664 ----a-w- c:\windows\avastSS.scr
2013-08-30 07:47 . 2013-03-19 22:08 229648 ----a-w- c:\windows\system32\aswBoot.exe
2013-08-20 22:07 . 2013-08-20 22:05 187184 ----a-w- c:\users\uživatel\comcat5.dll
2013-08-20 22:07 . 2013-08-20 22:05 187184 ----a-w- c:\users\uživatel\comcat5.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-08-30 07:47 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTAgent.exe" [2012-10-23 3108480]
"NokiaSuite.exe"="c:\program files\Nokia\Nokia Suite\NokiaSuite.exe" [2013-04-18 1090912]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2013-07-02 248208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-25 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-25 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-25 150552]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-06-04 1791272]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-02-21 1183744]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-11 287800]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-08-30 4858968]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"Nitro PDF Printer Monitor"="c:\program files\Nitro PDF\Professional\NitroPDFPrinterMonitor.exe" [2008-12-04 210240]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"seznam-listicka-distribuce"="c:\program files\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
CodecPackTrayMenu.lnk - c:\windows\System32\C2MP\TrayMenu.exe [2013-2-25 704520]
CodecPackUpdateChecker.lnk - c:\windows\System32\C2MP\UpdateChecker.exe [2013-3-16 46816]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"EnableUIADesktopToggle"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-08-14 3291008]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-02-28 161384]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-01-12 227896]
R3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [2011-06-02 11336]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-07-29 14216]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-07-29 8456]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\System32\drivers\ggflt.sys [2013-05-23 12400]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2013-01-23 137600]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2013-01-23 8576]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe [2012-07-26 23040]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys [2013-06-12 242240]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-08-30 66336]
S2 ATService;AuthenTec Fingerprint Service;c:\program files\Fingerprint Sensor\AtService.exe [2010-06-30 2038272]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2012-07-13 769432]
S2 Start8;Stardock Start8;c:\program files\Stardock\Start8\Start8Srv.exe [2012-10-09 143024]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2013-07-02 93072]
S3 ATSwpWDF;AuthenTec TruePrint USB Driver;c:\windows\System32\Drivers\ATSwpWDF.sys [2010-06-30 677320]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 22856]
S3 netwlv32;@netwlv32.inf, %NIC_Service_DispName_VISTA%; Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista;c:\windows\system32\DRIVERS\netwlv32.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-21 06:00 1165776 ----a-w- c:\program files\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-06-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-19 22:02]
.
2013-09-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-04-26 23:50]
.
2013-09-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-04-26 23:50]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKCU-Run-Nektra OEAPI - (no file)
HKCU-Run-OEXPRESS - (no file)
HKLM_ActiveSetup-Nitro PDF Professional - //B
AddRemove-LSI Soft Modem - c:\windows\agrsmdel
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Celkový čas: 2013-09-26 19:38:45
ComboFix-quarantined-files.txt 2013-09-26 17:38
.
Před spuštěním: 26 229 772 288 bytes free
Po spuštění: 26 137 251 840 bytes free
.
- - End Of File - - C17B9D651081DDB2DF8897CF040A4469
A36C5E4F47E84449FF07ED3517B43A31

[jaro3]

AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

Ponech si buď Avast nebo Windows Defender , oba tam mít nemůžeš.

Pak znovu Combofix.

[RudolfIV]

Dobrý večer, tak windows defender píše, že je vypnutý, pro jistotu jsem zakázal službu windows defender a pak zase toto, tak čím to? Díky

ComboFix 13-09-26.03 - Trkl 27.09.2013 21:24:26.2.2 - x86
Microsoft Windows 8 Pro 6.2.9200.0.1250.420.1029.18.2039.1176 [GMT 2:00]
Spuštěný z: c:\users\u×ivatel\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-08-27 do 2013-09-27 )))))))))))))))))))))))))))))))
.
.
2013-09-27 19:34 . 2013-09-27 19:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-09-26 20:43 . 2013-09-26 20:57 -------- d-----w- C:\ubuntu
2013-09-26 17:38 . 2013-09-27 19:34 -------- d-----w- c:\users\uživatel\AppData\Local\temp
2013-09-24 19:02 . 2013-09-24 19:02 -------- d-----w- c:\users\uživatel\AppData\Local\Adobe
2013-09-23 19:38 . 2013-09-23 19:38 -------- d-----w- c:\windows\ERUNT
2013-09-22 19:39 . 2013-04-04 12:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-09-22 19:39 . 2013-09-22 19:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-09-21 20:36 . 2013-09-21 20:36 -------- d-----w- c:\windows\ServiceProfiles\LocalService\winhttp
2013-09-21 16:31 . 2013-09-21 17:34 -------- d-----w- c:\users\uživatel\AppData\Roaming\vlc
2013-09-17 18:49 . 2013-09-17 18:49 -------- d-----w- c:\program files\HDvid Codec V1
2013-09-17 18:49 . 2013-09-17 18:49 -------- d-----w- c:\program files\FreeHDSport.TV
2013-09-17 18:49 . 2013-09-21 20:33 -------- d-----w- c:\program files\HDPlayer
2013-09-12 19:06 . 2013-09-18 19:39 -------- d-----w- C:\ONE TOUCH Upgrade S 2.8.0
2013-09-09 19:58 . 2013-09-09 19:58 -------- d-----w- c:\programdata\SummerSoft
2013-09-09 19:56 . 2013-09-09 19:58 -------- d-----w- c:\programdata\InstallMate
2013-09-09 17:06 . 2013-09-09 17:06 -------- d-----w- c:\users\uživatel\AppData\Roaming\UTAJEN~1
2013-09-07 11:35 . 2013-09-07 21:59 -------- d-----w- c:\program files\LinuxLive USB Creator
2013-09-07 09:20 . 2013-09-07 09:20 -------- d-----w- c:\program files\GetData
2013-09-05 13:45 . 2013-09-05 13:45 -------- d-----w- c:\users\uživatel\AppData\Local\ERS G-Studio
2013-08-31 22:38 . 2013-09-23 19:32 -------- d-----w- C:\AdwCleaner
2013-08-31 22:29 . 2013-08-31 22:29 -------- d-----w- c:\users\uživatel\AppData\Roaming\Malwarebytes
2013-08-31 22:28 . 2013-08-31 22:28 -------- d-----w- c:\programdata\Malwarebytes
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-30 07:48 . 2013-03-19 22:08 369584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-08-30 07:48 . 2013-03-19 22:08 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-08-30 07:48 . 2013-03-19 22:08 177864 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-08-30 07:48 . 2013-03-19 22:08 61680 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-08-30 07:48 . 2013-03-19 22:08 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-08-30 07:48 . 2013-03-19 22:08 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-08-30 07:48 . 2013-03-19 22:08 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-08-30 07:48 . 2013-03-19 22:08 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-08-30 07:47 . 2013-03-19 22:07 41664 ----a-w- c:\windows\avastSS.scr
2013-08-30 07:47 . 2013-03-19 22:08 229648 ----a-w- c:\windows\system32\aswBoot.exe
2013-08-20 22:07 . 2013-08-20 22:05 187184 ----a-w- c:\users\uživatel\comcat5.dll
2013-08-20 22:07 . 2013-08-20 22:05 187184 ----a-w- c:\users\uživatel\comcat5.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-08-30 07:47 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTAgent.exe" [2012-10-23 3108480]
"NokiaSuite.exe"="c:\program files\Nokia\Nokia Suite\NokiaSuite.exe" [2013-04-18 1090912]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2013-07-02 248208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-25 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-25 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-25 150552]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2010-06-04 1791272]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-02-21 1183744]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-11 287800]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-08-30 4858968]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"Nitro PDF Printer Monitor"="c:\program files\Nitro PDF\Professional\NitroPDFPrinterMonitor.exe" [2008-12-04 210240]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"seznam-listicka-distribuce"="c:\program files\Seznam.cz\distribution\szninstall.exe" [2013-05-16 1062472]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
CodecPackTrayMenu.lnk - c:\windows\System32\C2MP\TrayMenu.exe [2013-2-25 704520]
CodecPackUpdateChecker.lnk - c:\windows\System32\C2MP\UpdateChecker.exe [2013-3-16 46816]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"EnableUIADesktopToggle"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-08-14 3291008]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-02-28 161384]
R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-01-12 227896]
R3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [2011-06-02 11336]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-07-29 14216]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-07-29 8456]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\System32\drivers\ggflt.sys [2013-05-23 12400]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2013-01-23 137600]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2013-01-23 8576]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe [2012-07-26 23040]
R3 WUDFWpdMtp;WUDFWpdMtp;c:\windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\System32\drivers\dtsoftbus01.sys [2013-06-12 242240]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-08-30 66336]
S2 ATService;AuthenTec Fingerprint Service;c:\program files\Fingerprint Sensor\AtService.exe [2010-06-30 2038272]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [2012-07-13 769432]
S2 Start8;Stardock Start8;c:\program files\Stardock\Start8\Start8Srv.exe [2012-10-09 143024]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [2013-07-02 93072]
S3 ATSwpWDF;AuthenTec TruePrint USB Driver;c:\windows\System32\Drivers\ATSwpWDF.sys [2010-06-30 677320]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 22856]
S3 netwlv32;@netwlv32.inf, %NIC_Service_DispName_VISTA%; Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista;c:\windows\system32\DRIVERS\netwlv32.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-21 06:00 1165776 ----a-w- c:\program files\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-06-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-19 22:02]
.
2013-09-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-04-26 23:50]
.
2013-09-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-04-26 23:50]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748449} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\programdata\LangSoft\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\programdata\LangSoft\WebIE.dll
TCP: DhcpNameServer = 10.0.0.138
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(4332)
c:\windows\SYSTEM32\igd10umd32.dll
.
Celkový čas: 2013-09-27 21:36:28
ComboFix-quarantined-files.txt 2013-09-27 19:36
ComboFix2.txt 2013-09-26 17:38
.
Před spuštěním: 24 463 523 840 bytes free
Po spuštění: 24 415 027 200 bytes free
.
- - End Of File - - 6AB7E45E27CF74B177D239C72079E955
A36C5E4F47E84449FF07ED3517B43A31