PC-HELP.CZ

Zdravím, chtěl bych poprosit o kontrolu stroje mého známého, stroj byl ještě včera pomalý. Dnes jsem provedl důkladnou čistku. Kompletní sken Mbamem, Rychlý sken SAS..dále ccleaner,TFC,tempcleaner, atf cleaner,..) malware nalezen v mbamu jsem smazal. Stroj se zdá být OK, ale pro jistotu dávám ještě sem. A ještě maličkost - teploty procesoru (AMD ATHLON X2) u obou jader se pohybuje teplota okolo 70'C je to v pořádku?

Předem Vám děkuji a s pozdravem M.

EDIT 1:

Tak jsem přeci problém našel, nejdou stahovat soubory, jakýkoli soubor, který stáhnu přes jakýkoli prohlížeč se nezobrazuje v počítači (jako by tam nebyl) ať už ho uložím kamkoli na PC. Úspěšně se to stáhne v prohlížeči, ale pak na to nejde kliknout pro otevření v prohlížeči.

Chrome po stažení souboru píše: Při vyhledávání virů došlo k chybě

Identifikace stroje:
Notebook ACER ASPIRE 5535
Windows Vista Home Premium SP1
AMD ATHLON X2 DUAL CORE 2Ghz
3GB DDR2



Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:03:53, on 2.11.2013
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18639)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\explorer.exe
F:\CISTENI PC\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... spire_5535
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... spire_5535
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BBF74FB9-ABCD-4678-880A-2511DAABB5E1} - C:\Program Files\Yahoo!\Search Protection\ysp.dll
O9 - Extra 'Tools' menuitem: Yahoo! Search Protection - {BBF74FB9-ABCD-4678-880A-2511DAABB5E1} - C:\Program Files\Yahoo!\Search Protection\ysp.dll
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (Emsisoft Web Malware Scan) - http://ax.emsisoft.com/emsisoft_webscan.cab
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - c:\Program Files\Cyberlink\Shared files\RichVideo.exe

--
End of file - 6363 bytes


Malwarebytes Anti-Malware 1.75.0.1300
http://www.malwarebytes.org

Verze: v2013.11.02.08

Windows Vista Service Pack 1 x86 NTFS
Internet Explorer 7.0.6001.18000
Thu :: THU-PC [administrátor]

2.11.2013 20:23:48
MBAM-log-2013-11-02 (21-59-59).txt

Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 327472
Uplynulý čas: 1 hodin, 35 minut, 42 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 3
c:\program files\google\desktop\install\{f696e7f7-774c-5c1a-531f-0d56adb0af44}\ \...\‮ﯹ๛\{f696e7f7-774c-5c1a-531f-0d56adb0af44}\u\00000004.@ (Rootkit.Zaccess) -> Nebyla provedena žádná instrukce.
c:\program files\google\desktop\install\{f696e7f7-774c-5c1a-531f-0d56adb0af44}\ \...\‮ﯹ๛\{f696e7f7-774c-5c1a-531f-0d56adb0af44}\u\000000cb.@ (Rootkit.0Access) -> Nebyla provedena žádná instrukce.
c:\program files\google\desktop\install\{f696e7f7-774c-5c1a-531f-0d56adb0af44}\ \...\‮ﯹ๛\{f696e7f7-774c-5c1a-531f-0d56adb0af44}\u\80000000.@ (Trojan.0Access) -> Nebyla provedena žádná instrukce.

(konec)

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod


Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.


Stáhni si TFC
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Prohledat-Scan“
Po skenu se objeví log ( jinak je uložen systémovem disku jako AdwCleaner[R?].txt), jeho obsah sem celý vlož.

. Takže spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.

zdravím a díky za reakci.

# AdwCleaner v3.010 - Report created 03/11/2013 at 10:55:12
# Updated 20/10/2013 by Xplode
# Operating System : Windows Vista (TM) Home Premium Service Pack 1 (32 bits)
# Username : Thu - THU-PC
# Running from : F:\CISTENI PC\adwcleaner (1).exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Program Files\Mozilla Firefox\.autoreg
File Found : C:\Users\Thu\AppData\Roaming\Mozilla\Firefox\Profiles\bg90it0h.default\user.js
Folder Found C:\Program Files\GamesBar

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\Software\GamesBarSetup
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

***** [ Browsers ] *****

-\\ Internet Explorer v7.0.6001.18639


-\\ Mozilla Firefox v25.0 (cs)

[ File : C:\Users\Thu\AppData\Roaming\Mozilla\Firefox\Profiles\bg90it0h.default\prefs.js ]


-\\ Google Chrome v30.0.1599.101

[ File : C:\Users\Thu\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2503 octets] - [02/11/2013 19:22:16]
AdwCleaner[R1].txt - [1840 octets] - [03/11/2013 10:55:12]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1900 octets] ##########

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2013.11.02.08

Windows Vista Service Pack 1 x86 NTFS
Internet Explorer 7.0.6001.18000
Thu :: THU-PC [administrátor]

3.11.2013 10:51:48
mbam-log-2013-11-03 (10-51-48).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 185874
Uplynulý čas: 9 minut, 19 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

V adw nech nálezy smazat a dodej log

Stáhni si Junkware Removal Tool

na svojí plochu.
Deaktivuj si svůj antivirový program.
Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

Stáhni si RogueKiller
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

děkuji, tady to je!

$LOG ADW:

# AdwCleaner v3.010 - Report created 03/11/2013 at 14:12:47
# Updated 20/10/2013 by Xplode
# Operating System : Windows Vista (TM) Home Premium Service Pack 1 (32 bits)
# Username : Thu - THU-PC
# Running from : F:\CISTENI PC\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\GamesBar
File Deleted : C:\Program Files\Mozilla Firefox\.autoreg
File Deleted : C:\Users\Thu\AppData\Roaming\Mozilla\Firefox\Profiles\bg90it0h.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\Software\GamesBarSetup

***** [ Browsers ] *****

-\\ Internet Explorer v7.0.6001.18639


-\\ Mozilla Firefox v25.0 (cs)

[ File : C:\Users\Thu\AppData\Roaming\Mozilla\Firefox\Profiles\bg90it0h.default\prefs.js ]


-\\ Google Chrome v30.0.1599.101

[ File : C:\Users\Thu\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2503 octets] - [02/11/2013 19:22:16]
AdwCleaner[R1].txt - [1980 octets] - [03/11/2013 10:55:12]
AdwCleaner[R2].txt - [2036 octets] - [03/11/2013 14:11:03]
AdwCleaner[S0].txt - [1981 octets] - [03/11/2013 14:12:47]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2041 octets] ##########

JRT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows Vista (TM) Home Premium x86
Ran by Thu on ne 03.11.2013 at 14:17:03,38
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Thu\AppData\Roaming\mozilla\firefox\profiles\bg90it0h.default\minidumps [77 files]



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Thu\appdata\local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 03.11.2013 at 14:23:04,01
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ROGUE:

RogueKiller V8.7.6 [Oct 28 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows Vista (6.0.6001 Service Pack 1) 32 bits version
Spuštěno v : Normální režim
Uživatel : Thu [Práva správce]
Mód : Kontrola -- Datum : 11/03/2013 14:30:19
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[ZeroAccess][SERVICE] ???etadpug -- "C:\Program Files\Google\Desktop\Install\{f696e7f7-774c-5c1a-531f-0d56adb0af44}\ \...\???ﯹ๛\{f696e7f7-774c-5c1a-531f-0d56adb0af44}\GoogleUpdate.exe" < [x] -> ZASTAVENO

¤¤¤ ¤¤¤ Záznamy Registrů: : 4 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 2 ¤¤¤
[V2][SUSP PATH] IHSelfDeleteTASK : CMD - /C DEL C:\Users\Thu\AppData\Local\Temp\IHUE5BD.tmp.exe [x][x] -> NALEZENO
[V2][SUSP PATH] IHUninstallTrackingTASK : CMD - /C DEL C:\Users\Thu\AppData\Local\Temp\IHUE417.tmp.exe [x][x] -> NALEZENO

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤
[ZeroAccess][křižovatka] cs-CZ : C:\Program Files\Windows Defender\cs-CZ >> \systemroot\system32\config [-] --> NALEZENO
[ZeroAccess][křižovatka] MpAsDesc.dll : C:\Program Files\Windows Defender\MpAsDesc.dll >> \systemroot\system32\config [-] --> NALEZENO
[ZeroAccess][křižovatka] MpClient.dll : C:\Program Files\Windows Defender\MpClient.dll >> \systemroot\system32\config [-] --> NALEZENO
[ZeroAccess][křižovatka] MpCmdRun.exe : C:\Program Files\Windows Defender\MpCmdRun.exe >> \systemroot\system32\config [-] --> NALEZENO
[ZeroAccess][křižovatka] MpEvMsg.dll : C:\Program Files\Windows Defender\MpEvMsg.dll >> \systemroot\system32\config [-] --> NALEZENO
[ZeroAccess][křižovatka] MpOAV.dll : C:\Program Files\Windows Defender\MpOAV.dll >> \systemroot\system32\config [-] --> NALEZENO
[ZeroAccess][křižovatka] MpRtMon.dll : C:\Program Files\Windows Defender\MpRtMon.dll >> \systemroot\system32\config [-] --> NALEZENO
[ZeroAccess][křižovatka] MpRtPlug.dll : C:\Program Files\Windows Defender\MpRtPlug.dll >> \systemroot\system32\config [-] --> NALEZENO
[ZeroAccess][křižovatka] MpSigDwn.dll : C:\Program Files\Windows Defender\MpSigDwn.dll >> \systemroot\system32\config [-] --> NALEZENO
[ZeroAccess][křižovatka] MpSoftEx.dll : C:\Program Files\Windows Defender\MpSoftEx.dll >> \systemroot\system32\config [-] --> NALEZENO
[ZeroAccess][křižovatka] MpSvc.dll : C:\Program Files\Windows Defender\MpSvc.dll >> \systemroot\system32\config [-] --> NALEZENO
[ZeroAccess][křižovatka] MSASCui.exe : C:\Program Files\Windows Defender\MSASCui.exe >> \systemroot\system32\config [-] --> NALEZENO
[ZeroAccess][křižovatka] MsMpCom.dll : C:\Program Files\Windows Defender\MsMpCom.dll >> \systemroot\system32\config [-] --> NALEZENO
[ZeroAccess][křižovatka] MsMpLics.dll : C:\Program Files\Windows Defender\MsMpLics.dll >> \systemroot\system32\config [-] --> NALEZENO
[ZeroAccess][křižovatka] MsMpRes.dll : C:\Program Files\Windows Defender\MsMpRes.dll >> \systemroot\system32\config [-] --> NALEZENO
[ZeroAccess][desky] Install : C:\Program Files\Google\Desktop\Install [-] --> NALEZENO

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Inline] EAT @explorer.exe (FwDoNothingOnObject) : FirewallAPI.dll -> HOOKED (Unknown @ 0x36550C66)
[Inline] EAT @explorer.exe (FwEnableMemTracing) : FirewallAPI.dll -> HOOKED (Unknown @ 0x36550C66)
[Inline] EAT @explorer.exe (FwSetMemLeakPolicy) : FirewallAPI.dll -> HOOKED (Unknown @ 0x36550C66)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ZeroAccess ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ SCSI) Hitachi HTS543225L9A3 SCSI Disk Device +++++
--- User ---
[MBR] cf00f0b21439c9329230a620361757c0
[BSP] 4f5f3d4eae043ef85422cfd6cde75bc1 : Acer MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 10000 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 20482048 | Size: 114243 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 254451712 | Size: 114230 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) USB Device +++++
--- User ---
[MBR] f136774f07ec0d0da214706fd7e55333
[BSP] 2d1a08165c179acad32240a62b678ba1 : MBR Code unknown
Partition table:
0 - [XXXXXX] FAT32 (0x0b) [VISIBLE] Offset (sectors): 32 | Size: 3825 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[0]_S_11032013_143019.txt >>


EDIT: problém se stahováním souborů jsem vyřešil pomocí návodu z netu. Takže už jen bych poprosil o dočištění stroje, aby mohl stroj nabrat nový dech. Pořád to není, co to bývalo i po vyčištění od prachu. Jinak moc děkuji za Vaší práci!

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.

RogueKiller V8.7.6 [Oct 28 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://tigzyrk.blogspot.com/

Operační systém : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Spuštěno v : Normální režim
Uživatel : Thu [Práva správce]
Mód : Odebrat -- Datum : 11/04/2013 14:09:41
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 2 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO

¤¤¤ naplánované úlohy : 2 ¤¤¤
[V2][SUSP PATH] IHSelfDeleteTASK : CMD - /C DEL C:\Users\Thu\AppData\Local\Temp\IHUE5BD.tmp.exe [x][x] -> VYMAZÁNO
[V2][SUSP PATH] IHUninstallTrackingTASK : CMD - /C DEL C:\Users\Thu\AppData\Local\Temp\IHUE417.tmp.exe [x][x] -> VYMAZÁNO

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Inline] EAT @explorer.exe (FwDoNothingOnObject) : FirewallAPI.dll -> HOOKED (Unknown @ 0x366D2466)
[Inline] EAT @explorer.exe (FwEnableMemTracing) : FirewallAPI.dll -> HOOKED (Unknown @ 0x366D2466)
[Inline] EAT @explorer.exe (FwSetMemLeakPolicy) : FirewallAPI.dll -> HOOKED (Unknown @ 0x366D2466)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ SCSI) Hitachi HTS543225L9A3 SCSI Disk Device +++++
--- User ---
[MBR] cf00f0b21439c9329230a620361757c0
[BSP] 4f5f3d4eae043ef85422cfd6cde75bc1 : Acer MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 10000 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 20482048 | Size: 114243 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 254451712 | Size: 114230 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Dokončeno : << RKreport[0]_D_11042013_140941.txt >>
RKreport[0]_S_11042013_140819.txt

14:13:00.0504 0660 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:13:08.0429 0660 ============================================================
14:13:08.0429 0660 Current date / time: 2013/11/04 14:13:08.0429
14:13:08.0429 0660 SystemInfo:
14:13:08.0429 0660
14:13:08.0429 0660 OS Version: 6.0.6002 ServicePack: 2.0
14:13:08.0429 0660 Product type: Workstation
14:13:08.0429 0660 ComputerName: THU-PC
14:13:08.0429 0660 UserName: Thu
14:13:08.0429 0660 Windows directory: C:\Windows
14:13:08.0429 0660 System windows directory: C:\Windows
14:13:08.0429 0660 Processor architecture: Intel x86
14:13:08.0429 0660 Number of processors: 2
14:13:08.0429 0660 Page size: 0x1000
14:13:08.0429 0660 Boot type: Normal boot
14:13:08.0429 0660 ============================================================
14:13:09.0708 0660 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:13:09.0708 0660 ============================================================
14:13:09.0708 0660 \Device\Harddisk0\DR0:
14:13:09.0708 0660 MBR partitions:
14:13:09.0708 0660 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1388800, BlocksNum 0xDF21800
14:13:09.0708 0660 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xF2AA000, BlocksNum 0xDF1B000
14:13:09.0708 0660 ============================================================
14:13:09.0739 0660 C: <-> \Device\Harddisk0\DR0\Partition1
14:13:09.0833 0660 D: <-> \Device\Harddisk0\DR0\Partition2
14:13:09.0848 0660 ============================================================
14:13:09.0848 0660 Initialize success
14:13:09.0848 0660 ============================================================
14:13:58.0358 5744 ============================================================
14:13:58.0358 5744 Scan started
14:13:58.0358 5744 Mode: Manual;
14:13:58.0358 5744 ============================================================
14:13:58.0935 5744 ================ Scan system memory ========================
14:13:58.0935 5744 System memory - ok
14:13:58.0935 5744 ================ Scan services =============================
14:13:59.0044 5744 [ 9EBE730D4B5E3FF25EAAF5A59BA6CCFF ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
14:13:59.0060 5744 !SASCORE - ok
14:13:59.0232 5744 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
14:13:59.0232 5744 ACPI - ok
14:13:59.0310 5744 [ A283108E14F3970432C21AF4C0CB1BCE ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:13:59.0310 5744 AdobeFlashPlayerUpdateSvc - ok
14:13:59.0372 5744 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
14:13:59.0388 5744 adp94xx - ok
14:13:59.0434 5744 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
14:13:59.0434 5744 adpahci - ok
14:13:59.0466 5744 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
14:13:59.0466 5744 adpu160m - ok
14:13:59.0481 5744 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
14:13:59.0481 5744 adpu320 - ok
14:13:59.0497 5744 adusbser - ok
14:13:59.0575 5744 [ 9243229DFCCC99B5441750EBA49F1B14 ] AdvancedSystemCareService6 C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
14:13:59.0575 5744 AdvancedSystemCareService6 - ok
14:13:59.0622 5744 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:13:59.0622 5744 AeLookupSvc - ok
14:13:59.0653 5744 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
14:13:59.0668 5744 AFD - ok
14:13:59.0700 5744 [ EFBC44FBD75E4F80BD927AEBF6E7EADE ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
14:13:59.0715 5744 AgereModemAudio - ok
14:13:59.0778 5744 [ 38325C6AA8EAE011897D61CE48EC6435 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
14:13:59.0793 5744 AgereSoftModem - ok
14:13:59.0824 5744 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:13:59.0824 5744 agp440 - ok
14:13:59.0856 5744 [ 6F1565AD2C46A5BC20107A4626E9A340 ] ahcix86s C:\Windows\system32\DRIVERS\ahcix86s.sys
14:13:59.0856 5744 ahcix86s - ok
14:13:59.0902 5744 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
14:13:59.0902 5744 aic78xx - ok
14:13:59.0949 5744 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
14:13:59.0949 5744 ALG - ok
14:13:59.0965 5744 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
14:13:59.0965 5744 aliide - ok
14:14:00.0012 5744 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
14:14:00.0012 5744 amdagp - ok
14:14:00.0027 5744 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
14:14:00.0027 5744 amdide - ok
14:14:00.0058 5744 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
14:14:00.0058 5744 AmdK7 - ok
14:14:00.0090 5744 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
14:14:00.0105 5744 AmdK8 - ok
14:14:00.0121 5744 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
14:14:00.0121 5744 Appinfo - ok
14:14:00.0152 5744 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
14:14:00.0152 5744 arc - ok
14:14:00.0168 5744 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:14:00.0168 5744 arcsas - ok
14:14:00.0214 5744 [ D5730129EA9ADF7AE710DA0B14F9DE19 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
14:14:00.0246 5744 aswFsBlk - ok
14:14:00.0277 5744 [ 6F23333C8358D267718F9ECB21CBB6F4 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
14:14:00.0277 5744 aswMonFlt - ok
14:14:00.0324 5744 [ 29CB7009F11470A24B1D49849A6118A5 ] aswRdr C:\Windows\system32\drivers\aswRdr.sys
14:14:00.0324 5744 aswRdr - ok
14:14:00.0370 5744 [ F385467DF95D0A73775CB3B076B8B969 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
14:14:00.0370 5744 aswRvrt - ok
14:14:00.0433 5744 [ 50C85412AD31F5C0F687F00C2E34C673 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
14:14:00.0448 5744 aswSnx - ok
14:14:00.0495 5744 [ DDEBA353975F0827143484D5A9310935 ] aswSP C:\Windows\system32\drivers\aswSP.sys
14:14:00.0511 5744 aswSP - ok
14:14:00.0542 5744 [ 8BCD47E79EAA40C387D7B9DCEC41DE2D ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
14:14:00.0542 5744 aswTdi - ok
14:14:00.0573 5744 [ BADA8FD627F1D0E22308211C33F0BDB5 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
14:14:00.0573 5744 aswVmm - ok
14:14:00.0604 5744 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:14:00.0604 5744 AsyncMac - ok
14:14:00.0651 5744 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
14:14:00.0651 5744 atapi - ok
14:14:00.0729 5744 [ 99D78248BFD454BFA9B5BEC37350FADE ] athr C:\Windows\system32\DRIVERS\athr.sys
14:14:00.0745 5744 athr - ok
14:14:00.0792 5744 [ EEC308E4E061344BB31AE295A016721B ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
14:14:00.0792 5744 Ati External Event Utility - ok
14:14:00.0963 5744 [ 8FDD2385D30080711633FE9FF2A64126 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
14:14:01.0026 5744 atikmdag - ok
14:14:01.0057 5744 [ 5A1465AD2E7C1BC39CDA12A355329096 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
14:14:01.0057 5744 AtiPcie - ok
14:14:01.0104 5744 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:14:01.0119 5744 AudioEndpointBuilder - ok
14:14:01.0119 5744 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
14:14:01.0135 5744 Audiosrv - ok
14:14:01.0197 5744 [ 4BE7EC02133544CDE7A580875E130208 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
14:14:01.0197 5744 avast! Antivirus - ok
14:14:01.0228 5744 [ 6FB43F0DADB3FDC287D080C19666AF8D ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
14:14:01.0228 5744 b57nd60x - ok
14:14:01.0275 5744 [ E0F3A813D2125581D2CE4F212AC9B7CA ] BdAgent C:\Windows\system32\DRIVERS\BdAgent.sys
14:14:01.0275 5744 BdAgent - ok
14:14:01.0306 5744 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
14:14:01.0306 5744 Beep - ok
14:14:01.0416 5744 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
14:14:01.0431 5744 BFE - ok
14:14:01.0525 5744 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
14:14:01.0540 5744 BITS - ok
14:14:01.0587 5744 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
14:14:01.0587 5744 blbdrive - ok
14:14:01.0634 5744 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:14:01.0634 5744 bowser - ok
14:14:01.0681 5744 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
14:14:01.0681 5744 BrFiltLo - ok
14:14:01.0696 5744 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
14:14:01.0696 5744 BrFiltUp - ok
14:14:01.0728 5744 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
14:14:01.0728 5744 Browser - ok
14:14:01.0759 5744 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
14:14:01.0759 5744 Brserid - ok
14:14:01.0790 5744 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
14:14:01.0790 5744 BrSerWdm - ok
14:14:01.0821 5744 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
14:14:01.0821 5744 BrUsbMdm - ok
14:14:01.0837 5744 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
14:14:01.0837 5744 BrUsbSer - ok
14:14:01.0852 5744 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
14:14:01.0868 5744 BTHMODEM - ok
14:14:01.0915 5744 [ 09E6AFFAE6C0E9158BF05C7D08D0107A ] BUNAgentSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
14:14:01.0915 5744 BUNAgentSvc - ok
14:14:01.0946 5744 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:14:01.0946 5744 cdfs - ok
14:14:01.0993 5744 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:14:01.0993 5744 cdrom - ok
14:14:02.0040 5744 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
14:14:02.0040 5744 CertPropSvc - ok
14:14:02.0055 5744 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
14:14:02.0055 5744 circlass - ok
14:14:02.0086 5744 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
14:14:02.0102 5744 CLFS - ok
14:14:02.0227 5744 [ 8B67044AE0621C005245EF62EEF0746F ] CLHNService C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
14:14:02.0227 5744 CLHNService - ok
14:14:02.0305 5744 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:14:02.0305 5744 clr_optimization_v2.0.50727_32 - ok
14:14:02.0367 5744 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:14:02.0367 5744 clr_optimization_v4.0.30319_32 - ok
14:14:02.0398 5744 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:14:02.0398 5744 CmBatt - ok
14:14:02.0414 5744 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:14:02.0414 5744 cmdide - ok
14:14:02.0430 5744 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:14:02.0430 5744 Compbatt - ok
14:14:02.0445 5744 COMSysApp - ok
14:14:02.0461 5744 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
14:14:02.0461 5744 crcdisk - ok
14:14:02.0492 5744 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
14:14:02.0492 5744 Crusoe - ok
14:14:02.0539 5744 [ FB27772BEAF8E1D28CCD825C09DA939B ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:14:02.0554 5744 CryptSvc - ok
14:14:02.0648 5744 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:14:02.0664 5744 DcomLaunch - ok
14:14:02.0695 5744 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:14:02.0695 5744 DfsC - ok
14:14:02.0820 5744 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
14:14:02.0835 5744 DFSR - ok
14:14:02.0898 5744 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
14:14:02.0898 5744 Dhcp - ok
14:14:02.0944 5744 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
14:14:02.0944 5744 disk - ok
14:14:02.0991 5744 [ 73BAF270D24FE726B9CD7F80BB17A23D ] DKbFltr C:\Windows\system32\DRIVERS\DKbFltr.sys
14:14:02.0991 5744 DKbFltr - ok
14:14:03.0007 5744 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:14:03.0022 5744 Dnscache - ok
14:14:03.0038 5744 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:14:03.0054 5744 dot3svc - ok
14:14:03.0085 5744 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
14:14:03.0100 5744 DPS - ok
14:14:03.0116 5744 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:14:03.0116 5744 drmkaud - ok
14:14:03.0178 5744 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:14:03.0178 5744 DXGKrnl - ok
14:14:03.0210 5744 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
14:14:03.0210 5744 E1G60 - ok
14:14:03.0256 5744 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
14:14:03.0256 5744 EapHost - ok
14:14:03.0303 5744 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
14:14:03.0303 5744 Ecache - ok
14:14:03.0412 5744 [ B1F2503E23425B386DF0F3413B2596F3 ] eDataSecurity Service C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
14:14:03.0428 5744 eDataSecurity Service - ok
14:14:03.0506 5744 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:14:03.0506 5744 ehRecvr - ok
14:14:03.0537 5744 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
14:14:03.0537 5744 ehSched - ok
14:14:03.0568 5744 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
14:14:03.0568 5744 ehstart - ok
14:14:03.0615 5744 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
14:14:03.0615 5744 elxstor - ok
14:14:03.0678 5744 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
14:14:03.0693 5744 EMDMgmt - ok
14:14:03.0724 5744 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:14:03.0740 5744 ErrDev - ok
14:14:03.0802 5744 [ F25247D0E011A643EE60052CE23BE05E ] ETService C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
14:14:03.0802 5744 ETService - ok
14:14:03.0849 5744 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
14:14:03.0865 5744 EventSystem - ok
14:14:03.0896 5744 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
14:14:03.0896 5744 exfat - ok
14:14:03.0943 5744 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:14:03.0943 5744 fastfat - ok
14:14:03.0974 5744 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:14:03.0974 5744 fdc - ok
14:14:04.0021 5744 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
14:14:04.0021 5744 fdPHost - ok
14:14:04.0052 5744 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
14:14:04.0052 5744 FDResPub - ok
14:14:04.0083 5744 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:14:04.0083 5744 FileInfo - ok
14:14:04.0114 5744 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:14:04.0114 5744 Filetrace - ok
14:14:04.0130 5744 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:14:04.0146 5744 flpydisk - ok
14:14:04.0177 5744 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:14:04.0192 5744 FltMgr - ok
14:14:04.0255 5744 [ 452FEAAB2A8DBB42ED751754CB2594F5 ] FontCache C:\Windows\system32\FntCache.dll
14:14:04.0270 5744 FontCache - ok
14:14:04.0317 5744 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:14:04.0333 5744 FontCache3.0.0.0 - ok
14:14:04.0364 5744 [ 65EA8B77B5851854F0C55C43FA51A198 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:14:04.0364 5744 Fs_Rec - ok
14:14:04.0426 5744 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:14:04.0426 5744 gagp30kx - ok
14:14:04.0567 5744 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
14:14:04.0582 5744 gpsvc - ok
14:14:04.0660 5744 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
14:14:04.0660 5744 gupdate - ok
14:14:04.0676 5744 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
14:14:04.0676 5744 gupdatem - ok
14:14:04.0707 5744 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:14:04.0707 5744 HdAudAddService - ok
14:14:04.0801 5744 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:14:04.0801 5744 HDAudBus - ok
14:14:04.0848 5744 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
14:14:04.0848 5744 HidBth - ok
14:14:04.0894 5744 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
14:14:04.0894 5744 HidIr - ok
14:14:04.0941 5744 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
14:14:04.0957 5744 hidserv - ok
14:14:04.0972 5744 [ 3C64042B95E583B366BA4E5D2450235E ] HidUsb C:\Windows\system32\drivers\hidusb.sys
14:14:04.0972 5744 HidUsb - ok
14:14:05.0019 5744 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:14:05.0019 5744 hkmsvc - ok
14:14:05.0082 5744 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
14:14:05.0082 5744 HpCISSs - ok
14:14:05.0128 5744 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
14:14:05.0128 5744 HSFHWAZL - ok
14:14:05.0238 5744 [ EC36F1D542ED4252390D446BF6D4DFD0 ] HSF_DPV C:\Windows\system32\DRIVERS\VSTDPV3.SYS
14:14:05.0253 5744 HSF_DPV - ok
14:14:05.0316 5744 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:14:05.0331 5744 HTTP - ok
14:14:05.0347 5744 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
14:14:05.0347 5744 i2omp - ok
14:14:05.0378 5744 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:14:05.0378 5744 i8042prt - ok
14:14:05.0409 5744 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
14:14:05.0425 5744 iaStorV - ok
14:14:05.0487 5744 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:14:05.0503 5744 idsvc - ok
14:14:05.0534 5744 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
14:14:05.0534 5744 iirsp - ok
14:14:05.0581 5744 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
14:14:05.0596 5744 IKEEXT - ok
14:14:05.0643 5744 [ 58FF11C95C3681C9250914521CB9F036 ] int15 C:\Windows\system32\drivers\int15.sys
14:14:05.0643 5744 int15 - ok
14:14:05.0737 5744 [ B8716D9677B04B82FA405C8C54954728 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
14:14:05.0768 5744 IntcAzAudAddService - ok
14:14:05.0815 5744 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
14:14:05.0815 5744 intelide - ok
14:14:05.0846 5744 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:14:05.0846 5744 intelppm - ok
14:14:05.0893 5744 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:14:05.0893 5744 IPBusEnum - ok
14:14:05.0924 5744 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:14:05.0924 5744 IpFilterDriver - ok
14:14:05.0986 5744 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:14:05.0986 5744 iphlpsvc - ok
14:14:06.0002 5744 IpInIp - ok
14:14:06.0033 5744 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
14:14:06.0033 5744 IPMIDRV - ok
14:14:06.0064 5744 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
14:14:06.0064 5744 IPNAT - ok
14:14:06.0096 5744 [ E50A95179211B12946F7E035D60AF560 ] irda C:\Windows\system32\DRIVERS\irda.sys
14:14:06.0111 5744 irda - ok
14:14:06.0127 5744 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:14:06.0127 5744 IRENUM - ok
14:14:06.0158 5744 [ CBB0D940221A281BCFEAEA695BD1CDA5 ] Irmon C:\Windows\System32\irmon.dll
14:14:06.0174 5744 Irmon - ok
14:14:06.0189 5744 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:14:06.0189 5744 isapnp - ok
14:14:06.0236 5744 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
14:14:06.0236 5744 iScsiPrt - ok
14:14:06.0267 5744 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
14:14:06.0267 5744 iteatapi - ok
14:14:06.0298 5744 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
14:14:06.0298 5744 iteraid - ok
14:14:06.0330 5744 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:14:06.0330 5744 kbdclass - ok
14:14:06.0345 5744 [ 18247836959BA67E3511B62846B9C2E0 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
14:14:06.0345 5744 kbdhid - ok
14:14:06.0376 5744 [ 3978F3540329E16C0AC3BCF677E5669F ] KeyIso C:\Windows\system32\lsass.exe
14:14:06.0392 5744 KeyIso - ok
14:14:06.0423 5744 [ 86165728AF9BF72D6442A894FDFB4F8B ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:14:06.0423 5744 KSecDD - ok
14:14:06.0470 5744 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
14:14:06.0486 5744 KtmRm - ok
14:14:06.0517 5744 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
14:14:06.0532 5744 LanmanServer - ok
14:14:06.0564 5744 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:14:06.0579 5744 LanmanWorkstation - ok
14:14:06.0642 5744 [ 793FF718477345CD5D232C50BED1E452 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
14:14:06.0642 5744 LightScribeService - ok
14:14:06.0673 5744 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:14:06.0688 5744 lltdio - ok
14:14:06.0720 5744 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:14:06.0735 5744 lltdsvc - ok
14:14:06.0751 5744 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:14:06.0766 5744 lmhosts - ok
14:14:06.0798 5744 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
14:14:06.0813 5744 LSI_FC - ok
14:14:06.0829 5744 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:14:06.0829 5744 LSI_SAS - ok
14:14:06.0860 5744 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
14:14:06.0860 5744 LSI_SCSI - ok
14:14:06.0876 5744 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
14:14:06.0876 5744 luafv - ok
14:14:06.0907 5744 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy C:\Windows\system32\drivers\mbamswissarmy.sys
14:14:06.0907 5744 MBAMSwissArmy - ok
14:14:06.0969 5744 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:14:06.0969 5744 Mcx2Svc - ok
14:14:07.0000 5744 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
14:14:07.0000 5744 megasas - ok
14:14:07.0063 5744 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
14:14:07.0063 5744 MegaSR - ok
14:14:07.0094 5744 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
14:14:07.0094 5744 MMCSS - ok
14:14:07.0141 5744 MobilityService - ok
14:14:07.0156 5744 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
14:14:07.0156 5744 Modem - ok
14:14:07.0172 5744 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:14:07.0172 5744 monitor - ok
14:14:07.0188 5744 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:14:07.0188 5744 mouclass - ok
14:14:07.0219 5744 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\drivers\mouhid.sys
14:14:07.0219 5744 mouhid - ok
14:14:07.0250 5744 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
14:14:07.0250 5744 MountMgr - ok
14:14:07.0297 5744 [ 5D494509432897338AFC19DB78A76DCB ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:14:07.0297 5744 MozillaMaintenance - ok
14:14:07.0312 5744 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
14:14:07.0312 5744 mpio - ok
14:14:07.0344 5744 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:14:07.0344 5744 mpsdrv - ok
14:14:07.0375 5744 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
14:14:07.0406 5744 MpsSvc - ok
14:14:07.0437 5744 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
14:14:07.0437 5744 Mraid35x - ok

14:14:07.0453 5744 MREMP50 - ok
14:14:07.0484 5744 MREMP50a64 - ok
14:14:07.0484 5744 MREMPR5 - ok
14:14:07.0515 5744 MRENDIS5 - ok
14:14:07.0531 5744 MRESP50 - ok
14:14:07.0546 5744 MRESP50a64 - ok
14:14:07.0593 5744 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:14:07.0593 5744 MRxDAV - ok
14:14:07.0640 5744 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:14:07.0640 5744 mrxsmb - ok
14:14:07.0687 5744 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:14:07.0702 5744 mrxsmb10 - ok
14:14:07.0718 5744 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:14:07.0718 5744 mrxsmb20 - ok
14:14:07.0765 5744 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
14:14:07.0765 5744 msahci - ok
14:14:07.0796 5744 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:14:07.0796 5744 msdsm - ok
14:14:07.0827 5744 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
14:14:07.0843 5744 MSDTC - ok
14:14:07.0874 5744 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:14:07.0874 5744 Msfs - ok
14:14:07.0890 5744 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:14:07.0890 5744 msisadrv - ok
14:14:07.0936 5744 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:14:07.0952 5744 MSiSCSI - ok
14:14:07.0968 5744 msiserver - ok
14:14:07.0983 5744 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:14:07.0999 5744 MSKSSRV - ok
14:14:08.0014 5744 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:14:08.0014 5744 MSPCLOCK - ok
14:14:08.0030 5744 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:14:08.0030 5744 MSPQM - ok
14:14:08.0077 5744 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:14:08.0077 5744 MsRPC - ok
14:14:08.0124 5744 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:14:08.0124 5744 mssmbios - ok
14:14:08.0139 5744 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:14:08.0139 5744 MSTEE - ok
14:14:08.0186 5744 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
14:14:08.0186 5744 Mup - ok
14:14:08.0248 5744 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
14:14:08.0264 5744 napagent - ok
14:14:08.0295 5744 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:14:08.0295 5744 NativeWifiP - ok
14:14:08.0342 5744 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:14:08.0342 5744 NDIS - ok
14:14:08.0389 5744 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:14:08.0389 5744 NdisTapi - ok
14:14:08.0420 5744 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:14:08.0420 5744 Ndisuio - ok
14:14:08.0451 5744 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:14:08.0467 5744 NdisWan - ok
14:14:08.0482 5744 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:14:08.0482 5744 NDProxy - ok
14:14:08.0514 5744 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:14:08.0514 5744 NetBIOS - ok
14:14:08.0560 5744 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
14:14:08.0560 5744 netbt - ok
14:14:08.0576 5744 [ 3978F3540329E16C0AC3BCF677E5669F ] Netlogon C:\Windows\system32\lsass.exe
14:14:08.0592 5744 Netlogon - ok
14:14:08.0638 5744 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
14:14:08.0654 5744 Netman - ok
14:14:08.0685 5744 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
14:14:08.0701 5744 netprofm - ok
14:14:08.0732 5744 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:14:08.0732 5744 NetTcpPortSharing - ok
14:14:08.0779 5744 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
14:14:08.0779 5744 nfrd960 - ok
14:14:08.0810 5744 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:14:08.0826 5744 NlaSvc - ok
14:14:08.0872 5744 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:14:08.0872 5744 Npfs - ok
14:14:08.0888 5744 [ 6D8D2E5652FC2442C810C5D8BE784148 ] NSCIRDA C:\Windows\system32\DRIVERS\nscirda.sys
14:14:08.0888 5744 NSCIRDA - ok
14:14:08.0919 5744 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
14:14:08.0919 5744 nsi - ok
14:14:08.0950 5744 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:14:08.0950 5744 nsiproxy - ok
14:14:09.0028 5744 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:14:09.0044 5744 Ntfs - ok
14:14:09.0060 5744 [ A2B6583A5652A385DFF5E4F49AD48761 ] NTIBackupSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
14:14:09.0060 5744 NTIBackupSvc - ok
14:14:09.0091 5744 [ 2757D2BA59AEE155209E24942AB127C9 ] NTIDrvr C:\Windows\system32\DRIVERS\NTIDrvr.sys
14:14:09.0091 5744 NTIDrvr - ok
14:14:09.0122 5744 [ 40B87FE8A1A9A5AC9E5A91D96F212BCD ] NTISchedulerSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
14:14:09.0122 5744 NTISchedulerSvc - ok
14:14:09.0153 5744 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
14:14:09.0153 5744 ntrigdigi - ok
14:14:09.0169 5744 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
14:14:09.0184 5744 Null - ok
14:14:09.0216 5744 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:14:09.0216 5744 nvraid - ok
14:14:09.0247 5744 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:14:09.0247 5744 nvstor - ok
14:14:09.0278 5744 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:14:09.0278 5744 nv_agp - ok
14:14:09.0294 5744 NwlnkFlt - ok
14:14:09.0309 5744 NwlnkFwd - ok
14:14:09.0340 5744 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
14:14:09.0340 5744 ohci1394 - ok
14:14:09.0403 5744 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
14:14:09.0434 5744 p2pimsvc - ok
14:14:09.0450 5744 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
14:14:09.0465 5744 p2psvc - ok
14:14:09.0512 5744 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
14:14:09.0512 5744 Parport - ok
14:14:09.0543 5744 [ 57389FA59A36D96B3EB09D0CB91E9CDC ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:14:09.0559 5744 partmgr - ok
14:14:09.0574 5744 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
14:14:09.0574 5744 Parvdm - ok
14:14:09.0606 5744 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
14:14:09.0606 5744 PcaSvc - ok
14:14:09.0637 5744 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
14:14:09.0652 5744 pci - ok
14:14:09.0668 5744 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
14:14:09.0668 5744 pciide - ok
14:14:09.0699 5744 [ B7C5A8769541900F6DFA6FE0C5E4D513 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:14:09.0699 5744 pcmcia - ok
14:14:09.0762 5744 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:14:09.0777 5744 PEAUTH - ok
14:14:09.0871 5744 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
14:14:09.0918 5744 pla - ok
14:14:09.0949 5744 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:14:09.0964 5744 PlugPlay - ok
14:14:10.0011 5744 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
14:14:10.0027 5744 PNRPAutoReg - ok
14:14:10.0042 5744 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
14:14:10.0058 5744 PNRPsvc - ok
14:14:10.0105 5744 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:14:10.0120 5744 PolicyAgent - ok
14:14:10.0152 5744 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:14:10.0152 5744 PptpMiniport - ok
14:14:10.0183 5744 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:14:10.0183 5744 Processor - ok
14:14:10.0230 5744 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
14:14:10.0245 5744 ProfSvc - ok
14:14:10.0261 5744 [ 3978F3540329E16C0AC3BCF677E5669F ] ProtectedStorage C:\Windows\system32\lsass.exe
14:14:10.0261 5744 ProtectedStorage - ok
14:14:10.0308 5744 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
14:14:10.0308 5744 PSched - ok
14:14:10.0323 5744 [ 628321C8DD76AD369B362B202E655A68 ] PSDFilter C:\Windows\system32\DRIVERS\psdfilter.sys
14:14:10.0323 5744 PSDFilter - ok
14:14:10.0354 5744 [ 79D7117E62709C7690CF3DD55ACEAD37 ] PSDNServ C:\Windows\system32\DRIVERS\PSDNServ.sys
14:14:10.0354 5744 PSDNServ - ok
14:14:10.0401 5744 [ CAE5E82827990CF4BD4A49576BDE3A43 ] psdvdisk C:\Windows\system32\DRIVERS\PSDVdisk.sys
14:14:10.0417 5744 psdvdisk - ok
14:14:10.0479 5744 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
14:14:10.0495 5744 ql2300 - ok
14:14:10.0526 5744 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
14:14:10.0526 5744 ql40xx - ok
14:14:10.0573 5744 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
14:14:10.0588 5744 QWAVE - ok
14:14:10.0620 5744 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:14:10.0620 5744 QWAVEdrv - ok
14:14:10.0635 5744 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:14:10.0635 5744 RasAcd - ok
14:14:10.0666 5744 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
14:14:10.0682 5744 RasAuto - ok
14:14:10.0698 5744 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:14:10.0698 5744 Rasl2tp - ok
14:14:10.0744 5744 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
14:14:10.0760 5744 RasMan - ok
14:14:10.0776 5744 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:14:10.0776 5744 RasPppoe - ok
14:14:10.0807 5744 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:14:10.0807 5744 RasSstp - ok
14:14:10.0854 5744 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:14:10.0854 5744 rdbss - ok
14:14:10.0885 5744 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:14:10.0885 5744 RDPCDD - ok
14:14:10.0932 5744 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
14:14:10.0947 5744 rdpdr - ok
14:14:10.0963 5744 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:14:10.0963 5744 RDPENCDD - ok
14:14:10.0994 5744 [ 30BFBDFB7F95559EDE971F9DDB9A00BA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:14:10.0994 5744 RDPWD - ok
14:14:11.0041 5744 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:14:11.0056 5744 RemoteRegistry - ok
14:14:11.0119 5744 [ 17E0BEF5CA5C9CE52CC8082AC6EBC449 ] RichVideo c:\Program Files\Cyberlink\Shared files\RichVideo.exe
14:14:11.0119 5744 RichVideo - ok
14:14:11.0150 5744 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
14:14:11.0150 5744 RpcLocator - ok
14:14:11.0181 5744 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
14:14:11.0212 5744 RpcSs - ok
14:14:11.0244 5744 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:14:11.0244 5744 rspndr - ok
14:14:11.0275 5744 [ 8DAB5975B5C7923D61506A48E251DBAD ] RTSTOR C:\Windows\system32\drivers\RTSTOR.SYS
14:14:11.0275 5744 RTSTOR - ok
14:14:11.0290 5744 [ 3978F3540329E16C0AC3BCF677E5669F ] SamSs C:\Windows\system32\lsass.exe
14:14:11.0306 5744 SamSs - ok
14:14:11.0337 5744 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
14:14:11.0337 5744 SASDIFSV - ok
14:14:11.0353 5744 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
14:14:11.0353 5744 SASKUTIL - ok
14:14:11.0400 5744 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:14:11.0400 5744 sbp2port - ok
14:14:11.0446 5744 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:14:11.0446 5744 SCardSvr - ok
14:14:11.0509 5744 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
14:14:11.0524 5744 Schedule - ok
14:14:11.0540 5744 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
14:14:11.0540 5744 SCPolicySvc - ok
14:14:11.0571 5744 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
14:14:11.0571 5744 sdbus - ok
14:14:11.0618 5744 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:14:11.0618 5744 SDRSVC - ok
14:14:11.0649 5744 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:14:11.0649 5744 secdrv - ok
14:14:11.0680 5744 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
14:14:11.0680 5744 seclogon - ok
14:14:11.0712 5744 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
14:14:11.0727 5744 SENS - ok
14:14:11.0743 5744 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
14:14:11.0743 5744 Serenum - ok
14:14:11.0774 5744 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
14:14:11.0774 5744 Serial - ok
14:14:11.0805 5744 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
14:14:11.0805 5744 sermouse - ok
14:14:11.0852 5744 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
14:14:11.0868 5744 SessionEnv - ok
14:14:11.0914 5744 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:14:11.0914 5744 sffdisk - ok
14:14:11.0930 5744 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:14:11.0930 5744 sffp_mmc - ok
14:14:11.0961 5744 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:14:11.0961 5744 sffp_sd - ok
14:14:11.0977 5744 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
14:14:11.0977 5744 sfloppy - ok
14:14:12.0024 5744 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:14:12.0039 5744 SharedAccess - ok
14:14:12.0070 5744 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:14:12.0086 5744 ShellHWDetection - ok
14:14:12.0133 5744 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
14:14:12.0133 5744 sisagp - ok
14:14:12.0164 5744 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
14:14:12.0164 5744 SiSRaid2 - ok
14:14:12.0180 5744 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:14:12.0180 5744 SiSRaid4 - ok
14:14:12.0320 5744 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
14:14:12.0382 5744 slsvc - ok
14:14:12.0429 5744 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
14:14:12.0429 5744 SLUINotify - ok
14:14:12.0460 5744 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:14:12.0460 5744 Smb - ok
14:14:12.0507 5744 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:14:12.0523 5744 SNMPTRAP - ok
14:14:12.0554 5744 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
14:14:12.0554 5744 spldr - ok
14:14:12.0601 5744 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
14:14:12.0616 5744 Spooler - ok
14:14:12.0648 5744 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:14:12.0663 5744 srv - ok
14:14:12.0694 5744 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:14:12.0710 5744 srv2 - ok
14:14:12.0726 5744 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:14:12.0726 5744 srvnet - ok
14:14:12.0788 5744 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:14:12.0804 5744 SSDPSRV - ok
14:14:12.0819 5744 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:14:12.0835 5744 SstpSvc - ok
14:14:12.0882 5744 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
14:14:12.0897 5744 stisvc - ok
14:14:12.0944 5744 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:14:12.0944 5744 swenum - ok
14:14:12.0975 5744 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
14:14:12.0991 5744 swprv - ok
14:14:13.0022 5744 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
14:14:13.0022 5744 Symc8xx - ok
14:14:13.0038 5744 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
14:14:13.0038 5744 Sym_hi - ok
14:14:13.0069 5744 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
14:14:13.0069 5744 Sym_u3 - ok
14:14:13.0100 5744 [ 4C9BB4B3B9EAC26211484C30B914C6DC ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
14:14:13.0100 5744 SynTP - ok
14:14:13.0147 5744 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
14:14:13.0162 5744 SysMain - ok
14:14:13.0194 5744 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:14:13.0209 5744 TabletInputService - ok
14:14:13.0256 5744 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:14:13.0272 5744 TapiSrv - ok
14:14:13.0303 5744 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
14:14:13.0303 5744 TBS - ok
14:14:13.0365 5744 [ A474879AFA4A596B3A531F3E69730DBF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:14:13.0381 5744 Tcpip - ok
14:14:13.0412 5744 [ A474879AFA4A596B3A531F3E69730DBF ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
14:14:13.0428 5744 Tcpip6 - ok
14:14:13.0459 5744 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:14:13.0459 5744 tcpipreg - ok
14:14:13.0506 5744 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:14:13.0506 5744 TDPIPE - ok
14:14:13.0521 5744 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:14:13.0521 5744 TDTCP - ok
14:14:13.0552 5744 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:14:13.0552 5744 tdx - ok
14:14:13.0584 5744 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:14:13.0584 5744 TermDD - ok
14:14:13.0630 5744 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
14:14:13.0646 5744 TermService - ok
14:14:13.0677 5744 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
14:14:13.0693 5744 Themes - ok
14:14:13.0708 5744 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
14:14:13.0724 5744 THREADORDER - ok
14:14:13.0755 5744 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
14:14:13.0771 5744 TrkWks - ok
14:14:13.0833 5744 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:14:13.0833 5744 TrustedInstaller - ok
14:14:13.0864 5744 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:14:13.0864 5744 tssecsrv - ok
14:14:13.0896 5744 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
14:14:13.0896 5744 tunmp - ok
14:14:13.0942 5744 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:14:13.0942 5744 tunnel - ok
14:14:13.0974 5744 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:14:13.0974 5744 uagp35 - ok
14:14:14.0005 5744 [ F763E070843EE2803DE1395002B42938 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
14:14:14.0005 5744 UBHelper - ok
14:14:14.0052 5744 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:14:14.0052 5744 udfs - ok
14:14:14.0114 5744 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:14:14.0114 5744 UI0Detect - ok
14:14:14.0145 5744 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:14:14.0145 5744 uliagpkx - ok
14:14:14.0176 5744 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
14:14:14.0176 5744 uliahci - ok
14:14:14.0208 5744 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
14:14:14.0208 5744 UlSata - ok
14:14:14.0239 5744 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
14:14:14.0239 5744 ulsata2 - ok
14:14:14.0270 5744 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:14:14.0270 5744 umbus - ok
14:14:14.0332 5744 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
14:14:14.0348 5744 upnphost - ok
14:14:14.0395 5744 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:14:14.0395 5744 usbccgp - ok
14:14:14.0410 5744 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:14:14.0426 5744 usbcir - ok
14:14:14.0473 5744 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:14:14.0473 5744 usbehci - ok
14:14:14.0520 5744 [ EDCA5124B54BCF04E5C0538AA397A9C1 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
14:14:14.0520 5744 usbfilter - ok
14:14:14.0551 5744 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:14:14.0551 5744 usbhub - ok
14:14:14.0598 5744 [ CE697FEE0D479290D89BEC80DFE793B7 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
14:14:14.0598 5744 usbohci - ok
14:14:14.0613 5744 [ B51E52ACF758BE00EF3A58EA452FE360 ] usbprint C:\Windows\system32\drivers\usbprint.sys
14:14:14.0613 5744 usbprint - ok
14:14:14.0644 5744 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:14:14.0644 5744 USBSTOR - ok
14:14:14.0660 5744 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
14:14:14.0660 5744 usbuhci - ok
14:14:14.0691 5744 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
14:14:14.0691 5744 usbvideo - ok
14:14:14.0738 5744 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
14:14:14.0738 5744 UxSms - ok
14:14:14.0769 5744 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
14:14:14.0785 5744 vds - ok
14:14:14.0816 5744 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:14:14.0816 5744 vga - ok
14:14:14.0847 5744 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
14:14:14.0847 5744 VgaSave - ok
14:14:14.0878 5744 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
14:14:14.0878 5744 viaagp - ok
14:14:14.0910 5744 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
14:14:14.0910 5744 ViaC7 - ok
14:14:14.0956 5744 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
14:14:14.0956 5744 viaide - ok
14:14:14.0972 5744 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:14:14.0972 5744 volmgr - ok
14:14:15.0019 5744 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:14:15.0019 5744 volmgrx - ok
14:14:15.0066 5744 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:14:15.0081 5744 volsnap - ok
14:14:15.0097 5744 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:14:15.0112 5744 vsmraid - ok
14:14:15.0159 5744 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
14:14:15.0206 5744 VSS - ok
14:14:15.0253 5744 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
14:14:15.0268 5744 W32Time - ok
14:14:15.0331 5744 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
14:14:15.0331 5744 WacomPen - ok
14:14:15.0362 5744 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
14:14:15.0362 5744 Wanarp - ok
14:14:15.0393 5744 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:14:15.0393 5744 Wanarpv6 - ok
14:14:15.0456 5744 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:14:15.0471 5744 wcncsvc - ok
14:14:15.0502 5744 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:14:15.0518 5744 WcsPlugInService - ok
14:14:15.0549 5744 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
14:14:15.0549 5744 Wd - ok
14:14:15.0596 5744 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:14:15.0596 5744 Wdf01000 - ok
14:14:15.0627 5744 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:14:15.0627 5744 WdiServiceHost - ok
14:14:15.0643 5744 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:14:15.0658 5744 WdiSystemHost - ok
14:14:15.0690 5744 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
14:14:15.0705 5744 WebClient - ok
14:14:15.0736 5744 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:14:15.0752 5744 Wecsvc - ok
14:14:15.0799 5744 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:14:15.0814 5744 wercplsupport - ok
14:14:15.0846 5744 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
14:14:15.0861 5744 WerSvc - ok
14:14:15.0924 5744 [ 5C7BDCF5864DB00323FE2D90FA26A8A2 ] winachsf C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
14:14:15.0939 5744 winachsf - ok
14:14:15.0986 5744 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
14:14:15.0986 5744 WinDefend - ok
14:14:16.0002 5744 WinHttpAutoProxySvc - ok
14:14:16.0080 5744 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:14:16.0080 5744 Winmgmt - ok
14:14:16.0158 5744 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
14:14:16.0204 5744 WinRM - ok
14:14:16.0282 5744 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:14:16.0298 5744 Wlansvc - ok
14:14:16.0329 5744 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
14:14:16.0329 5744 WmiAcpi - ok
14:14:16.0392 5744 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:14:16.0392 5744 wmiApSrv - ok
14:14:16.0470 5744 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
14:14:16.0485 5744 WMPNetworkSvc - ok
14:14:16.0532 5744 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:14:16.0548 5744 WPCSvc - ok
14:14:16.0579 5744 [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:14:16.0594 5744 WPDBusEnum - ok
14:14:16.0672 5744 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
14:14:16.0688 5744 WPFFontCache_v0400 - ok
14:14:16.0719 5744 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:14:16.0719 5744 ws2ifsl - ok
14:14:16.0750 5744 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
14:14:16.0766 5744 wscsvc - ok
14:14:16.0797 5744 WSearch - ok
14:14:16.0906 5744 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
14:14:16.0953 5744 wuauserv - ok
14:14:16.0984 5744 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:14:17.0000 5744 WUDFRd - ok
14:14:17.0031 5744 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:14:17.0047 5744 wudfsvc - ok
14:14:17.0140 5744 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
14:14:17.0140 5744 YahooAUService - ok
14:14:17.0156 5744 ================ Scan global ===============================
14:14:17.0203 5744 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
14:14:17.0250 5744 [ 5DF01708D214FDC0075AD197F1889557 ] C:\Windows\system32\winsrv.dll
14:14:17.0281 5744 [ 5DF01708D214FDC0075AD197F1889557 ] C:\Windows\system32\winsrv.dll
14:14:17.0328 5744 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
14:14:17.0343 5744 [Global] - ok
14:14:17.0343 5744 ================ Scan MBR ==================================
14:14:17.0359 5744 [ A863475757CC50891AA8458C415E4B25 ] \Device\Harddisk0\DR0
14:14:23.0443 5744 \Device\Harddisk0\DR0 - ok
14:14:23.0443 5744 ================ Scan VBR ==================================
14:14:23.0443 5744 [ 89CE3BF377F21D52599D778A32CDB3C7 ] \Device\Harddisk0\DR0\Partition1
14:14:23.0443 5744 \Device\Harddisk0\DR0\Partition1 - ok
14:14:23.0474 5744 [ B74C8B07B74C55E13CC13C7A05A16A30 ] \Device\Harddisk0\DR0\Partition2
14:14:23.0474 5744 \Device\Harddisk0\DR0\Partition2 - ok
14:14:23.0474 5744 ============================================================
14:14:23.0474 5744 Scan finished
14:14:23.0474 5744 ============================================================
14:14:23.0505 3412 Detected object count: 0
14:14:23.0505 3412 Actual detected object count: 0
14:14:29.0199 5168 Deinitialize success

následuje combofix :) omlouvám se, že předbíhám.

udělal jsem full scan eset online scannerem - bez nákazy vše ok, počítač jsem pročistil dále dalšími čistícími prostředky, počítač vypadá taky OK tedy i s Vaší pomocí. Je ještě něco v těchto logech? Chci to mít už z krku. Jinak děkuji!"

ComboFix 13-11-03.02 - Thu 04.11.2013 17:38:16.2.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2814.1929 [GMT 1:00]
Spuštěný z: c:\users\Thu\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-04 do 2013-11-04 )))))))))))))))))))))))))))))))
.
.
2013-11-04 16:51 . 2013-11-04 16:51 -------- d-----w- c:\users\Thu\AppData\Local\temp
2013-11-04 16:51 . 2013-11-04 16:51 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2013-11-04 14:40 . 2013-11-04 14:40 -------- d-----w- c:\program files\OpenOffice 4
2013-11-04 14:34 . 2013-11-04 14:34 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-11-04 14:34 . 2013-11-04 14:34 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-11-04 09:01 . 2013-11-04 09:48 -------- d-----w- c:\users\Thu\AppData\Roaming\Skype
2013-11-04 09:00 . 2013-11-04 09:49 -------- d-----w- c:\programdata\Skype
2013-11-03 23:03 . 2013-11-03 23:03 -------- d-----w- c:\users\Thu\AppData\Local\Adobe
2013-11-03 22:54 . 2013-11-04 13:41 -------- d-----w- c:\users\Thu\AppData\Local\CrashDumps
2013-11-03 22:17 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2013-11-03 22:17 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2013-11-03 22:17 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2013-11-03 22:17 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2013-11-03 22:16 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2013-11-03 22:16 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2013-11-03 22:16 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2013-11-03 22:15 . 2012-06-02 14:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2013-11-03 22:15 . 2012-06-02 14:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2013-11-03 22:06 . 2013-11-03 22:06 -------- d-----w- c:\program files\ESET
2013-11-03 19:07 . 2013-11-03 19:07 355832 ----a-w- c:\program files\Internet Explorer\pdm.dll
2013-11-03 19:07 . 2013-11-03 19:07 265720 ----a-w- c:\program files\Internet Explorer\msdbg2.dll
2013-11-03 19:04 . 2013-11-03 19:04 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2013-11-03 19:04 . 2013-11-03 19:04 519680 ----a-w- c:\windows\system32\d3d11.dll
2013-11-03 19:04 . 2013-11-03 19:04 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2013-11-03 19:04 . 2013-11-03 19:04 252928 ----a-w- c:\windows\system32\dxdiag.exe
2013-11-03 19:04 . 2013-11-03 19:04 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2013-11-03 19:04 . 2013-11-03 19:04 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-11-03 19:04 . 2013-11-03 19:04 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-11-03 19:02 . 2013-11-03 19:02 -------- d-----w- c:\program files\Feedback Tool
2013-11-03 15:23 . 2013-11-03 15:24 -------- d-----w- c:\windows\system32\ca-ES
2013-11-03 15:23 . 2013-11-03 15:24 -------- d-----w- c:\windows\system32\eu-ES
2013-11-03 15:23 . 2013-11-03 15:24 -------- d-----w- c:\windows\system32\vi-VN
2013-11-03 15:18 . 2013-11-03 15:18 -------- d-----w- c:\windows\system32\SPReview
2013-11-03 14:49 . 2009-04-10 22:28 928768 ----a-w- c:\windows\system32\scavenge.dll
2013-11-03 14:48 . 2009-04-10 22:27 57856 ----a-w- c:\windows\system32\compcln.exe
2013-11-03 14:42 . 2009-04-10 22:28 633856 ----a-w- c:\windows\system32\CertEnrollUI.dll
2013-11-03 13:16 . 2013-11-03 13:16 -------- d-----w- c:\windows\ERUNT
2013-11-03 13:08 . 2013-11-03 13:08 -------- d-----w- c:\windows\system32\EventProviders
2013-11-03 13:05 . 2013-11-03 13:05 -------- d-----w- c:\programdata\Symantec
2013-11-03 12:47 . 2013-11-03 12:47 -------- d-----w- c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-11-03 12:46 . 2013-11-03 12:47 -------- d-----w- c:\users\Thu\AppData\Roaming\Apple Computer
2013-11-03 12:46 . 2013-11-03 12:47 -------- d-----w- c:\programdata\IObit
2013-11-03 12:46 . 2013-11-03 12:55 -------- d-----w- c:\users\Thu\AppData\Roaming\IObit
2013-11-03 12:46 . 2013-11-03 12:46 -------- d-----w- c:\program files\IObit
2013-11-03 12:40 . 2013-11-03 13:05 -------- d-----w- c:\programdata\Norton
2013-11-03 12:40 . 2013-11-03 13:03 -------- d-----w- c:\users\Thu\AppData\Local\NPE
2013-11-03 09:51 . 2013-11-03 09:51 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-11-02 21:07 . 2013-11-02 21:07 -------- d-----w- c:\program files\Defraggler
2013-11-02 21:06 . 2013-11-02 21:06 -------- d-----w- c:\program files\Common Files\Java
2013-11-02 21:06 . 2013-11-02 21:05 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-11-02 21:05 . 2013-11-02 21:05 -------- d-----w- c:\program files\Java
2013-11-02 18:38 . 2013-11-02 18:38 -------- d-----w- c:\users\Thu\AppData\Roaming\AVAST Software
2013-11-02 18:36 . 2013-11-02 18:36 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-11-02 18:36 . 2013-11-02 18:36 178304 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-11-02 18:36 . 2013-11-02 18:36 403440 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-11-02 18:36 . 2013-11-02 18:36 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-11-02 18:36 . 2013-11-02 18:36 774392 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-11-02 18:36 . 2013-11-02 18:36 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-11-02 18:36 . 2013-11-02 18:36 35656 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-11-02 18:36 . 2013-11-02 18:36 54832 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-11-02 18:36 . 2013-11-02 18:36 269216 ----a-w- c:\windows\system32\aswBoot.exe
2013-11-02 18:36 . 2013-11-02 18:36 43152 ----a-w- c:\windows\avastSS.scr
2013-11-02 18:34 . 2013-11-02 18:34 -------- d-----w- c:\program files\AVAST Software
2013-11-02 18:32 . 2013-11-02 18:33 -------- d-----w- c:\programdata\AVAST Software
2013-11-02 18:24 . 2013-11-02 18:24 -------- d-----w- c:\users\Thu\AppData\Roaming\Malwarebytes
2013-11-02 18:24 . 2013-11-02 18:24 -------- d-----w- c:\programdata\Malwarebytes
2013-11-02 18:24 . 2013-11-02 18:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-11-02 18:24 . 2013-04-04 13:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-11-02 18:22 . 2013-11-03 13:13 -------- d-----w- C:\AdwCleaner
2013-11-02 18:15 . 2013-11-02 18:15 -------- d-----w- c:\program files\CCleaner
2013-11-02 17:43 . 2013-11-02 17:43 -------- d-----w- c:\users\Thu\AppData\Roaming\SUPERAntiSpyware.com
2013-11-02 17:42 . 2013-11-02 17:44 -------- d-----w- c:\program files\SUPERAntiSpyware
2013-11-02 17:42 . 2013-11-02 17:42 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2013-11-02 16:32 . 2013-11-02 16:32 -------- d-----w- c:\programdata\Package Cache
2013-11-02 16:32 . 2013-11-02 16:32 -------- d-----w- c:\programdata\BullGuard
2013-11-02 16:28 . 2013-11-02 16:42 -------- d-----w- c:\users\Thu\AppData\Roaming\Virus Scan
2013-11-02 16:27 . 2013-11-02 16:27 -------- d-----w- c:\program files\Common Files\Bitdefender
2013-11-02 16:26 . 2013-11-02 16:42 -------- d-----w- c:\users\Thu\AppData\Roaming\QuickScan
2013-10-14 09:44 . 2013-10-14 09:44 98616 ----a-w- c:\windows\system32\drivers\BdAgent.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-03 21:57 . 2013-11-03 21:57 203776 ----a-w- c:\windows\system32\webcheck.dll
2013-11-03 19:04 . 2013-11-03 19:04 4096 ----a-w- c:\windows\system32\drivers\cs-CZ\dxgkrnl.sys.mui
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-11-02 18:35 321752 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-07-29 15:52 121392 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-25 1049896]
"RtHDVCpl"="RtHDVCpl.exe" [2008-09-19 6294048]
"Skytel"="Skytel.exe" [2008-09-19 1833504]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-09-10 809480]
"eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-07-29 526896]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-08-01 405504]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-11-02 3567800]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2013-05-07 115440]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKLM\~\startupfolder\C:^Users^Thu^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\users\Thu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcadeDeluxeAgent]
2008-10-08 19:49 147456 ------w- c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
2008-10-08 19:49 167936 ------w- c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2008-01-21 10:17 61440 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YSearchProtection]
2010-06-14 04:47 296248 ----a-w- c:\program files\Yahoo!\Search Protection\YspService.exe
.
R4 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2013-05-23 119056]
R4 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys [x]
R4 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\IObit\Advanced SystemCare 6\ASCService.exe [2013-04-18 574272]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\AutorunsDisabled\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-11-02 18:15 1185744 ----a-w- c:\program files\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-11-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-04 14:34]
.
2013-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-11-02 18:13]
.
2013-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-11-02 18:13]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.yahoo.com
mStart Page = hxxp://www.yahoo.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 176.12.112.2 192.168.123.254
FF - ProfilePath - c:\users\Thu\AppData\Roaming\Mozilla\Firefox\Profiles\bg90it0h.default\
FF - prefs.js: browser.startup.homepage - google.cz
FF - ExtSQL: 2013-11-02 19:36; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-11-02 22:52; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Thu\AppData\Roaming\Mozilla\Firefox\Profiles\bg90it0h.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-11-02 22:54; {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}; c:\users\Thu\AppData\Roaming\Mozilla\Firefox\Profiles\bg90it0h.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - ExtSQL: 2013-11-03 14:47; ascsurfingprotection@iobit.com; c:\users\Thu\AppData\Roaming\Mozilla\Firefox\Profiles\bg90it0h.default\extensions\ascsurfingprotection@iobit.com
FF - ExtSQL: !HIDDEN! 2009-09-03 07:41; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Adobe Flash Player ActiveX - c:\windows\system32\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-11-04 17:51
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(4768)
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll
c:\windows\System32\SysHook.dll
.
Celkový čas: 2013-11-04 17:54:16
ComboFix-quarantined-files.txt 2013-11-04 16:54
.
Před spuštěním: Volných bajtů: 77 841 747 968
Po spuštění: Volných bajtů: 77 603 979 264
.
- - End Of File - - 4C3A22748FE43F4FAD25F03272B491E2
A863475757CC50891AA8458C415E4B25

Odinstaluj:
Norton Power Eraser
ESET
Bitdefender
QuickScan
Virus Scan

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:


Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

ani jeden program není nainstalovaný.

logy:

ComboFix 13-11-03.02 - Thu 05.11.2013 13:54:34.4.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.2814.1888 [GMT 1:00]
Spuštěný z: c:\users\Thu\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Thu\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\drivers\BdAgent.sys"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Common Files\Bitdefender
c:\program files\Common Files\Bitdefender\setupinformation\bdmetrics.dll
c:\program files\Common Files\Bitdefender\setupinformation\bdmetrics.dll.md5
c:\program files\Common Files\Bitdefender\setupinformation\bdnc.dll
c:\program files\Common Files\Bitdefender\setupinformation\bdnc.dll.md5
c:\program files\Common Files\Bitdefender\setupinformation\bdnc.ini
c:\program files\Common Files\Bitdefender\setupinformation\bdnc.ini.md5
c:\program files\Common Files\Bitdefender\setupinformation\bdnc.ipv4
c:\program files\Common Files\Bitdefender\setupinformation\competitive.jpg
c:\program files\Common Files\Bitdefender\setupinformation\competitive.jpg.md5
c:\program files\Common Files\Bitdefender\setupinformation\detection.xml
c:\program files\Common Files\Bitdefender\setupinformation\detection.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\en-US\install_config.xml
c:\program files\Common Files\Bitdefender\setupinformation\en-US\install_config.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\en-US\setupdownloader.ui
c:\program files\Common Files\Bitdefender\setupinformation\en-US\setupdownloader.ui.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\ACA.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\ACA.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Ad-Aware.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Ad-Aware.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\alading.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\alading.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\AntiVir.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\AntiVir.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\avast5.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\avast5.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\AVG.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\AVG.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Avira.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Avira.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\BackWeb-4476822.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\BackWeb-4476822.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\BBC.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\BBC.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Bitdefender 2011.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Bitdefender 2011.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Bitdefender Antivirus.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Bitdefender Antivirus.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Bitdefender Bussiness Client.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Bitdefender Bussiness Client.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Bitdefender Internet Security.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Bitdefender Internet Security.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Bitdefender Total Security.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Bitdefender Total Security.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\BitdefenderGonzales.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\BitdefenderGonzales.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\BullGuard.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\BullGuard.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\cciss.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\cciss.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\COMODO.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\COMODO.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\DRWEB.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\DRWEB.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\eastlink.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\eastlink.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\ESET.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\ESET.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\eTrust.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\eTrust.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\F-Secure.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\F-Secure.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\G Data.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\G Data.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\GUIDs.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\GUIDs.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\hotspot.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\hotspot.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\JiangMin.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\JiangMin.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Kaspersky.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Kaspersky.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Kingsoft.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Kingsoft.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\kingsoftSafeguard.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\kingsoftSafeguard.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\kv antivirus.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\kv antivirus.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Lavasoft.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Lavasoft.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\McAfee.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\McAfee.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\MicroPoint.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\MicroPoint.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Microsoft Security Essentials.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Microsoft Security Essentials.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Mobile.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Mobile.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\MSC.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\MSC.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Norman.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Norman.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Norton.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Norton.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\OfficeScan95.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\OfficeScan95.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\OfficeScanNT.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\OfficeScanNT.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Panda.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Panda.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\PC Tools.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\PC Tools.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Premium.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Premium.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\qqpcmgr.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\qqpcmgr.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Rav.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Rav.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\RFW.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\RFW.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Ris.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Ris.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\RP.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\RP.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\safeguard360.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\safeguard360.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\ServerProtect.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\ServerProtect.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\ShieldDeluxe.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\ShieldDeluxe.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Sophos.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Sophos.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Spybot.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Spybot.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\SunBelt.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\SunBelt.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Trend Micro.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Trend Micro.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\VETWIN32Vp5.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\VETWIN32Vp5.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Virus.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Virus.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\Webroot.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\Webroot.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\WinSS.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\WinSS.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\extern\ZoneAlarm.xml
c:\program files\Common Files\Bitdefender\setupinformation\extern\ZoneAlarm.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\htmlayout.dll
c:\program files\Common Files\Bitdefender\setupinformation\htmlayout.dll.md5
c:\program files\Common Files\Bitdefender\setupinformation\install_config.xml
c:\program files\Common Files\Bitdefender\setupinformation\install_config.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\locations.xml
c:\program files\Common Files\Bitdefender\setupinformation\locations.xml.md5
c:\program files\Common Files\Bitdefender\setupinformation\setupdownloader.exe
c:\program files\Common Files\Bitdefender\setupinformation\setupdownloader.exe.md5
c:\program files\Common Files\Bitdefender\setupinformation\setuplauncher.exe
c:\program files\Common Files\Bitdefender\setupinformation\setuplauncher.exe.md5
c:\program files\Common Files\Bitdefender\setupinformation\UninstallLib.dll
c:\program files\Common Files\Bitdefender\setupinformation\UninstallLib.dll.md5
c:\program files\Common Files\Bitdefender\setupinformation\WSUtils.dll
c:\program files\Common Files\Bitdefender\setupinformation\WSUtils.dll.md5
c:\program files\ESET
c:\program files\ESET\ESET Online Scanner\esets_apiA.dll
c:\program files\ESET\ESET Online Scanner\esets_apiW.dll
c:\program files\ESET\ESET Online Scanner\esets_apiW_a.dll
c:\program files\ESET\ESET Online Scanner\ESETSmartInstaller.exe
c:\program files\ESET\ESET Online Scanner\log.txt
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\http_update.eset.com\update.ver
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\lastupd.ver
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod01BF.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod03E8.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod05FC.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod0C4F.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod1500.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod19E5.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod1F2A.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod201B.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod2F94.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod32F4.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod3E67.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod420B.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod446A.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod6046.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod6662.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod66C3.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod6783.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod6F78.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod7D3D.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\nod7F27.nup
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em000_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em001_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em002_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em003_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em004_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em005_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em006_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\temp\em023_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\data\updfiles\upd.ver
c:\program files\ESET\ESET Online Scanner\Modules\em000_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\em001_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\em002_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\em003_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\em004_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\em005_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\em006_32.dat
c:\program files\ESET\ESET Online Scanner\Modules\em023_32.dat
c:\program files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
c:\program files\ESET\ESET Online Scanner\OnlineCmdLineScannerA.exe
c:\program files\ESET\ESET Online Scanner\OnlineScanner.cab
c:\program files\ESET\ESET Online Scanner\OnlineScanner.inf
c:\program files\ESET\ESET Online Scanner\OnlineScanner.ocx
c:\program files\ESET\ESET Online Scanner\OnlineScanner64.ocx
c:\program files\ESET\ESET Online Scanner\OnlineScannerApp.exe
c:\program files\ESET\ESET Online Scanner\OnlineScannerLang.dll
c:\program files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
c:\program files\ESET\ESET Online Scanner\unicows.dll
c:\program files\Google\Update
c:\program files\Google\Update\1.3.21.123\GoogleCrashHandler.exe
c:\program files\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
c:\program files\Google\Update\1.3.21.123\GoogleUpdate.exe
c:\program files\Google\Update\1.3.21.123\GoogleUpdateBroker.exe
c:\program files\Google\Update\1.3.21.123\GoogleUpdateHelper.msi
c:\program files\Google\Update\1.3.21.123\GoogleUpdateOnDemand.exe
c:\program files\Google\Update\1.3.21.123\GoogleUpdateSetup.exe
c:\program files\Google\Update\1.3.21.123\goopdate.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_am.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ar.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_bg.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_bn.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ca.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_cs.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_da.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_de.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_el.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_en-GB.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_en.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_es-419.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_es.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_et.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_fa.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_fi.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_fil.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_fr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_gu.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_hi.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_hr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_hu.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_id.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_is.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_it.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_iw.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ja.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_kn.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ko.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_lt.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_lv.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ml.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_mr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ms.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_nl.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_no.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_pl.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_pt-BR.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_pt-PT.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ro.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ru.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sk.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sl.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sv.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_sw.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ta.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_te.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_th.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_tr.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_uk.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_ur.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_vi.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_zh-CN.dll
c:\program files\Google\Update\1.3.21.123\goopdateres_zh-TW.dll
c:\program files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
c:\program files\Google\Update\1.3.21.123\psmachine.dll
c:\program files\Google\Update\1.3.21.123\psuser.dll
c:\program files\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\30.0.1599.101\30.0.1599.101_chrome_installer.exe
c:\program files\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\0.0.0.0\googletoolbarinstaller_en_signed.exe
c:\program files\Google\Update\GoogleUpdate.exe
c:\program files\Google\Update\Install\{694FA470-0B71-4C32-83D4-7A9A3ECE326D}\30.0.1599.101_chrome_installer.exe
c:\programdata\Norton
c:\programdata\Norton\{086A63F0-6B13-4F29-9695-134E7A01E963}\LC.INI
c:\programdata\Norton\NPE\NPEsettings.dat
c:\programdata\Symantec
c:\users\Thu\AppData\Local\NPE
c:\users\Thu\AppData\Local\NPE\ErrMgmt\SQCLIENT.dat
c:\users\Thu\AppData\Local\NPE\ErrMgmt\SUBCFG.dat
c:\users\Thu\AppData\Local\NPE\ErrorInstances\F5796016\913D7DBC-7525-41F3-8DD3-5D63AC03A8F3.dat
c:\users\Thu\AppData\Local\NPE\Info20131103135849.xml
c:\users\Thu\AppData\Local\NPE\NPETraceSession.etl
c:\users\Thu\AppData\Local\NPE\NPETraceSessionBoot.etl
c:\users\Thu\AppData\Roaming\QuickScan
c:\users\Thu\AppData\Roaming\QuickScan\Report 2013-11-02 17.26.03.txt
c:\users\Thu\AppData\Roaming\QuickScan\Report 2013-11-02 17.42.30.txt
c:\users\Thu\AppData\Roaming\Virus Scan
c:\users\Thu\AppData\Roaming\Virus Scan\Report 2013-11-02 17.29.13.txt
c:\users\Thu\AppData\Roaming\Virus Scan\Report 2013-11-02 17.42.19.txt
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_BDAGENT
-------\Service_BdAgent
-------\Service_gupdate
-------\Service_gupdatem
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2013-10-05 do 2013-11-05 )))))))))))))))))))))))))))))))
.
.
2013-11-05 13:07 . 2013-11-05 13:09 -------- d-----w- c:\users\Thu\AppData\Local\temp
2013-11-05 13:07 . 2013-11-05 13:07 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2013-11-05 13:07 . 2013-11-05 13:07 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-11-04 22:45 . 2013-11-04 22:48 -------- d-----w- c:\users\Thu\AppData\Local\CrashDumps
2013-11-04 22:35 . 2013-11-04 22:48 -------- d-----w- c:\users\Thu\AppData\Local\Adobe
2013-11-04 14:40 . 2013-11-04 14:40 -------- d-----w- c:\program files\OpenOffice 4
2013-11-04 14:34 . 2013-11-04 22:48 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-11-04 14:34 . 2013-11-04 22:48 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-11-04 09:01 . 2013-11-04 09:48 -------- d-----w- c:\users\Thu\AppData\Roaming\Skype
2013-11-04 09:00 . 2013-11-04 09:49 -------- d-----w- c:\programdata\Skype
2013-11-03 22:17 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2013-11-03 22:17 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2013-11-03 22:17 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2013-11-03 22:17 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2013-11-03 22:16 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2013-11-03 22:16 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2013-11-03 22:16 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2013-11-03 22:15 . 2012-06-02 14:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2013-11-03 22:15 . 2012-06-02 14:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2013-11-03 19:07 . 2013-11-03 19:07 355832 ----a-w- c:\program files\Internet Explorer\pdm.dll
2013-11-03 19:07 . 2013-11-03 19:07 265720 ----a-w- c:\program files\Internet Explorer\msdbg2.dll
2013-11-03 19:04 . 2013-11-03 19:04 369664 ----a-w- c:\windows\system32\WMPhoto.dll
2013-11-03 19:04 . 2013-11-03 19:04 519680 ----a-w- c:\windows\system32\d3d11.dll
2013-11-03 19:04 . 2013-11-03 19:04 321024 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2013-11-03 19:04 . 2013-11-03 19:04 252928 ----a-w- c:\windows\system32\dxdiag.exe
2013-11-03 19:04 . 2013-11-03 19:04 195584 ----a-w- c:\windows\system32\dxdiagn.dll
2013-11-03 19:04 . 2013-11-03 19:04 189440 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-11-03 19:04 . 2013-11-03 19:04 974848 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-11-03 19:02 . 2013-11-03 19:02 -------- d-----w- c:\program files\Feedback Tool
2013-11-03 15:23 . 2013-11-03 15:24 -------- d-----w- c:\windows\system32\ca-ES
2013-11-03 15:23 . 2013-11-03 15:24 -------- d-----w- c:\windows\system32\eu-ES
2013-11-03 15:23 . 2013-11-03 15:24 -------- d-----w- c:\windows\system32\vi-VN
2013-11-03 15:18 . 2013-11-03 15:18 -------- d-----w- c:\windows\system32\SPReview
2013-11-03 14:49 . 2009-04-10 22:28 928768 ----a-w- c:\windows\system32\scavenge.dll
2013-11-03 14:48 . 2009-04-10 22:27 57856 ----a-w- c:\windows\system32\compcln.exe
2013-11-03 14:42 . 2009-04-10 22:28 633856 ----a-w- c:\windows\system32\CertEnrollUI.dll
2013-11-03 13:16 . 2013-11-03 13:16 -------- d-----w- c:\windows\ERUNT
2013-11-03 13:08 . 2013-11-03 13:08 -------- d-----w- c:\windows\system32\EventProviders
2013-11-03 13:05 . 2013-11-03 13:05 -------- d-----w- c:\programdata\NortonInstaller
2013-11-03 12:47 . 2013-11-03 12:47 -------- d-----w- c:\programdata\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
2013-11-03 12:46 . 2013-11-03 12:47 -------- d-----w- c:\users\Thu\AppData\Roaming\Apple Computer
2013-11-03 12:46 . 2013-11-03 12:47 -------- d-----w- c:\programdata\IObit
2013-11-03 12:46 . 2013-11-03 12:55 -------- d-----w- c:\users\Thu\AppData\Roaming\IObit
2013-11-03 12:46 . 2013-11-03 12:46 -------- d-----w- c:\program files\IObit
2013-11-03 09:51 . 2013-11-03 09:51 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2013-11-02 21:07 . 2013-11-02 21:07 -------- d-----w- c:\program files\Defraggler
2013-11-02 21:06 . 2013-11-02 21:06 -------- d-----w- c:\program files\Common Files\Java
2013-11-02 21:06 . 2013-11-02 21:05 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-11-02 21:05 . 2013-11-02 21:05 -------- d-----w- c:\program files\Java
2013-11-02 18:38 . 2013-11-02 18:38 -------- d-----w- c:\users\Thu\AppData\Roaming\AVAST Software
2013-11-02 18:36 . 2013-11-02 18:36 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-11-02 18:36 . 2013-11-02 18:36 178304 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-11-02 18:36 . 2013-11-02 18:36 403440 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-11-02 18:36 . 2013-11-02 18:36 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-11-02 18:36 . 2013-11-02 18:36 774392 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-11-02 18:36 . 2013-11-02 18:36 70384 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-11-02 18:36 . 2013-11-02 18:36 35656 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-11-02 18:36 . 2013-11-02 18:36 54832 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-11-02 18:36 . 2013-11-02 18:36 269216 ----a-w- c:\windows\system32\aswBoot.exe
2013-11-02 18:36 . 2013-11-02 18:36 43152 ----a-w- c:\windows\avastSS.scr
2013-11-02 18:34 . 2013-11-02 18:34 -------- d-----w- c:\program files\AVAST Software
2013-11-02 18:32 . 2013-11-02 18:33 -------- d-----w- c:\programdata\AVAST Software
2013-11-02 18:24 . 2013-11-02 18:24 -------- d-----w- c:\users\Thu\AppData\Roaming\Malwarebytes
2013-11-02 18:24 . 2013-11-02 18:24 -------- d-----w- c:\programdata\Malwarebytes
2013-11-02 18:24 . 2013-11-02 18:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-11-02 18:24 . 2013-04-04 13:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-11-02 18:22 . 2013-11-03 13:13 -------- d-----w- C:\AdwCleaner
2013-11-02 18:15 . 2013-11-02 18:15 -------- d-----w- c:\program files\CCleaner
2013-11-02 17:43 . 2013-11-02 17:43 -------- d-----w- c:\users\Thu\AppData\Roaming\SUPERAntiSpyware.com
2013-11-02 17:42 . 2013-11-02 17:44 -------- d-----w- c:\program files\SUPERAntiSpyware
2013-11-02 17:42 . 2013-11-02 17:42 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2013-11-02 16:32 . 2013-11-02 16:32 -------- d-----w- c:\programdata\Package Cache
2013-11-02 16:32 . 2013-11-02 16:32 -------- d-----w- c:\programdata\BullGuard
2013-10-14 09:44 . 2013-10-14 09:44 98616 ----a-w- c:\windows\system32\drivers\BdAgent.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-03 21:57 . 2013-11-03 21:57 203776 ----a-w- c:\windows\system32\webcheck.dll
2013-11-03 19:04 . 2013-11-03 19:04 4096 ----a-w- c:\windows\system32\drivers\cs-CZ\dxgkrnl.sys.mui
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-11-02 18:35 321752 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-07-29 15:52 121392 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-25 1049896]
"RtHDVCpl"="RtHDVCpl.exe" [2008-09-19 6294048]
"Skytel"="Skytel.exe" [2008-09-19 1833504]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-09-10 809480]
"eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-07-29 526896]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-08-01 405504]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-11-02 3567800]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2013-05-07 115440]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKLM\~\startupfolder\C:^Users^Thu^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
path=c:\users\Thu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
backup=c:\windows\pss\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcadeDeluxeAgent]
2008-10-08 19:49 147456 ------w- c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
2008-10-08 19:49 167936 ------w- c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
2008-01-21 10:17 61440 ----a-w- c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\YSearchProtection]
2010-06-14 04:47 296248 ----a-w- c:\program files\Yahoo!\Search Protection\YspService.exe
.
R4 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2013-05-23 119056]
R4 adusbser;AnyDATA USB Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\adusbser.sys [x]
R4 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\IObit\Advanced SystemCare 6\ASCService.exe [2013-04-18 574272]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\AutorunsDisabled\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-11-02 18:15 1185744 ----a-w- c:\program files\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2013-11-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-04 22:48]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.yahoo.com
mStart Page = hxxp://www.yahoo.com
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.254
FF - ProfilePath - c:\users\Thu\AppData\Roaming\Mozilla\Firefox\Profiles\bg90it0h.default\
FF - prefs.js: browser.startup.homepage - google.cz
FF - ExtSQL: 2013-11-02 19:36; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-11-02 22:52; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Thu\AppData\Roaming\Mozilla\Firefox\Profiles\bg90it0h.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-11-02 22:54; {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}; c:\users\Thu\AppData\Roaming\Mozilla\Firefox\Profiles\bg90it0h.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - ExtSQL: 2013-11-03 14:47; ascsurfingprotection@iobit.com; c:\users\Thu\AppData\Roaming\Mozilla\Firefox\Profiles\bg90it0h.default\extensions\ascsurfingprotection@iobit.com
FF - ExtSQL: !HIDDEN! 2009-09-03 07:41; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-ESET Online Scanner - c:\program files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-11-05 14:09
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(3648)
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\agrsmsvc.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
c:\program files\Acer\Empowering Technology\Service\ETService.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\acer\Mobility Center\MobilityService.exe
c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
c:\program files\Cyberlink\Shared files\RichVideo.exe
c:\windows\system32\conime.exe
.
**************************************************************************
.
Celkový čas: 2013-11-05 14:15:37 - počítač byl restartován
ComboFix-quarantined-files.txt 2013-11-05 13:15
.
Před spuštěním: Volných bajtů: 85 186 162 688
Po spuštění: Volných bajtů: 84 845 928 448
.
- - End Of File - - 4081BB88E69B494391D65316BE4153D5
A863475757CC50891AA8458C415E4B25