Prosím o kontrolu logu,utíká myš

lucie7272 · Příspěvekod **lucie7272** » 28 bře 2014 14:03

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:43:33, on 28.3.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
C:\Documents and Settings\Lucka\Plocha\Core Temp.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [BtTray] "C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe"
O4 - HKLM\..\RunOnce: [20131224] C:\Program Files\AVAST Software\Avast\setup\emupdate\104a298c-073e-4553-bb36-6a1b3c37b67f.exe /check
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
O4 - HKCU\..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKCU\..\Run: [Core Temp.exe] C:\Documents and Settings\Lucka\Plocha\Core Temp.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Send by Bluetooth - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send via &Message... - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\WINDOWS\system32\skype4com.dll
O20 - AppInit_DLLs: C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
O20 - Winlogon Notify: RailNotification - Invalid registry found
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: BsMobileCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Search Protect by Conduit Service (CltMngSvc) - Unknown owner - C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iSafeService - Unknown owner - C:\Program Files\iSafe\iSafeSvc.exe (file missing)
O23 - Service: O2Micro Flash Memory Card Service (O2Flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe

--
End of file - 7147 bytes

-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

# AdwCleaner v3.022 - Report created 28/03/2014 at 17:23:28
# Updated 13/03/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Lucka - PC-C16C7E50B55E
# Running from : C:\Documents and Settings\Lucka\Plocha\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : CltMngSvc
Service Found : iSafeKrnl
Service Found : iSafeService

***** [ Files / Folders ] *****

Folder Found C:\Documents and Settings\Lucka\Data aplikací\eCyber
Folder Found C:\Documents and Settings\Lucka\Data aplikací\iSafe
Folder Found C:\Documents and Settings\Lucka\Local Settings\Data aplikací\SearchProtect
Folder Found C:\Program Files\iSafe
Folder Found C:\Program Files\SearchProtect

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\smarttweak
Key Found : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Driver-Soft
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchProtect
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Found : HKLM\Software\SearchProtect

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Google Chrome v33.0.1750.154

[ File : C:\Documents and Settings\Lucka\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [1513 octets] - [28/03/2014 17:23:28]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1573 octets] ##########

----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2014.03.28.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Lucka :: PC-C16C7E50B55E [administrátor]

Ochrana: Povolena

28.3.2014 17:44:11
MBAM-log-2014-03-28 (17-53-04).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 200942
Uplynulý čas: 8 minut, 17 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 1
HKLM\SYSTEM\CurrentControlSet\Services\CltMngSvc (PUP.Optional.ConduitSearchProtect) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 2
C:\Program Files\SearchProtect\UI\bin (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.
C:\Program Files\SearchProtect\SearchProtect\bin (PUP.Optional.SearchProtect.A) -> Nebyla provedena žádná instrukce.

Nalezené soubory: 1
C:\WINDOWS\inf\ntvdm.inf (Malware.Trace) -> Nebyla provedena žádná instrukce.

(konec)

Reklama

Příspěvekod **jaro3** » 28 bře 2014 19:13

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Prohledat-Scan“, po prohledání klikni na „ Vymazat-Clean“

Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [S?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu

na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

. spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- počkej až skončí Prescan -vyhledávání škodlivých procesů.
- Zkontroluj , zda máš zaškrtnuto:
Kontrola MBR
Kontrola Faked
Antirootkit
-Potom klikni na „Prohledat“.
- Program skenuje procesy PC. Po proskenování klikni na „Zpráva“celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.

lucie7272 · Příspěvekod **lucie7272** » 28 bře 2014 20:42

AdwCleaner v3.022 - Report created 28/03/2014 at 19:21:09
# Updated 13/03/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Lucka - PC-C16C7E50B55E
# Running from : C:\Documents and Settings\Lucka\Plocha\adwcleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : CltMngSvc
Service Found : iSafeKrnl
Service Found : iSafeService

***** [ Files / Folders ] *****

Folder Found C:\Documents and Settings\Lucka\Data aplikací\eCyber
Folder Found C:\Documents and Settings\Lucka\Data aplikací\iSafe
Folder Found C:\Documents and Settings\Lucka\Local Settings\Data aplikací\SearchProtect
Folder Found C:\Program Files\iSafe
Folder Found C:\Program Files\SearchProtect

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\smarttweak
Key Found : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Driver-Soft
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchProtect
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Found : HKLM\Software\SearchProtect

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Google Chrome v33.0.1750.154

[ File : C:\Documents and Settings\Lucka\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [1653 octets] - [28/03/2014 17:23:28]
AdwCleaner[R1].txt - [1573 octets] - [28/03/2014 19:21:09]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1633 octets] ##########

---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Microsoft Windows XP x86
Ran by Lucka on p 28.03.2014 at 20:10:30,73
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p 28.03.2014 at 20:23:26,79
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2014.03.28.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Lucka :: PC-C16C7E50B55E [administrátor]

Ochrana: Povolena

28.3.2014 20:24:18
MBAM-log-2014-03-28 (20-31-32).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 200808
Uplynulý čas: 6 minut,

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 1
C:\WINDOWS\inf\ntvdm.inf (Malware.Trace) -> Nebyla provedena žádná instrukce.

(konec)
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Lucka [Práva správce]
Mód : Kontrola -- Datum : 03/28/2014 20:36:32
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP PATH] Core Temp.exe -- C:\Documents and Settings\Lucka\Plocha\Core Temp.exe [-] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 5 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : Core Temp.exe (C:\Documents and Settings\Lucka\Plocha\Core Temp.exe [-]) -> NALEZENO
[RUN][SUSP PATH] HKUS\S-1-5-21-1715567821-1454471165-1177238915-1004\[...]\Run : Core Temp.exe (C:\Documents and Settings\Lucka\Plocha\Core Temp.exe [-]) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD3200BEVT-22ZCT0 +++++
--- User ---
[MBR] 0fbc256fbca81742ff2496704df5247b
[BSP] cf12a3833762fb97ecc811bb188f8f02 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 305234 MB
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_03282014_203632.txt >>

Příspěvekod **jaro3** » 29 bře 2014 11:16

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB nebo externí disky z počítače před spuštěním tohoto programu.
Spusť RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- Počkej, až Prescan dokončí práci...
- Počkej, dokud status okno zobrazuje "Prohledat "
- Klikni na "Smazat"
- Počkej, dokud Status box zobrazuje " Mazání dokončeno "
- Klikni na "Zpráva " a zkopíruj a vlož obsah té zprávy prosím sem. Log je možno nalézt v RKreport [číslo]. txt na ploše.
- Zavři RogueKiller

Stáhni si TDSSKiller
Na svojí plochu.Ujisti se , že máš zavřeny všechny ostatní aplikace a prohlížeče. Rozbal soubor a spusť TDSSKiller.exe. Restartuj PC . Log z TDSSKilleru najdeš zde:
C:\TDSSKiller. 2.8.16.0_(datum)_log.txt , vlož sem prosím celý obsah logu.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků

lucie7272 · Příspěvekod **lucie7272** » 29 bře 2014 13:34

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Spuštěno v : Normální režim
Uživatel : Lucka [Práva správce]
Mód : Odebrat -- Datum : 03/29/2014 13:05:45
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 1 ¤¤¤
[SUSP PATH] Core Temp.exe -- C:\Documents and Settings\Lucka\Plocha\Core Temp.exe [-] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 5 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : Core Temp.exe (C:\Documents and Settings\Lucka\Plocha\Core Temp.exe [-]) -> VYMAZÁNO
[RUN][SUSP PATH] HKUS\S-1-5-21-1715567821-1454471165-1177238915-1004\[...]\Run : Core Temp.exe (C:\Documents and Settings\Lucka\Plocha\Core Temp.exe [-]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD3200BEVT-22ZCT0 +++++
--- User ---
[MBR] 0fbc256fbca81742ff2496704df5247b
[BSP] cf12a3833762fb97ecc811bb188f8f02 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 305234 MB
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_03292014_130545.txt >>
RKreport[0]_S_03282014_203632.txt;RKreport[0]_S_03292014_130534.txt

lucie7272 · Příspěvekod **lucie7272** » 29 bře 2014 13:36

13:06:42.0625 1132 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
13:07:01.0000 1132 ============================================================
13:07:01.0000 1132 Current date / time: 2014/03/29 13:07:01.0000
13:07:01.0000 1132 SystemInfo:
13:07:01.0000 1132
13:07:01.0000 1132 OS Version: 5.1.2600 ServicePack: 3.0
13:07:01.0000 1132 Product type: Workstation
13:07:01.0000 1132 ComputerName: PC-C16C7E50B55E
13:07:01.0000 1132 UserName: Lucka
13:07:01.0000 1132 Windows directory: C:\WINDOWS
13:07:01.0000 1132 System windows directory: C:\WINDOWS
13:07:01.0000 1132 Processor architecture: Intel x86
13:07:01.0000 1132 Number of processors: 2
13:07:01.0000 1132 Page size: 0x1000
13:07:01.0000 1132 Boot type: Normal boot
13:07:01.0000 1132 ============================================================
13:07:02.0343 1132 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
13:07:02.0343 1132 ============================================================
13:07:02.0343 1132 \Device\Harddisk0\DR0:
13:07:02.0343 1132 MBR partitions:
13:07:02.0343 1132 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x254297C1
13:07:02.0343 1132 ============================================================
13:07:02.0375 1132 C: <-> \Device\Harddisk0\DR0\Partition1
13:07:02.0375 1132 ============================================================
13:07:02.0375 1132 Initialize success
13:07:02.0375 1132 ============================================================
13:07:08.0359 3364 ============================================================
13:07:08.0359 3364 Scan started
13:07:08.0359 3364 Mode: Manual;
13:07:08.0359 3364 ============================================================
13:07:08.0609 3364 ================ Scan system memory ========================
13:07:08.0609 3364 System memory - ok
13:07:08.0609 3364 ================ Scan services =============================
13:07:08.0750 3364 Abiosdsk - ok
13:07:08.0765 3364 abp480n5 - ok
13:07:08.0828 3364 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
13:07:08.0828 3364 ACPI - ok
13:07:08.0859 3364 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
13:07:08.0859 3364 ACPIEC - ok
13:07:08.0921 3364 [ 9D96B0D5855FD1B98023B3EEC9F06786 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:07:08.0921 3364 AdobeFlashPlayerUpdateSvc - ok
13:07:08.0937 3364 adpu160m - ok
13:07:09.0015 3364 [ B11C71B29FA69E4586F9B65560E6604D ] AdvancedSystemCareService5 C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
13:07:09.0031 3364 AdvancedSystemCareService5 - ok
13:07:09.0093 3364 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
13:07:09.0093 3364 aec - ok
13:07:09.0140 3364 [ F6B7B1ECD7B41736BDB6FF4B092BCB79 ] AFD C:\WINDOWS\System32\drivers\afd.sys
13:07:09.0156 3364 AFD - ok
13:07:09.0156 3364 Aha154x - ok
13:07:09.0171 3364 aic78u2 - ok
13:07:09.0187 3364 aic78xx - ok
13:07:09.0218 3364 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
13:07:09.0218 3364 Alerter - ok
13:07:09.0265 3364 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
13:07:09.0265 3364 ALG - ok
13:07:09.0265 3364 AliIde - ok
13:07:09.0390 3364 ALSysIO - ok
13:07:09.0406 3364 amsint - ok
13:07:09.0437 3364 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
13:07:09.0453 3364 AppMgmt - ok
13:07:09.0546 3364 [ 27345A9631E507C198487FAD6034001C ] AR5416 C:\WINDOWS\system32\DRIVERS\athw.sys
13:07:09.0562 3364 AR5416 - ok
13:07:09.0562 3364 asc - ok
13:07:09.0578 3364 asc3350p - ok
13:07:09.0593 3364 asc3550 - ok
13:07:09.0734 3364 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
13:07:09.0750 3364 aspnet_state - ok
13:07:09.0796 3364 [ 7021F01CCAC1538CCF9AE004723AF033 ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
13:07:09.0796 3364 aswMonFlt - ok
13:07:09.0843 3364 [ 98C18C78B0C3E7EFBDDA7BD0C35F5903 ] aswRdr C:\WINDOWS\system32\drivers\aswRdr.sys
13:07:09.0843 3364 aswRdr - ok
13:07:09.0859 3364 [ F385467DF95D0A73775CB3B076B8B969 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
13:07:09.0859 3364 aswRvrt - ok
13:07:09.0890 3364 [ 8CD8710457FCC1CDE88CBFA3AA119B92 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
13:07:09.0906 3364 aswSnx - ok
13:07:09.0921 3364 [ C1F95C9481F46B96E23A276639C55AC9 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
13:07:09.0921 3364 aswSP - ok
13:07:09.0953 3364 [ E6390554DCB2A730702188547267093C ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
13:07:09.0953 3364 aswTdi - ok
13:07:09.0968 3364 [ 1B0662514A68C3A42E60D240C5ABEF28 ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
13:07:09.0968 3364 aswVmm - ok
13:07:09.0984 3364 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
13:07:09.0984 3364 AsyncMac - ok
13:07:10.0000 3364 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
13:07:10.0000 3364 atapi - ok
13:07:10.0015 3364 Atdisk - ok
13:07:10.0093 3364 [ 43E17DA549BC8219EEE90AA9C6480AAA ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
13:07:10.0093 3364 Ati HotKey Poller - ok
13:07:10.0375 3364 [ 50D7EE1C07BC1E549FAE797668A90E1E ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
13:07:10.0453 3364 ati2mtag - ok
13:07:10.0562 3364 [ 924971A182E07463765EF9FA8876F24F ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdXP3.sys
13:07:10.0562 3364 AtiHDAudioService - ok
13:07:10.0578 3364 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
13:07:10.0578 3364 Atmarpc - ok
13:07:10.0593 3364 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
13:07:10.0593 3364 AudioSrv - ok
13:07:10.0656 3364 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
13:07:10.0656 3364 audstub - ok
13:07:10.0734 3364 [ CC42F104172B4A62793083D380867317 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
13:07:10.0734 3364 avast! Antivirus - ok
13:07:10.0765 3364 [ 6F7911F3E674363A91541E097F49B633 ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
13:07:10.0765 3364 b57w2k - ok
13:07:10.0812 3364 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
13:07:10.0812 3364 Beep - ok
13:07:10.0890 3364 [ 3AEDE727580F0A7C3929DD6526145759 ] BITS C:\WINDOWS\system32\qmgr.dll
13:07:10.0906 3364 BITS - ok
13:07:10.0953 3364 [ BC0E1C15E6FB3E20CD558F496EA684A0 ] BlueletAudio C:\WINDOWS\system32\DRIVERS\blueletaudio.sys
13:07:10.0953 3364 BlueletAudio - ok
13:07:10.0968 3364 [ 5F81A2D1ABC1E480C6152F7B9E446BFA ] BlueletSCOAudio C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys
13:07:10.0968 3364 BlueletSCOAudio - ok
13:07:11.0046 3364 [ AA770326DBF8518C632F02B0F85E0087 ] BlueSoleilCS C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
13:07:11.0062 3364 BlueSoleilCS - ok
13:07:11.0109 3364 [ 39CE94B2B33771A3D95C70F41847F3F9 ] Browser C:\WINDOWS\System32\browser.dll
13:07:11.0109 3364 Browser - ok
13:07:11.0140 3364 [ 0A22897FC9C4FF67E4FE2FE39CF8BFC2 ] BsHelpCS C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
13:07:11.0140 3364 BsHelpCS - ok
13:07:11.0203 3364 [ 881C86C4B8F2359318E0E6D7EC844D13 ] BsMobileCS C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
13:07:11.0203 3364 BsMobileCS - ok
13:07:11.0218 3364 [ 8E2D9ECE59DFE7D310201E0D65D97ECB ] BT C:\WINDOWS\system32\DRIVERS\btnetdrv.sys
13:07:11.0218 3364 BT - ok
13:07:11.0281 3364 [ ECDC40CC54603C711E1A7A1C9255184A ] btaudio C:\WINDOWS\system32\drivers\btaudio.sys
13:07:11.0281 3364 btaudio - ok
13:07:11.0312 3364 [ 942C602296119D758547808221C85A2C ] Btcsrusb C:\WINDOWS\system32\Drivers\btcusb.sys
13:07:11.0328 3364 Btcsrusb - ok
13:07:11.0359 3364 [ 58A49BD10E08D3D4333A60DEDCB1CED8 ] BTDriver C:\WINDOWS\system32\DRIVERS\btport.sys
13:07:11.0359 3364 BTDriver - ok
13:07:11.0406 3364 [ CE441CCD98C5ECB10CB12FCAF97322EC ] BtHidBus C:\WINDOWS\system32\Drivers\BtHidBus.sys
13:07:11.0406 3364 BtHidBus - ok
13:07:11.0421 3364 BTHidEnum - ok
13:07:11.0437 3364 BTHidMgr - ok
13:07:11.0500 3364 [ 885B6D0F826A216EEE4C3AD883809012 ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys
13:07:11.0515 3364 BTKRNL - ok
13:07:11.0546 3364 [ D3C277A51EF9E2EC972D6221F99C0B6D ] btnetBUs C:\WINDOWS\system32\Drivers\btnetBus.sys
13:07:11.0562 3364 btnetBUs - ok
13:07:11.0640 3364 [ 4F26303BECBB7CC5CA8FF39593124CF2 ] BTNetFilter C:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys
13:07:11.0640 3364 BTNetFilter - ok
13:07:11.0718 3364 [ 49E9ED37FAEC5E8C03E81FD73D3884D6 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
13:07:11.0734 3364 btwdins - ok
13:07:11.0750 3364 [ B1D350F3F13CF340FCE93912D2BA1EBF ] BTWDNDIS C:\WINDOWS\system32\DRIVERS\btwdndis.sys
13:07:11.0750 3364 BTWDNDIS - ok
13:07:11.0765 3364 [ E48668B4A6A5CF68B33AECAD18EE8E1E ] btwhid C:\WINDOWS\system32\DRIVERS\btwhid.sys
13:07:11.0765 3364 btwhid - ok
13:07:11.0781 3364 [ 57E91E9925976BBC98984EEBAAF1D84C ] BTWUSB C:\WINDOWS\system32\Drivers\btwusb.sys
13:07:11.0781 3364 BTWUSB - ok
13:07:11.0812 3364 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
13:07:11.0812 3364 cbidf2k - ok
13:07:11.0828 3364 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
13:07:11.0828 3364 CCDECODE - ok
13:07:11.0843 3364 cd20xrnt - ok
13:07:11.0875 3364 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
13:07:11.0875 3364 Cdaudio - ok
13:07:11.0906 3364 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
13:07:11.0906 3364 Cdfs - ok
13:07:11.0921 3364 [ 4B0A100EAF5C49EF3CCA8C641431EACC ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
13:07:11.0937 3364 Cdrom - ok
13:07:11.0937 3364 Changer - ok
13:07:11.0968 3364 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
13:07:11.0968 3364 CiSvc - ok
13:07:12.0015 3364 [ 1E8D39480739E29C728BB10ED6700A5E ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
13:07:12.0015 3364 ClipSrv - ok
13:07:12.0062 3364 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:07:12.0171 3364 clr_optimization_v2.0.50727_32 - ok
13:07:12.0187 3364 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
13:07:12.0187 3364 CmBatt - ok
13:07:12.0203 3364 CmdIde - ok
13:07:12.0218 3364 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
13:07:12.0218 3364 Compbatt - ok
13:07:12.0218 3364 COMSysApp - ok
13:07:12.0250 3364 Cpqarray - ok
13:07:12.0281 3364 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
13:07:12.0296 3364 CryptSvc - ok
13:07:12.0296 3364 dac2w2k - ok
13:07:12.0312 3364 dac960nt - ok
13:07:12.0375 3364 [ C0BD34A62508BA68F146E22CE45919F9 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
13:07:12.0390 3364 DcomLaunch - ok
13:07:12.0406 3364 [ EB737F46D7D494C7760A932C9B6491A4 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
13:07:12.0406 3364 Dhcp - ok
13:07:12.0421 3364 [ 47B6AAEC570F2C11D8BAD80A064D8ED1 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
13:07:12.0421 3364 Disk - ok
13:07:12.0421 3364 dmadmin - ok
13:07:12.0468 3364 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
13:07:12.0484 3364 dmboot - ok
13:07:12.0500 3364 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
13:07:12.0500 3364 dmio - ok
13:07:12.0531 3364 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
13:07:12.0531 3364 dmload - ok
13:07:12.0562 3364 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
13:07:12.0562 3364 dmserver - ok
13:07:12.0609 3364 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
13:07:12.0609 3364 DMusic - ok
13:07:12.0625 3364 [ 38AAD7E982198CB4F642BB60E59511F1 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
13:07:12.0640 3364 Dnscache - ok
13:07:12.0656 3364 [ AACFC38E9D085D58F9F933CFD6AF1D2B ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
13:07:12.0671 3364 Dot3svc - ok
13:07:12.0671 3364 dpti2o - ok
13:07:12.0703 3364 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
13:07:12.0703 3364 drmkaud - ok
13:07:12.0734 3364 [ B327281012B48BD73F587799F9F29BE2 ] DumpDrv C:\WINDOWS\system32\drivers\DumpDrv.sys
13:07:12.0734 3364 DumpDrv - ok
13:07:12.0765 3364 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
13:07:12.0781 3364 EapHost - ok
13:07:12.0781 3364 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
13:07:12.0796 3364 ERSvc - ok
13:07:12.0843 3364 [ 3D107D45CCFDB266E91D84B52CD7F430 ] Eventlog C:\WINDOWS\system32\services.exe
13:07:12.0859 3364 Eventlog - ok
13:07:12.0875 3364 [ BE68EA4457E2E5717231CF91BE5448E0 ] EventSystem C:\WINDOWS\system32\es.dll
13:07:12.0890 3364 EventSystem - ok
13:07:12.0937 3364 [ 4D893323DAE445E34A4C9038B0551BC9 ] exFat C:\WINDOWS\system32\drivers\exFat.sys
13:07:12.0937 3364 exFat - ok
13:07:12.0968 3364 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
13:07:12.0968 3364 Fastfat - ok
13:07:12.0984 3364 [ 54A6BF743E0517528A5064CEAEB40EA7 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
13:07:13.0000 3364 FastUserSwitchingCompatibility - ok
13:07:13.0015 3364 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
13:07:13.0015 3364 Fdc - ok
13:07:13.0046 3364 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
13:07:13.0046 3364 Fips - ok
13:07:13.0046 3364 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
13:07:13.0046 3364 Flpydisk - ok
13:07:13.0109 3364 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
13:07:13.0109 3364 FltMgr - ok
13:07:13.0156 3364 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
13:07:13.0156 3364 FontCache3.0.0.0 - ok
13:07:13.0203 3364 [ 30D42943A54704EF13E2562911DBFCEA ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:07:13.0203 3364 Fs_Rec - ok
13:07:13.0218 3364 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
13:07:13.0218 3364 Ftdisk - ok
13:07:13.0250 3364 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
13:07:13.0265 3364 Gpc - ok
13:07:13.0328 3364 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
13:07:13.0343 3364 gupdate - ok
13:07:13.0343 3364 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
13:07:13.0343 3364 gupdatem - ok
13:07:13.0375 3364 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
13:07:13.0375 3364 HDAudBus - ok
13:07:13.0500 3364 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
13:07:13.0500 3364 helpsvc - ok
13:07:13.0546 3364 [ 00E25EE90166B3E1BE6E74AEBF858306 ] HidServ C:\WINDOWS\System32\hidserv.dll
13:07:13.0546 3364 HidServ - ok
13:07:13.0593 3364 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
13:07:13.0593 3364 hidusb - ok
13:07:13.0625 3364 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
13:07:13.0640 3364 hkmsvc - ok
13:07:13.0640 3364 hpn - ok
13:07:13.0703 3364 [ 6A5C4732D6803F84E2987EDD8E4359CE ] HSFHWAZL C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
13:07:13.0703 3364 HSFHWAZL - ok
13:07:13.0734 3364 [ 21C31273C6CC4826E74BE8AE3B09D4A8 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
13:07:13.0734 3364 HSF_DPV - ok
13:07:13.0765 3364 [ 937031C085718C1C04A9C0864625EC6B ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
13:07:13.0765 3364 HTTP - ok
13:07:13.0812 3364 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
13:07:13.0812 3364 HTTPFilter - ok
13:07:13.0828 3364 i2omgmt - ok
13:07:13.0843 3364 i2omp - ok
13:07:13.0890 3364 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
13:07:13.0890 3364 i8042prt - ok
13:07:13.0953 3364 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
13:07:13.0953 3364 IDriverT - ok
13:07:14.0015 3364 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:07:14.0031 3364 idsvc - ok
13:07:14.0078 3364 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
13:07:14.0078 3364 Imapi - ok
13:07:14.0093 3364 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
13:07:14.0093 3364 ImapiService - ok
13:07:14.0109 3364 ini910u - ok
13:07:14.0296 3364 [ 19AFBB8427CE65042599555E578170DF ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
13:07:14.0343 3364 IntcAzAudAddService - ok
13:07:14.0359 3364 IntelIde - ok
13:07:14.0375 3364 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
13:07:14.0390 3364 Ip6Fw - ok
13:07:14.0406 3364 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:07:14.0421 3364 IpFilterDriver - ok
13:07:14.0421 3364 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
13:07:14.0421 3364 IpInIp - ok
13:07:14.0453 3364 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
13:07:14.0453 3364 IpNat - ok
13:07:14.0484 3364 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
13:07:14.0484 3364 IPSec - ok
13:07:14.0531 3364 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
13:07:14.0531 3364 IRENUM - ok
13:07:14.0546 3364 iSafeNetFilter - ok
13:07:14.0578 3364 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
13:07:14.0578 3364 isapnp - ok
13:07:14.0609 3364 [ 71E1FC547CC488D5CD7BF0860C96F5AF ] IvtBtBUs C:\WINDOWS\system32\Drivers\IvtBtBus.sys
13:07:14.0609 3364 IvtBtBUs - ok
13:07:14.0656 3364 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
13:07:14.0671 3364 Kbdclass - ok
13:07:14.0687 3364 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
13:07:14.0687 3364 kmixer - ok
13:07:14.0703 3364 [ C6EBF1D6AD71DF30DB49B8D3287E1368 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
13:07:14.0703 3364 KSecDD - ok
13:07:14.0765 3364 [ 111A41B749F0E8CD7566B4FFD613CFFE ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
13:07:14.0765 3364 LanmanServer - ok
13:07:14.0812 3364 [ 9A2E7EE3989AAC0079E9D23555545D52 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
13:07:14.0843 3364 lanmanworkstation - ok
13:07:14.0859 3364 lbrtfdc - ok
13:07:14.0906 3364 [ 03976C309EDE05D39017C05B817CD94F ] LHidFlt2 C:\WINDOWS\system32\DRIVERS\LHidFlt2.Sys
13:07:14.0906 3364 LHidFlt2 - ok
13:07:14.0968 3364 [ 25688115843C4028686A96D88BC28007 ] LHidUsb C:\WINDOWS\system32\Drivers\LHidUsb.Sys
13:07:14.0968 3364 LHidUsb - ok
13:07:15.0000 3364 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
13:07:15.0000 3364 LmHosts - ok
13:07:15.0015 3364 [ 26407519FCA64EC4091FE1F815B4AFC4 ] LMouFlt2 C:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys
13:07:15.0015 3364 LMouFlt2 - ok
13:07:15.0078 3364 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
13:07:15.0078 3364 MBAMProtector - ok
13:07:15.0140 3364 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
13:07:15.0156 3364 MBAMScheduler - ok
13:07:15.0187 3364 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
13:07:15.0203 3364 MBAMService - ok
13:07:15.0234 3364 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
13:07:15.0234 3364 mdmxsdk - ok
13:07:15.0281 3364 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
13:07:15.0281 3364 Messenger - ok
13:07:15.0328 3364 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
13:07:15.0328 3364 mnmdd - ok
13:07:15.0375 3364 [ 26F1DDC26DC30B35E8FD2F98E594FA47 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
13:07:15.0375 3364 mnmsrvc - ok
13:07:15.0421 3364 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
13:07:15.0437 3364 Modem - ok
13:07:15.0484 3364 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
13:07:15.0484 3364 Mouclass - ok
13:07:15.0500 3364 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
13:07:15.0500 3364 mouhid - ok
13:07:15.0515 3364 [ 1A1FAA5102466F418494E94FF9B0B091 ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
13:07:15.0531 3364 MountMgr - ok
13:07:15.0531 3364 mraid35x - ok
13:07:15.0562 3364 [ 6A7C4AC5B52155115DEE97995C1CF157 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
13:07:15.0562 3364 MRxDAV - ok
13:07:15.0609 3364 [ FB2FCCC70F7174C7BF64F48E96D3ADF4 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:07:15.0609 3364 MRxSmb - ok
13:07:15.0656 3364 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
13:07:15.0656 3364 MSDTC - ok
13:07:15.0703 3364 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
13:07:15.0703 3364 Msfs - ok
13:07:15.0718 3364 MSIServer - ok
13:07:15.0734 3364 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:07:15.0734 3364 MSKSSRV - ok
13:07:15.0765 3364 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:07:15.0765 3364 MSPCLOCK - ok
13:07:15.0781 3364 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
13:07:15.0781 3364 MSPQM - ok
13:07:15.0812 3364 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
13:07:15.0812 3364 mssmbios - ok
13:07:15.0828 3364 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
13:07:15.0828 3364 MSTEE - ok
13:07:15.0859 3364 [ F7B1AD991491F02AF6DA70B00B8BF114 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
13:07:15.0859 3364 Mup - ok
13:07:15.0875 3364 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
13:07:15.0875 3364 NABTSFEC - ok
13:07:15.0906 3364 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
13:07:15.0921 3364 napagent - ok
13:07:15.0953 3364 [ B5B1080D35974C0E718D64280761BCD5 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
13:07:15.0968 3364 NDIS - ok
13:07:15.0984 3364 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
13:07:15.0984 3364 NdisIP - ok
13:07:16.0015 3364 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:07:16.0015 3364 NdisTapi - ok
13:07:16.0031 3364 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:07:16.0031 3364 Ndisuio - ok
13:07:16.0046 3364 [ B053A8411045FD0664B389A090CB2BBC ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:07:16.0046 3364 NdisWan - ok
13:07:16.0078 3364 [ 2F597BB467E05B1FE3830EABD821B8E0 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
13:07:16.0093 3364 NDProxy - ok
13:07:16.0109 3364 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
13:07:16.0109 3364 NetBIOS - ok
13:07:16.0140 3364 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
13:07:16.0156 3364 NetBT - ok
13:07:16.0171 3364 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
13:07:16.0187 3364 NetDDE - ok
13:07:16.0187 3364 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
13:07:16.0203 3364 NetDDEdsdm - ok
13:07:16.0250 3364 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
13:07:16.0250 3364 Netlogon - ok
13:07:16.0281 3364 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
13:07:16.0296 3364 Netman - ok
13:07:16.0343 3364 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:07:16.0343 3364 NetTcpPortSharing - ok
13:07:16.0390 3364 [ 0D594D828829E1BC727B870899376B19 ] Nla C:\WINDOWS\System32\mswsock.dll
13:07:16.0390 3364 Nla - ok
13:07:16.0406 3364 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
13:07:16.0406 3364 Npfs - ok
13:07:16.0437 3364 [ AE8CAD8F28DB13B515A68510A539B0B8 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
13:07:16.0453 3364 Ntfs - ok
13:07:16.0453 3364 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
13:07:16.0468 3364 NtLmSsp - ok
13:07:16.0515 3364 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
13:07:16.0531 3364 NtmsSvc - ok
13:07:16.0578 3364 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
13:07:16.0578 3364 Null - ok
13:07:16.0593 3364 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
13:07:16.0593 3364 NwlnkFlt - ok
13:07:16.0609 3364 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
13:07:16.0609 3364 NwlnkFwd - ok
13:07:16.0671 3364 [ D955D5DE998DB2476BF0892BE3A96C26 ] O2Flash C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
13:07:16.0671 3364 O2Flash - ok
13:07:16.0718 3364 [ D51942F12090FC947CA8AA01736DADE2 ] O2MDRDR C:\WINDOWS\system32\DRIVERS\o2media.sys
13:07:16.0718 3364 O2MDRDR - ok
13:07:16.0750 3364 [ 12A6D826A1A27818170552F2495A567A ] O2SDRDR C:\WINDOWS\system32\DRIVERS\o2sd.sys
13:07:16.0750 3364 O2SDRDR - ok
13:07:16.0781 3364 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\drivers\Parport.sys
13:07:16.0781 3364 Parport - ok
13:07:16.0796 3364 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
13:07:16.0796 3364 PartMgr - ok
13:07:16.0828 3364 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
13:07:16.0828 3364 ParVdm - ok
13:07:16.0843 3364 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
13:07:16.0843 3364 PCI - ok
13:07:16.0859 3364 PCIDump - ok
13:07:16.0875 3364 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
13:07:16.0875 3364 PCIIde - ok
13:07:16.0890 3364 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
13:07:16.0890 3364 Pcmcia - ok
13:07:16.0906 3364 PDCOMP - ok
13:07:16.0921 3364 PDFRAME - ok
13:07:16.0937 3364 PDRELI - ok
13:07:16.0937 3364 PDRFRAME - ok
13:07:16.0953 3364 perc2 - ok
13:07:16.0968 3364 perc2hib - ok
13:07:17.0046 3364 [ 3D107D45CCFDB266E91D84B52CD7F430 ] PlugPlay C:\WINDOWS\system32\services.exe
13:07:17.0046 3364 PlugPlay - ok
13:07:17.0062 3364 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
13:07:17.0062 3364 PolicyAgent - ok
13:07:17.0109 3364 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
13:07:17.0109 3364 PptpMiniport - ok
13:07:17.0140 3364 [ 7EB15DCE4EC3A0220BD796A15C18186E ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
13:07:17.0140 3364 Processor - ok
13:07:17.0156 3364 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
13:07:17.0156 3364 ProtectedStorage - ok
13:07:17.0171 3364 [ D8E11D311785F89F1D70A28B0E879127 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
13:07:17.0171 3364 PSched - ok
13:07:17.0171 3364 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
13:07:17.0187 3364 Ptilink - ok
13:07:17.0187 3364 ql1080 - ok
13:07:17.0203 3364 Ql10wnt - ok
13:07:17.0218 3364 ql12160 - ok
13:07:17.0234 3364 ql1240 - ok
13:07:17.0250 3364 ql1280 - ok
13:07:17.0265 3364 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:07:17.0265 3364 RasAcd - ok
13:07:17.0296 3364 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
13:07:17.0312 3364 RasAuto - ok
13:07:17.0343 3364 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
13:07:17.0343 3364 Rasl2tp - ok
13:07:17.0359 3364 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
13:07:17.0375 3364 RasMan - ok
13:07:17.0390 3364 [ 2C9D4620A0FD35DE1828370B392F6E2D ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:07:17.0390 3364 RasPppoe - ok
13:07:17.0406 3364 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
13:07:17.0406 3364 Raspti - ok
13:07:17.0421 3364 [ 77050C6615F6EB5402F832B27FD695E0 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:07:17.0421 3364 Rdbss - ok
13:07:17.0437 3364 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
13:07:17.0437 3364 RDPCDD - ok
13:07:17.0484 3364 [ 47EA20320E3D6FDC7B7BB22B2B881CA6 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
13:07:17.0484 3364 rdpdr - ok
13:07:17.0515 3364 [ C7D9BC54354B8C706ABF172D48313F1B ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
13:07:17.0531 3364 RDPWD - ok
13:07:17.0562 3364 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
13:07:17.0562 3364 RDSessMgr - ok
13:07:17.0609 3364 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
13:07:17.0609 3364 redbook - ok
13:07:17.0656 3364 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
13:07:17.0656 3364 RemoteAccess - ok
13:07:17.0687 3364 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
13:07:17.0703 3364 RemoteRegistry - ok
13:07:17.0703 3364 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
13:07:17.0703 3364 ROOTMODEM - ok
13:07:17.0750 3364 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
13:07:17.0750 3364 RpcLocator - ok
13:07:17.0796 3364 [ C0BD34A62508BA68F146E22CE45919F9 ] RpcSs C:\WINDOWS\system32\rpcss.dll
13:07:17.0812 3364 RpcSs - ok
13:07:17.0859 3364 [ 743D7D59767073A617B1DCC6C546F234 ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
13:07:17.0859 3364 rspndr - ok
13:07:17.0890 3364 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
13:07:17.0906 3364 RSVP - ok
13:07:17.0937 3364 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
13:07:17.0937 3364 SamSs - ok
13:07:17.0968 3364 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
13:07:17.0968 3364 SCardSvr - ok
13:07:18.0015 3364 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
13:07:18.0046 3364 Schedule - ok
13:07:18.0093 3364 [ D1FACB3C7D12F439C18EF01AA88C2A9D ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
13:07:18.0093 3364 sdbus - ok
13:07:18.0109 3364 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
13:07:18.0109 3364 Secdrv - ok
13:07:18.0140 3364 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
13:07:18.0140 3364 seclogon - ok
13:07:18.0156 3364 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
13:07:18.0171 3364 SENS - ok
13:07:18.0171 3364 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] Serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
13:07:18.0171 3364 Serenum - ok
13:07:18.0203 3364 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
13:07:18.0203 3364 Serial - ok
13:07:18.0234 3364 [ B8CB06ED5DA508DCB59BBB3FD04F856B ] sffdisk C:\WINDOWS\system32\DRIVERS\sffdisk.sys
13:07:18.0234 3364 sffdisk - ok
13:07:18.0250 3364 [ DE56A5909C65C25475C476690C327BA8 ] sffp_sd C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
13:07:18.0250 3364 sffp_sd - ok
13:07:18.0281 3364 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
13:07:18.0281 3364 Sfloppy - ok
13:07:18.0312 3364 [ 65EACFE3182AFEE8D222D0B17FE05EDA ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
13:07:18.0328 3364 SharedAccess - ok
13:07:18.0343 3364 [ 54A6BF743E0517528A5064CEAEB40EA7 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
13:07:18.0343 3364 ShellHWDetection - ok
13:07:18.0359 3364 Simbad - ok
13:07:18.0375 3364 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
13:07:18.0375 3364 SLIP - ok
13:07:18.0390 3364 Sparrow - ok
13:07:18.0421 3364 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
13:07:18.0421 3364 splitter - ok
13:07:18.0437 3364 [ CB1090BCA0E7B40D0B5B4E4D66531809 ] Spooler C:\WINDOWS\system32\spoolsv.exe
13:07:18.0437 3364 Spooler - ok
13:07:18.0484 3364 [ 94610C8653635E4459316A0050D55CE7 ] SR C:\WINDOWS\system32\DRIVERS\sr.sys
13:07:18.0484 3364 SR - ok
13:07:18.0515 3364 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
13:07:18.0531 3364 srservice - ok
13:07:18.0562 3364 [ 9B390283569EA58D43D2586032B892F5 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
13:07:18.0578 3364 Srv - ok
13:07:18.0593 3364 [ D6870895FE46A464A19141440EB6CC1E ] sscdbus C:\WINDOWS\system32\DRIVERS\sscdbus.sys
13:07:18.0593 3364 sscdbus - ok
13:07:18.0625 3364 [ 0FE167362E4689B716CDC8D93ADEDDA8 ] sscdmdfl C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys
13:07:18.0625 3364 sscdmdfl - ok
13:07:18.0640 3364 [ 55A15707E32B6709242AD127E62CA55A ] sscdmdm C:\WINDOWS\system32\DRIVERS\sscdmdm.sys
13:07:18.0656 3364 sscdmdm - ok
13:07:18.0687 3364 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
13:07:18.0703 3364 SSDPSRV - ok
13:07:18.0734 3364 [ 306521935042FC0A6988D528643619B3 ] StarOpen C:\WINDOWS\system32\drivers\StarOpen.sys
13:07:18.0734 3364 StarOpen - ok
13:07:18.0750 3364 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
13:07:18.0765 3364 stisvc - ok
13:07:18.0781 3364 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
13:07:18.0796 3364 streamip - ok
13:07:18.0812 3364 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
13:07:18.0812 3364 swenum - ok
13:07:18.0828 3364 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
13:07:18.0828 3364 swmidi - ok
13:07:18.0843 3364 SwPrv - ok
13:07:18.0859 3364 symc810 - ok
13:07:18.0875 3364 symc8xx - ok
13:07:18.0890 3364 sym_hi - ok
13:07:18.0906 3364 sym_u3 - ok
13:07:18.0968 3364 [ 219AA9FF531490C51E766BD0D3E481CB ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
13:07:18.0968 3364 SynTP - ok
13:07:19.0015 3364 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
13:07:19.0015 3364 sysaudio - ok
13:07:19.0062 3364 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
13:07:19.0062 3364 SysmonLog - ok
13:07:19.0109 3364 [ AF2A883CC63318A8BDA168BDD7AC80D9 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
13:07:19.0125 3364 TapiSrv - ok
13:07:19.0156 3364 [ 367DE8E5F638C091F49273144274F629 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:07:19.0156 3364 Tcpip - ok
13:07:19.0203 3364 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
13:07:19.0203 3364 TDPIPE - ok
13:07:19.0218 3364 [ C0578456F29E5F26285F81B7B71FE57D ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
13:07:19.0218 3364 TDTCP - ok
13:07:19.0250 3364 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
13:07:19.0250 3364 TermDD - ok
13:07:19.0281 3364 [ 0E43A7CF302D85273FC86F5FCA9A1909 ] TermService C:\WINDOWS\System32\termsrv.dll
13:07:19.0312 3364 TermService - ok
13:07:19.0328 3364 [ 54A6BF743E0517528A5064CEAEB40EA7 ] Themes C:\WINDOWS\System32\shsvcs.dll
13:07:19.0343 3364 Themes - ok
13:07:19.0375 3364 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
13:07:19.0390 3364 TlntSvr - ok
13:07:19.0390 3364 TosIde - ok
13:07:19.0421 3364 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
13:07:19.0437 3364 TrkWks - ok
13:07:19.0453 3364 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
13:07:19.0453 3364 Udfs - ok
13:07:19.0484 3364 UIUSys - ok
13:07:19.0500 3364 ultra - ok
13:07:19.0531 3364 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
13:07:19.0531 3364 Update - ok
13:07:19.0562 3364 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
13:07:19.0578 3364 upnphost - ok
13:07:19.0609 3364 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
13:07:19.0625 3364 UPS - ok
13:07:19.0656 3364 [ 1B611611C28D2DF25BC057D79C6F13FC ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
13:07:19.0671 3364 usbccgp - ok
13:07:19.0687 3364 [ 52674B5DBEE499342A599C7771ABECAA ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
13:07:19.0687 3364 usbehci - ok
13:07:19.0718 3364 [ E7BC50AEB2BD199B509BF49510A55E30 ] usbfilter C:\WINDOWS\system32\DRIVERS\usbfilter.sys
13:07:19.0718 3364 usbfilter - ok
13:07:19.0750 3364 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
13:07:19.0750 3364 usbhub - ok
13:07:19.0765 3364 [ C5E11CD822ADF0019A5A862D9C4E2222 ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
13:07:19.0781 3364 usbohci - ok
13:07:19.0828 3364 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
13:07:19.0828 3364 USBSTOR - ok
13:07:19.0859 3364 [ 813236B1183CFCF289E367BD5DE6E29E ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
13:07:19.0859 3364 usbvideo - ok
13:07:19.0906 3364 [ 0955553090E0A88614E5B8A02AF9324C ] VComm C:\WINDOWS\system32\DRIVERS\VComm.sys
13:07:19.0906 3364 VComm - ok
13:07:19.0953 3364 [ EA0D7C68DC77B478F1C08022B8AFE8CA ] VcommMgr C:\WINDOWS\system32\Drivers\VcommMgr.sys
13:07:19.0953 3364 VcommMgr - ok
13:07:20.0000 3364 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
13:07:20.0000 3364 VgaSave - ok
13:07:20.0015 3364 ViaIde - ok
13:07:20.0062 3364 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
13:07:20.0062 3364 VolSnap - ok
13:07:20.0093 3364 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
13:07:20.0109 3364 VSS - ok
13:07:20.0140 3364 [ DF2E8EA96391126977DA1B8AB6FC39FC ] W32Time C:\WINDOWS\system32\w32time.dll
13:07:20.0171 3364 W32Time - ok
13:07:20.0187 3364 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:07:20.0203 3364 Wanarp - ok
13:07:20.0265 3364 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
13:07:20.0265 3364 Wdf01000 - ok
13:07:20.0281 3364 WDICA - ok
13:07:20.0312 3364 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
13:07:20.0312 3364 wdmaud - ok
13:07:20.0343 3364 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
13:07:20.0343 3364 WebClient - ok
13:07:20.0421 3364 [ 307D248F97835B6879BDD361086924FE ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
13:07:20.0421 3364 winachsf - ok
13:07:20.0531 3364 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
13:07:20.0531 3364 winmgmt - ok
13:07:20.0593 3364 [ 4D34CEDD74BDBF2B6A935EAE3BF80543 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
13:07:20.0640 3364 WinRM - ok
13:07:20.0687 3364 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
13:07:20.0703 3364 WmdmPmSN - ok
13:07:20.0750 3364 [ 4E68A735673CE17152329428524BA1C3 ] Wmi C:\WINDOWS\System32\advapi32.dll
13:07:20.0765 3364 Wmi - ok
13:07:20.0812 3364 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
13:07:20.0812 3364 WmiAcpi - ok
13:07:20.0875 3364 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
13:07:20.0875 3364 WmiApSrv - ok
13:07:20.0937 3364 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
13:07:20.0953 3364 WMPNetworkSvc - ok
13:07:21.0000 3364 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
13:07:21.0015 3364 wscsvc - ok
13:07:21.0078 3364 [ 0091D78C5F8FDE0CDF2B214823DE6E48 ] WSIMD C:\WINDOWS\system32\DRIVERS\wsimd.sys
13:07:21.0093 3364 WSIMD - ok
13:07:21.0109 3364 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
13:07:21.0109 3364 WSTCODEC - ok
13:07:21.0156 3364 [ 02E4055488047729B333F99D93877038 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
13:07:21.0171 3364 wuauserv - ok
13:07:21.0203 3364 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
13:07:21.0203 3364 WudfPf - ok
13:07:21.0203 3364 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
13:07:21.0218 3364 WudfRd - ok
13:07:21.0234 3364 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
13:07:21.0250 3364 WudfSvc - ok
13:07:21.0296 3364 [ F345FF726D92D58ABE5B0AEE08D29DF1 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
13:07:21.0343 3364 WZCSVC - ok
13:07:21.0375 3364 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
13:07:21.0390 3364 xmlprov - ok
13:07:21.0421 3364 ================ Scan global ===============================
13:07:21.0468 3364 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
13:07:21.0484 3364 [ FAF5165FEB2D0EB76C0B12A6961564A4 ] C:\WINDOWS\system32\winsrv.dll
13:07:21.0515 3364 [ FAF5165FEB2D0EB76C0B12A6961564A4 ] C:\WINDOWS\system32\winsrv.dll
13:07:21.0562 3364 [ 3D107D45CCFDB266E91D84B52CD7F430 ] C:\WINDOWS\system32\services.exe
13:07:21.0562 3364 [Global] - ok
13:07:21.0562 3364 ================ Scan MBR ==================================
13:07:21.0593 3364 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
13:07:21.0812 3364 \Device\Harddisk0\DR0 - ok
13:07:21.0812 3364 ================ Scan VBR ==================================
13:07:21.0812 3364 [ 4B004E11ECAD87E6E3AD8CD466EFC183 ] \Device\Harddisk0\DR0\Partition1
13:07:21.0812 3364 \Device\Harddisk0\DR0\Partition1 - ok
13:07:21.0812 3364 ============================================================
13:07:21.0812 3364 Scan finished
13:07:21.0812 3364 ============================================================
13:07:21.0843 3864 Detected object count: 0
13:07:21.0843 3864 Actual detected object count: 0
13:07:41.0187 3564 ============================================================
13:07:41.0187 3564 Scan started
13:07:41.0187 3564 Mode: Manual;
13:07:41.0187 3564 ============================================================
13:07:41.0312 3564 ================ Scan system memory ========================
13:07:41.0312 3564 System memory - ok
13:07:41.0312 3564 ================ Scan services =============================
13:07:41.0437 3564 Abiosdsk - ok
13:07:41.0437 3564 abp480n5 - ok
13:07:41.0468 3564 [ 4FE34F1F3126B61FCC6B2043AA8112C9 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
13:07:41.0468 3564 ACPI - ok
13:07:41.0500 3564 [ AFDFF022A01F0B11C776F0860C3B282F ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
13:07:41.0500 3564 ACPIEC - ok
13:07:41.0562 3564 [ 9D96B0D5855FD1B98023B3EEC9F06786 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:07:41.0562 3564 AdobeFlashPlayerUpdateSvc - ok
13:07:41.0578 3564 adpu160m - ok
13:07:41.0687 3564 [ B11C71B29FA69E4586F9B65560E6604D ] AdvancedSystemCareService5 C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
13:07:41.0703 3564 AdvancedSystemCareService5 - ok
13:07:41.0750 3564 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
13:07:41.0750 3564 aec - ok
13:07:41.0796 3564 [ F6B7B1ECD7B41736BDB6FF4B092BCB79 ] AFD C:\WINDOWS\System32\drivers\afd.sys
13:07:41.0812 3564 AFD - ok
13:07:41.0812 3564 Aha154x - ok
13:07:41.0828 3564 aic78u2 - ok
13:07:41.0843 3564 aic78xx - ok
13:07:41.0890 3564 [ E0A6FA244B8624D78FE5FF6F56A33BAE ] Alerter C:\WINDOWS\system32\alrsvc.dll
13:07:41.0890 3564 Alerter - ok
13:07:41.0921 3564 [ 88842DE939A827577BF24243699AC80A ] ALG C:\WINDOWS\System32\alg.exe
13:07:41.0921 3564 ALG - ok
13:07:41.0937 3564 AliIde - ok
13:07:42.0046 3564 ALSysIO - ok
13:07:42.0062 3564 amsint - ok
13:07:42.0109 3564 [ 6B8E7A90E576D4FE308F97C69060A171 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
13:07:42.0109 3564 AppMgmt - ok
13:07:42.0203 3564 [ 27345A9631E507C198487FAD6034001C ] AR5416 C:\WINDOWS\system32\DRIVERS\athw.sys
13:07:42.0218 3564 AR5416 - ok
13:07:42.0234 3564 asc - ok
13:07:42.0250 3564 asc3350p - ok
13:07:42.0265 3564 asc3550 - ok
13:07:42.0390 3564 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
13:07:42.0406 3564 aspnet_state - ok
13:07:42.0437 3564 [ 7021F01CCAC1538CCF9AE004723AF033 ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
13:07:42.0437 3564 aswMonFlt - ok
13:07:42.0484 3564 [ 98C18C78B0C3E7EFBDDA7BD0C35F5903 ] aswRdr C:\WINDOWS\system32\drivers\aswRdr.sys
13:07:42.0484 3564 aswRdr - ok
13:07:42.0500 3564 [ F385467DF95D0A73775CB3B076B8B969 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
13:07:42.0500 3564 aswRvrt - ok
13:07:42.0546 3564 [ 8CD8710457FCC1CDE88CBFA3AA119B92 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
13:07:42.0546 3564 aswSnx - ok
13:07:42.0562 3564 [ C1F95C9481F46B96E23A276639C55AC9 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
13:07:42.0562 3564 aswSP - ok
13:07:42.0578 3564 [ E6390554DCB2A730702188547267093C ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
13:07:42.0593 3564 aswTdi - ok
13:07:42.0593 3564 [ 1B0662514A68C3A42E60D240C5ABEF28 ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
13:07:42.0593 3564 aswVmm - ok
13:07:42.0625 3564 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
13:07:42.0625 3564 AsyncMac - ok
13:07:42.0625 3564 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
13:07:42.0640 3564 atapi - ok
13:07:42.0640 3564 Atdisk - ok
13:07:42.0718 3564 [ 43E17DA549BC8219EEE90AA9C6480AAA ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
13:07:42.0734 3564 Ati HotKey Poller - ok
13:07:42.0984 3564 [ 50D7EE1C07BC1E549FAE797668A90E1E ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
13:07:43.0062 3564 ati2mtag - ok
13:07:43.0125 3564 [ 924971A182E07463765EF9FA8876F24F ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdXP3.sys
13:07:43.0125 3564 AtiHDAudioService - ok
13:07:43.0125 3564 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
13:07:43.0125 3564 Atmarpc - ok
13:07:43.0140 3564 [ DE31B88962A8645DBA5A37B993E7B0F1 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
13:07:43.0156 3564 AudioSrv - ok
13:07:43.0203 3564 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
13:07:43.0203 3564 audstub - ok
13:07:43.0281 3564 [ CC42F104172B4A62793083D380867317 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
13:07:43.0281 3564 avast! Antivirus - ok
13:07:43.0328 3564 [ 6F7911F3E674363A91541E097F49B633 ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
13:07:43.0328 3564 b57w2k - ok
13:07:43.0375 3564 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
13:07:43.0375 3564 Beep - ok
13:07:43.0437 3564 [ 3AEDE727580F0A7C3929DD6526145759 ] BITS C:\WINDOWS\system32\qmgr.dll

lucie7272 · Příspěvekod **lucie7272** » 29 bře 2014 13:37

13:07:43.0453 3564 BITS - ok
13:07:43.0500 3564 [ BC0E1C15E6FB3E20CD558F496EA684A0 ] BlueletAudio C:\WINDOWS\system32\DRIVERS\blueletaudio.sys
13:07:43.0500 3564 BlueletAudio - ok
13:07:43.0515 3564 [ 5F81A2D1ABC1E480C6152F7B9E446BFA ] BlueletSCOAudio C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys
13:07:43.0515 3564 BlueletSCOAudio - ok
13:07:43.0593 3564 [ AA770326DBF8518C632F02B0F85E0087 ] BlueSoleilCS C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
13:07:43.0593 3564 BlueSoleilCS - ok
13:07:43.0656 3564 [ 39CE94B2B33771A3D95C70F41847F3F9 ] Browser C:\WINDOWS\System32\browser.dll
13:07:43.0656 3564 Browser - ok
13:07:43.0671 3564 [ 0A22897FC9C4FF67E4FE2FE39CF8BFC2 ] BsHelpCS C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
13:07:43.0671 3564 BsHelpCS - ok
13:07:43.0734 3564 [ 881C86C4B8F2359318E0E6D7EC844D13 ] BsMobileCS C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
13:07:43.0734 3564 BsMobileCS - ok
13:07:43.0750 3564 [ 8E2D9ECE59DFE7D310201E0D65D97ECB ] BT C:\WINDOWS\system32\DRIVERS\btnetdrv.sys
13:07:43.0750 3564 BT - ok
13:07:43.0812 3564 [ ECDC40CC54603C711E1A7A1C9255184A ] btaudio C:\WINDOWS\system32\drivers\btaudio.sys
13:07:43.0828 3564 btaudio - ok
13:07:43.0859 3564 [ 942C602296119D758547808221C85A2C ] Btcsrusb C:\WINDOWS\system32\Drivers\btcusb.sys
13:07:43.0859 3564 Btcsrusb - ok
13:07:43.0890 3564 [ 58A49BD10E08D3D4333A60DEDCB1CED8 ] BTDriver C:\WINDOWS\system32\DRIVERS\btport.sys
13:07:43.0890 3564 BTDriver - ok
13:07:43.0937 3564 [ CE441CCD98C5ECB10CB12FCAF97322EC ] BtHidBus C:\WINDOWS\system32\Drivers\BtHidBus.sys
13:07:43.0937 3564 BtHidBus - ok
13:07:43.0953 3564 BTHidEnum - ok
13:07:43.0968 3564 BTHidMgr - ok
13:07:44.0031 3564 [ 885B6D0F826A216EEE4C3AD883809012 ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys
13:07:44.0046 3564 BTKRNL - ok
13:07:44.0093 3564 [ D3C277A51EF9E2EC972D6221F99C0B6D ] btnetBUs C:\WINDOWS\system32\Drivers\btnetBus.sys
13:07:44.0093 3564 btnetBUs - ok
13:07:44.0171 3564 [ 4F26303BECBB7CC5CA8FF39593124CF2 ] BTNetFilter C:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys
13:07:44.0171 3564 BTNetFilter - ok
13:07:44.0250 3564 [ 49E9ED37FAEC5E8C03E81FD73D3884D6 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
13:07:44.0265 3564 btwdins - ok
13:07:44.0281 3564 [ B1D350F3F13CF340FCE93912D2BA1EBF ] BTWDNDIS C:\WINDOWS\system32\DRIVERS\btwdndis.sys
13:07:44.0281 3564 BTWDNDIS - ok
13:07:44.0296 3564 [ E48668B4A6A5CF68B33AECAD18EE8E1E ] btwhid C:\WINDOWS\system32\DRIVERS\btwhid.sys
13:07:44.0296 3564 btwhid - ok
13:07:44.0312 3564 [ 57E91E9925976BBC98984EEBAAF1D84C ] BTWUSB C:\WINDOWS\system32\Drivers\btwusb.sys
13:07:44.0312 3564 BTWUSB - ok
13:07:44.0343 3564 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
13:07:44.0343 3564 cbidf2k - ok
13:07:44.0359 3564 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
13:07:44.0359 3564 CCDECODE - ok
13:07:44.0375 3564 cd20xrnt - ok
13:07:44.0406 3564 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
13:07:44.0406 3564 Cdaudio - ok
13:07:44.0437 3564 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
13:07:44.0437 3564 Cdfs - ok
13:07:44.0468 3564 [ 4B0A100EAF5C49EF3CCA8C641431EACC ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
13:07:44.0468 3564 Cdrom - ok
13:07:44.0484 3564 Changer - ok
13:07:44.0515 3564 [ E390DC1D7C461D7D56EC53402F329928 ] CiSvc C:\WINDOWS\system32\cisvc.exe
13:07:44.0515 3564 CiSvc - ok
13:07:44.0546 3564 [ 1E8D39480739E29C728BB10ED6700A5E ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
13:07:44.0562 3564 ClipSrv - ok
13:07:44.0609 3564 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:07:44.0609 3564 clr_optimization_v2.0.50727_32 - ok
13:07:44.0625 3564 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
13:07:44.0625 3564 CmBatt - ok
13:07:44.0625 3564 CmdIde - ok
13:07:44.0640 3564 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
13:07:44.0640 3564 Compbatt - ok
13:07:44.0656 3564 COMSysApp - ok
13:07:44.0687 3564 Cpqarray - ok
13:07:44.0703 3564 [ F3AB0933CBD166D271992F411C27CCAF ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
13:07:44.0718 3564 CryptSvc - ok
13:07:44.0718 3564 dac2w2k - ok
13:07:44.0734 3564 dac960nt - ok
13:07:44.0796 3564 [ C0BD34A62508BA68F146E22CE45919F9 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
13:07:44.0812 3564 DcomLaunch - ok
13:07:44.0828 3564 [ EB737F46D7D494C7760A932C9B6491A4 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
13:07:44.0828 3564 Dhcp - ok
13:07:44.0843 3564 [ 47B6AAEC570F2C11D8BAD80A064D8ED1 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
13:07:44.0843 3564 Disk - ok
13:07:44.0843 3564 dmadmin - ok
13:07:44.0890 3564 [ DB5FD2BF5B07DC54BFCB3664FF05BD7C ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
13:07:44.0906 3564 dmboot - ok
13:07:44.0921 3564 [ FFF1720AF51171F32F1EAD5CF71F2810 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
13:07:44.0921 3564 dmio - ok
13:07:44.0953 3564 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
13:07:44.0953 3564 dmload - ok
13:07:44.0984 3564 [ 2BFEFE9E865655A76982F050450B9591 ] dmserver C:\WINDOWS\System32\dmserver.dll
13:07:44.0984 3564 dmserver - ok
13:07:45.0031 3564 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
13:07:45.0031 3564 DMusic - ok
13:07:45.0046 3564 [ 38AAD7E982198CB4F642BB60E59511F1 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
13:07:45.0062 3564 Dnscache - ok
13:07:45.0078 3564 [ AACFC38E9D085D58F9F933CFD6AF1D2B ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
13:07:45.0093 3564 Dot3svc - ok
13:07:45.0093 3564 dpti2o - ok
13:07:45.0140 3564 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
13:07:45.0140 3564 drmkaud - ok
13:07:45.0171 3564 [ B327281012B48BD73F587799F9F29BE2 ] DumpDrv C:\WINDOWS\system32\drivers\DumpDrv.sys
13:07:45.0171 3564 DumpDrv - ok
13:07:45.0203 3564 [ 0887D9C2BE8D940778CAD1E3B85F2A41 ] EapHost C:\WINDOWS\System32\eapsvc.dll
13:07:45.0203 3564 EapHost - ok
13:07:45.0218 3564 [ A2A4912798F2BE706ABADD3D30800D16 ] ERSvc C:\WINDOWS\System32\ersvc.dll
13:07:45.0218 3564 ERSvc - ok
13:07:45.0281 3564 [ 3D107D45CCFDB266E91D84B52CD7F430 ] Eventlog C:\WINDOWS\system32\services.exe
13:07:45.0281 3564 Eventlog - ok
13:07:45.0312 3564 [ BE68EA4457E2E5717231CF91BE5448E0 ] EventSystem C:\WINDOWS\system32\es.dll
13:07:45.0312 3564 EventSystem - ok
13:07:45.0375 3564 [ 4D893323DAE445E34A4C9038B0551BC9 ] exFat C:\WINDOWS\system32\drivers\exFat.sys
13:07:45.0375 3564 exFat - ok
13:07:45.0390 3564 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
13:07:45.0390 3564 Fastfat - ok
13:07:45.0421 3564 [ 54A6BF743E0517528A5064CEAEB40EA7 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
13:07:45.0437 3564 FastUserSwitchingCompatibility - ok
13:07:45.0453 3564 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
13:07:45.0453 3564 Fdc - ok
13:07:45.0468 3564 [ AC366695A0796560AA37215AD5762AAF ] Fips C:\WINDOWS\system32\drivers\Fips.sys
13:07:45.0468 3564 Fips - ok
13:07:45.0484 3564 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
13:07:45.0484 3564 Flpydisk - ok
13:07:45.0531 3564 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
13:07:45.0531 3564 FltMgr - ok
13:07:45.0578 3564 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
13:07:45.0578 3564 FontCache3.0.0.0 - ok
13:07:45.0625 3564 [ 30D42943A54704EF13E2562911DBFCEA ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:07:45.0625 3564 Fs_Rec - ok
13:07:45.0640 3564 [ 4E664D8541DB4A66B73A24257E322E1F ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
13:07:45.0640 3564 Ftdisk - ok
13:07:45.0671 3564 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
13:07:45.0687 3564 Gpc - ok
13:07:45.0750 3564 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
13:07:45.0765 3564 gupdate - ok
13:07:45.0765 3564 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
13:07:45.0765 3564 gupdatem - ok
13:07:45.0796 3564 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
13:07:45.0796 3564 HDAudBus - ok
13:07:45.0906 3564 [ FCFE31FB75F8A6295B6B0AF87A626282 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
13:07:45.0906 3564 helpsvc - ok
13:07:45.0953 3564 [ 00E25EE90166B3E1BE6E74AEBF858306 ] HidServ C:\WINDOWS\System32\hidserv.dll
13:07:45.0953 3564 HidServ - ok
13:07:46.0015 3564 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
13:07:46.0015 3564 hidusb - ok
13:07:46.0046 3564 [ 7A6B320928F86BC851530D63C82965D9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
13:07:46.0046 3564 hkmsvc - ok
13:07:46.0062 3564 hpn - ok
13:07:46.0109 3564 [ 6A5C4732D6803F84E2987EDD8E4359CE ] HSFHWAZL C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
13:07:46.0109 3564 HSFHWAZL - ok
13:07:46.0140 3564 [ 21C31273C6CC4826E74BE8AE3B09D4A8 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
13:07:46.0156 3564 HSF_DPV - ok
13:07:46.0171 3564 [ 937031C085718C1C04A9C0864625EC6B ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
13:07:46.0187 3564 HTTP - ok
13:07:46.0218 3564 [ 58FE2F2DA3BC5573F4A35B3760D3125F ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
13:07:46.0234 3564 HTTPFilter - ok
13:07:46.0234 3564 i2omgmt - ok
13:07:46.0250 3564 i2omp - ok
13:07:46.0296 3564 [ C528E27945367191E7BAE364930B6932 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
13:07:46.0296 3564 i8042prt - ok
13:07:46.0375 3564 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
13:07:46.0375 3564 IDriverT - ok
13:07:46.0437 3564 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:07:46.0453 3564 idsvc - ok
13:07:46.0484 3564 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
13:07:46.0484 3564 Imapi - ok
13:07:46.0500 3564 [ F7B93AAFAD33B2320954C17E26C8D361 ] ImapiService C:\WINDOWS\system32\imapi.exe
13:07:46.0515 3564 ImapiService - ok
13:07:46.0531 3564 ini910u - ok
13:07:46.0718 3564 [ 19AFBB8427CE65042599555E578170DF ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
13:07:46.0750 3564 IntcAzAudAddService - ok
13:07:46.0765 3564 IntelIde - ok
13:07:46.0796 3564 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
13:07:46.0796 3564 Ip6Fw - ok
13:07:46.0828 3564 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:07:46.0828 3564 IpFilterDriver - ok
13:07:46.0828 3564 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
13:07:46.0843 3564 IpInIp - ok
13:07:46.0875 3564 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
13:07:46.0875 3564 IpNat - ok
13:07:46.0906 3564 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
13:07:46.0906 3564 IPSec - ok
13:07:46.0953 3564 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
13:07:46.0953 3564 IRENUM - ok
13:07:46.0968 3564 iSafeNetFilter - ok
13:07:47.0000 3564 [ CC9F8A2D60AED1A51A3AC34C59B987AE ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
13:07:47.0000 3564 isapnp - ok
13:07:47.0031 3564 [ 71E1FC547CC488D5CD7BF0860C96F5AF ] IvtBtBUs C:\WINDOWS\system32\Drivers\IvtBtBus.sys
13:07:47.0031 3564 IvtBtBUs - ok
13:07:47.0078 3564 [ 1B6162FE7F66B1A71A4B70F941C4AA9B ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
13:07:47.0093 3564 Kbdclass - ok
13:07:47.0109 3564 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
13:07:47.0109 3564 kmixer - ok
13:07:47.0125 3564 [ C6EBF1D6AD71DF30DB49B8D3287E1368 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
13:07:47.0125 3564 KSecDD - ok
13:07:47.0187 3564 [ 111A41B749F0E8CD7566B4FFD613CFFE ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
13:07:47.0187 3564 LanmanServer - ok
13:07:47.0234 3564 [ 9A2E7EE3989AAC0079E9D23555545D52 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
13:07:47.0250 3564 lanmanworkstation - ok
13:07:47.0265 3564 lbrtfdc - ok
13:07:47.0328 3564 [ 03976C309EDE05D39017C05B817CD94F ] LHidFlt2 C:\WINDOWS\system32\DRIVERS\LHidFlt2.Sys
13:07:47.0328 3564 LHidFlt2 - ok
13:07:47.0375 3564 [ 25688115843C4028686A96D88BC28007 ] LHidUsb C:\WINDOWS\system32\Drivers\LHidUsb.Sys
13:07:47.0375 3564 LHidUsb - ok
13:07:47.0406 3564 [ 0AB159F536E3E8F7F07113702A07CCA5 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
13:07:47.0406 3564 LmHosts - ok
13:07:47.0421 3564 [ 26407519FCA64EC4091FE1F815B4AFC4 ] LMouFlt2 C:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys
13:07:47.0421 3564 LMouFlt2 - ok
13:07:47.0468 3564 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
13:07:47.0468 3564 MBAMProtector - ok
13:07:47.0531 3564 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
13:07:47.0531 3564 MBAMScheduler - ok
13:07:47.0578 3564 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
13:07:47.0593 3564 MBAMService - ok
13:07:47.0609 3564 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
13:07:47.0625 3564 mdmxsdk - ok
13:07:47.0640 3564 [ 221CD1C815B8A6B79389C3F5D1018DE8 ] Messenger C:\WINDOWS\System32\msgsvc.dll
13:07:47.0656 3564 Messenger - ok
13:07:47.0687 3564 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
13:07:47.0687 3564 mnmdd - ok
13:07:47.0734 3564 [ 26F1DDC26DC30B35E8FD2F98E594FA47 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
13:07:47.0750 3564 mnmsrvc - ok
13:07:47.0796 3564 [ 44032B0C6D9954D3FD26438330B99EE7 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
13:07:47.0796 3564 Modem - ok
13:07:47.0843 3564 [ 4CB582831DBDE63CE43B45D771218374 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
13:07:47.0843 3564 Mouclass - ok
13:07:47.0875 3564 [ BB269EBA740737AB749B214D568B6812 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
13:07:47.0875 3564 mouhid - ok
13:07:47.0890 3564 [ 1A1FAA5102466F418494E94FF9B0B091 ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
13:07:47.0890 3564 MountMgr - ok
13:07:47.0906 3564 mraid35x - ok
13:07:47.0937 3564 [ 6A7C4AC5B52155115DEE97995C1CF157 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
13:07:47.0937 3564 MRxDAV - ok
13:07:47.0968 3564 [ FB2FCCC70F7174C7BF64F48E96D3ADF4 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:07:47.0968 3564 MRxSmb - ok
13:07:48.0015 3564 [ 6DB4D1521CABA9A5FFAB54ADE0AE867D ] MSDTC C:\WINDOWS\system32\msdtc.exe
13:07:48.0031 3564 MSDTC - ok
13:07:48.0078 3564 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
13:07:48.0078 3564 Msfs - ok
13:07:48.0078 3564 MSIServer - ok
13:07:48.0093 3564 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:07:48.0093 3564 MSKSSRV - ok
13:07:48.0125 3564 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:07:48.0125 3564 MSPCLOCK - ok
13:07:48.0140 3564 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
13:07:48.0140 3564 MSPQM - ok
13:07:48.0187 3564 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
13:07:48.0187 3564 mssmbios - ok
13:07:48.0187 3564 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
13:07:48.0187 3564 MSTEE - ok
13:07:48.0218 3564 [ F7B1AD991491F02AF6DA70B00B8BF114 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
13:07:48.0234 3564 Mup - ok
13:07:48.0234 3564 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
13:07:48.0234 3564 NABTSFEC - ok
13:07:48.0265 3564 [ 6EA362E9DB03D44F6B996F4D8BE237E9 ] napagent C:\WINDOWS\System32\qagentrt.dll
13:07:48.0281 3564 napagent - ok
13:07:48.0328 3564 [ B5B1080D35974C0E718D64280761BCD5 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
13:07:48.0328 3564 NDIS - ok
13:07:48.0343 3564 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
13:07:48.0343 3564 NdisIP - ok
13:07:48.0359 3564 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:07:48.0359 3564 NdisTapi - ok
13:07:48.0390 3564 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:07:48.0390 3564 Ndisuio - ok
13:07:48.0406 3564 [ B053A8411045FD0664B389A090CB2BBC ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:07:48.0406 3564 NdisWan - ok
13:07:48.0453 3564 [ 2F597BB467E05B1FE3830EABD821B8E0 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
13:07:48.0453 3564 NDProxy - ok
13:07:48.0468 3564 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
13:07:48.0468 3564 NetBIOS - ok
13:07:48.0484 3564 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
13:07:48.0500 3564 NetBT - ok
13:07:48.0515 3564 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDE C:\WINDOWS\system32\netdde.exe
13:07:48.0531 3564 NetDDE - ok
13:07:48.0531 3564 [ 933DE774986EC85E48210C44AB431DE6 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
13:07:48.0546 3564 NetDDEdsdm - ok
13:07:48.0593 3564 [ ED0A176354487CEED65B80A7148AB739 ] Netlogon C:\WINDOWS\system32\lsass.exe
13:07:48.0593 3564 Netlogon - ok
13:07:48.0625 3564 [ 72E1E9E2977BE08BDEEDB6D8FD9D4D40 ] Netman C:\WINDOWS\System32\netman.dll
13:07:48.0625 3564 Netman - ok
13:07:48.0671 3564 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:07:48.0671 3564 NetTcpPortSharing - ok
13:07:48.0718 3564 [ 0D594D828829E1BC727B870899376B19 ] Nla C:\WINDOWS\System32\mswsock.dll
13:07:48.0734 3564 Nla - ok
13:07:48.0734 3564 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
13:07:48.0734 3564 Npfs - ok
13:07:48.0781 3564 [ AE8CAD8F28DB13B515A68510A539B0B8 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
13:07:48.0781 3564 Ntfs - ok
13:07:48.0796 3564 [ ED0A176354487CEED65B80A7148AB739 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
13:07:48.0796 3564 NtLmSsp - ok
13:07:48.0843 3564 [ 023DD70573D644F3D9C8B1258A7BFD08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
13:07:48.0859 3564 NtmsSvc - ok
13:07:48.0906 3564 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
13:07:48.0906 3564 Null - ok
13:07:48.0921 3564 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
13:07:48.0921 3564 NwlnkFlt - ok
13:07:48.0921 3564 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
13:07:48.0921 3564 NwlnkFwd - ok
13:07:48.0984 3564 [ D955D5DE998DB2476BF0892BE3A96C26 ] O2Flash C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
13:07:48.0984 3564 O2Flash - ok
13:07:49.0046 3564 [ D51942F12090FC947CA8AA01736DADE2 ] O2MDRDR C:\WINDOWS\system32\DRIVERS\o2media.sys
13:07:49.0046 3564 O2MDRDR - ok
13:07:49.0078 3564 [ 12A6D826A1A27818170552F2495A567A ] O2SDRDR C:\WINDOWS\system32\DRIVERS\o2sd.sys
13:07:49.0078 3564 O2SDRDR - ok
13:07:49.0125 3564 [ 46F8DB73B4A53E543F8E371DC7C75BAE ] Parport C:\WINDOWS\system32\drivers\Parport.sys
13:07:49.0125 3564 Parport - ok
13:07:49.0140 3564 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
13:07:49.0140 3564 PartMgr - ok
13:07:49.0171 3564 [ 1FAE19D0457176318BBA4A8795656EBC ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
13:07:49.0171 3564 ParVdm - ok
13:07:49.0187 3564 [ 6CE351D149CB4BEFC702951E471E1730 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
13:07:49.0187 3564 PCI - ok
13:07:49.0203 3564 PCIDump - ok
13:07:49.0218 3564 [ 2DA4EC85E0EA7A45C6B2A05820492D5A ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
13:07:49.0218 3564 PCIIde - ok
13:07:49.0234 3564 [ 4FC31E6C19A5CE5198B1ABFF94CAE758 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
13:07:49.0234 3564 Pcmcia - ok
13:07:49.0250 3564 PDCOMP - ok
13:07:49.0265 3564 PDFRAME - ok
13:07:49.0281 3564 PDRELI - ok
13:07:49.0281 3564 PDRFRAME - ok
13:07:49.0296 3564 perc2 - ok
13:07:49.0312 3564 perc2hib - ok
13:07:49.0390 3564 [ 3D107D45CCFDB266E91D84B52CD7F430 ] PlugPlay C:\WINDOWS\system32\services.exe
13:07:49.0406 3564 PlugPlay - ok
13:07:49.0406 3564 [ ED0A176354487CEED65B80A7148AB739 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
13:07:49.0421 3564 PolicyAgent - ok
13:07:49.0468 3564 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
13:07:49.0468 3564 PptpMiniport - ok
13:07:49.0500 3564 [ 7EB15DCE4EC3A0220BD796A15C18186E ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
13:07:49.0500 3564 Processor - ok
13:07:49.0500 3564 [ ED0A176354487CEED65B80A7148AB739 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
13:07:49.0515 3564 ProtectedStorage - ok
13:07:49.0515 3564 [ D8E11D311785F89F1D70A28B0E879127 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
13:07:49.0531 3564 PSched - ok
13:07:49.0531 3564 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
13:07:49.0531 3564 Ptilink - ok
13:07:49.0546 3564 ql1080 - ok
13:07:49.0562 3564 Ql10wnt - ok
13:07:49.0578 3564 ql12160 - ok
13:07:49.0593 3564 ql1240 - ok
13:07:49.0609 3564 ql1280 - ok
13:07:49.0625 3564 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:07:49.0625 3564 RasAcd - ok
13:07:49.0656 3564 [ 2B5E44EA009F2F374B980E1E9A70635D ] RasAuto C:\WINDOWS\System32\rasauto.dll
13:07:49.0671 3564 RasAuto - ok
13:07:49.0703 3564 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
13:07:49.0703 3564 Rasl2tp - ok
13:07:49.0718 3564 [ D57554C664B64604BD1EE13EA2C07E77 ] RasMan C:\WINDOWS\System32\rasmans.dll
13:07:49.0734 3564 RasMan - ok
13:07:49.0750 3564 [ 2C9D4620A0FD35DE1828370B392F6E2D ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:07:49.0750 3564 RasPppoe - ok
13:07:49.0750 3564 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
13:07:49.0765 3564 Raspti - ok
13:07:49.0781 3564 [ 77050C6615F6EB5402F832B27FD695E0 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:07:49.0781 3564 Rdbss - ok
13:07:49.0796 3564 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
13:07:49.0796 3564 RDPCDD - ok
13:07:49.0828 3564 [ 47EA20320E3D6FDC7B7BB22B2B881CA6 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
13:07:49.0843 3564 rdpdr - ok
13:07:49.0875 3564 [ C7D9BC54354B8C706ABF172D48313F1B ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
13:07:49.0875 3564 RDPWD - ok
13:07:49.0906 3564 [ C0D9D9711CB74EE9BC66353D8CBDAB0E ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
13:07:49.0921 3564 RDSessMgr - ok
13:07:49.0953 3564 [ 611BFD220305BE3A85AE876EA47D4AA5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
13:07:49.0953 3564 redbook - ok
13:07:50.0015 3564 [ 127C26B5371651043450E52542099ABA ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
13:07:50.0015 3564 RemoteAccess - ok
13:07:50.0046 3564 [ 8F31505484A190D5B22274708799F4EC ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
13:07:50.0046 3564 RemoteRegistry - ok
13:07:50.0062 3564 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
13:07:50.0062 3564 ROOTMODEM - ok
13:07:50.0093 3564 [ 718B3BDC0BC3C2F7D065A53D26202AF9 ] RpcLocator C:\WINDOWS\system32\locator.exe
13:07:50.0093 3564 RpcLocator - ok
13:07:50.0140 3564 [ C0BD34A62508BA68F146E22CE45919F9 ] RpcSs C:\WINDOWS\system32\rpcss.dll
13:07:50.0156 3564 RpcSs - ok
13:07:50.0203 3564 [ 743D7D59767073A617B1DCC6C546F234 ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
13:07:50.0203 3564 rspndr - ok
13:07:50.0234 3564 [ 09AB2E71E58B078038E3BFDBA7FFC984 ] RSVP C:\WINDOWS\system32\rsvp.exe
13:07:50.0250 3564 RSVP - ok
13:07:50.0281 3564 [ ED0A176354487CEED65B80A7148AB739 ] SamSs C:\WINDOWS\system32\lsass.exe
13:07:50.0281 3564 SamSs - ok
13:07:50.0312 3564 [ 410046E401EB11E1E6749E9DEEA41D4A ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
13:07:50.0312 3564 SCardSvr - ok
13:07:50.0359 3564 [ 3FF232A7731621B8902D81D42418C93C ] Schedule C:\WINDOWS\system32\schedsvc.dll
13:07:50.0375 3564 Schedule - ok
13:07:50.0406 3564 [ D1FACB3C7D12F439C18EF01AA88C2A9D ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
13:07:50.0406 3564 sdbus - ok
13:07:50.0421 3564 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
13:07:50.0421 3564 Secdrv - ok
13:07:50.0453 3564 [ 477E2C3CC5E4A0D635BCB0EA8DCAC3C6 ] seclogon C:\WINDOWS\System32\seclogon.dll
13:07:50.0468 3564 seclogon - ok
13:07:50.0468 3564 [ A530B75C10C23C9AB28FDB6CE719E21F ] SENS C:\WINDOWS\system32\sens.dll
13:07:50.0484 3564 SENS - ok
13:07:50.0500 3564 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] Serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
13:07:50.0500 3564 Serenum - ok
13:07:50.0515 3564 [ B842729337C9B921615C40D3C1A1AF96 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
13:07:50.0515 3564 Serial - ok
13:07:50.0546 3564 [ B8CB06ED5DA508DCB59BBB3FD04F856B ] sffdisk C:\WINDOWS\system32\DRIVERS\sffdisk.sys
13:07:50.0546 3564 sffdisk - ok
13:07:50.0578 3564 [ DE56A5909C65C25475C476690C327BA8 ] sffp_sd C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
13:07:50.0578 3564 sffp_sd - ok
13:07:50.0593 3564 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
13:07:50.0593 3564 Sfloppy - ok
13:07:50.0625 3564 [ 65EACFE3182AFEE8D222D0B17FE05EDA ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
13:07:50.0640 3564 SharedAccess - ok
13:07:50.0656 3564 [ 54A6BF743E0517528A5064CEAEB40EA7 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
13:07:50.0671 3564 ShellHWDetection - ok
13:07:50.0671 3564 Simbad - ok
13:07:50.0703 3564 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
13:07:50.0703 3564 SLIP - ok
13:07:50.0718 3564 Sparrow - ok
13:07:50.0750 3564 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
13:07:50.0750 3564 splitter - ok
13:07:50.0765 3564 [ CB1090BCA0E7B40D0B5B4E4D66531809 ] Spooler C:\WINDOWS\system32\spoolsv.exe
13:07:50.0781 3564 Spooler - ok
13:07:50.0812 3564 [ 94610C8653635E4459316A0050D55CE7 ] SR C:\WINDOWS\system32\DRIVERS\sr.sys
13:07:50.0812 3564 SR - ok
13:07:50.0843 3564 [ 35B91147124F64AC8081A2EDB9EA4DEE ] srservice C:\WINDOWS\system32\srsvc.dll
13:07:50.0859 3564 srservice - ok
13:07:50.0890 3564 [ 9B390283569EA58D43D2586032B892F5 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
13:07:50.0890 3564 Srv - ok
13:07:50.0921 3564 [ D6870895FE46A464A19141440EB6CC1E ] sscdbus C:\WINDOWS\system32\DRIVERS\sscdbus.sys
13:07:50.0921 3564 sscdbus - ok
13:07:50.0953 3564 [ 0FE167362E4689B716CDC8D93ADEDDA8 ] sscdmdfl C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys
13:07:50.0953 3564 sscdmdfl - ok
13:07:50.0968 3564 [ 55A15707E32B6709242AD127E62CA55A ] sscdmdm C:\WINDOWS\system32\DRIVERS\sscdmdm.sys
13:07:50.0968 3564 sscdmdm - ok
13:07:51.0000 3564 [ BECD5271DC4E3B7C3D035F790FCBC1E5 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
13:07:51.0015 3564 SSDPSRV - ok
13:07:51.0062 3564 [ 306521935042FC0A6988D528643619B3 ] StarOpen C:\WINDOWS\system32\drivers\StarOpen.sys
13:07:51.0062 3564 StarOpen - ok
13:07:51.0078 3564 [ C1CDD9275F6A115BB0AE1D55D8D27BA6 ] stisvc C:\WINDOWS\system32\wiaservc.dll
13:07:51.0093 3564 stisvc - ok
13:07:51.0125 3564 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
13:07:51.0125 3564 streamip - ok
13:07:51.0140 3564 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
13:07:51.0140 3564 swenum - ok
13:07:51.0171 3564 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
13:07:51.0171 3564 swmidi - ok
13:07:51.0171 3564 SwPrv - ok
13:07:51.0187 3564 symc810 - ok
13:07:51.0203 3564 symc8xx - ok
13:07:51.0218 3564 sym_hi - ok
13:07:51.0234 3564 sym_u3 - ok
13:07:51.0296 3564 [ 219AA9FF531490C51E766BD0D3E481CB ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
13:07:51.0296 3564 SynTP - ok
13:07:51.0343 3564 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
13:07:51.0359 3564 sysaudio - ok
13:07:51.0390 3564 [ CE06F01B88ACE199A1BF460CAC29C110 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
13:07:51.0406 3564 SysmonLog - ok
13:07:51.0437 3564 [ AF2A883CC63318A8BDA168BDD7AC80D9 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
13:07:51.0453 3564 TapiSrv - ok
13:07:51.0484 3564 [ 367DE8E5F638C091F49273144274F629 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:07:51.0484 3564 Tcpip - ok
13:07:51.0531 3564 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
13:07:51.0531 3564 TDPIPE - ok
13:07:51.0546 3564 [ C0578456F29E5F26285F81B7B71FE57D ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
13:07:51.0546 3564 TDTCP - ok
13:07:51.0578 3564 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
13:07:51.0578 3564 TermDD - ok
13:07:51.0609 3564 [ 0E43A7CF302D85273FC86F5FCA9A1909 ] TermService C:\WINDOWS\System32\termsrv.dll
13:07:51.0625 3564 TermService - ok
13:07:51.0640 3564 [ 54A6BF743E0517528A5064CEAEB40EA7 ] Themes C:\WINDOWS\System32\shsvcs.dll
13:07:51.0656 3564 Themes - ok
13:07:51.0687 3564 [ CD0CC7B167D78043A41C98D4921EFB54 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
13:07:51.0703 3564 TlntSvr - ok
13:07:51.0718 3564 TosIde - ok
13:07:51.0750 3564 [ 38853304CCB938D30E0C4CDE8D2C2A8A ] TrkWks C:\WINDOWS\system32\trkwks.dll
13:07:51.0765 3564 TrkWks - ok
13:07:51.0781 3564 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
13:07:51.0781 3564 Udfs - ok
13:07:51.0796 3564 UIUSys - ok
13:07:51.0812 3564 ultra - ok
13:07:51.0859 3564 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
13:07:51.0859 3564 Update - ok
13:07:51.0890 3564 [ 651BD90DCEE5B7BDC74A2EB7C9266F9E ] upnphost C:\WINDOWS\System32\upnphost.dll
13:07:51.0890 3564 upnphost - ok
13:07:51.0921 3564 [ 20A0F6A11959E92908717D09E87D670D ] UPS C:\WINDOWS\System32\ups.exe
13:07:51.0937 3564 UPS - ok
13:07:51.0968 3564 [ 1B611611C28D2DF25BC057D79C6F13FC ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
13:07:51.0968 3564 usbccgp - ok
13:07:52.0000 3564 [ 52674B5DBEE499342A599C7771ABECAA ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
13:07:52.0000 3564 usbehci - ok
13:07:52.0031 3564 [ E7BC50AEB2BD199B509BF49510A55E30 ] usbfilter C:\WINDOWS\system32\DRIVERS\usbfilter.sys
13:07:52.0031 3564 usbfilter - ok
13:07:52.0078 3564 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
13:07:52.0078 3564 usbhub - ok
13:07:52.0109 3564 [ C5E11CD822ADF0019A5A862D9C4E2222 ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
13:07:52.0109 3564 usbohci - ok
13:07:52.0156 3564 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
13:07:52.0171 3564 USBSTOR - ok
13:07:52.0187 3564 [ 813236B1183CFCF289E367BD5DE6E29E ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
13:07:52.0203 3564 usbvideo - ok
13:07:52.0234 3564 [ 0955553090E0A88614E5B8A02AF9324C ] VComm C:\WINDOWS\system32\DRIVERS\VComm.sys
13:07:52.0234 3564 VComm - ok
13:07:52.0296 3564 [ EA0D7C68DC77B478F1C08022B8AFE8CA ] VcommMgr C:\WINDOWS\system32\Drivers\VcommMgr.sys
13:07:52.0296 3564 VcommMgr - ok
13:07:52.0343 3564 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
13:07:52.0343 3564 VgaSave - ok
13:07:52.0359 3564 ViaIde - ok
13:07:52.0375 3564 [ 28A4B296B47782173C346E376CB374D1 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
13:07:52.0375 3564 VolSnap - ok
13:07:52.0421 3564 [ D6BA1A63D9E00933F1CD2A885573AFB2 ] VSS C:\WINDOWS\System32\vssvc.exe
13:07:52.0437 3564 VSS - ok
13:07:52.0468 3564 [ DF2E8EA96391126977DA1B8AB6FC39FC ] W32Time C:\WINDOWS\system32\w32time.dll
13:07:52.0484 3564 W32Time - ok
13:07:52.0500 3564 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:07:52.0515 3564 Wanarp - ok
13:07:52.0578 3564 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
13:07:52.0578 3564 Wdf01000 - ok
13:07:52.0593 3564 WDICA - ok
13:07:52.0609 3564 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
13:07:52.0625 3564 wdmaud - ok
13:07:52.0640 3564 [ 47AE51048A82DFA1CD6B51D369F7E169 ] WebClient C:\WINDOWS\System32\webclnt.dll
13:07:52.0640 3564 WebClient - ok
13:07:52.0718 3564 [ 307D248F97835B6879BDD361086924FE ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
13:07:52.0718 3564 winachsf - ok
13:07:52.0828 3564 [ E488332126E3B1182D2B8A0C35408EC6 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
13:07:52.0828 3564 winmgmt - ok
13:07:52.0890 3564 [ 4D34CEDD74BDBF2B6A935EAE3BF80543 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
13:07:52.0921 3564 WinRM - ok
13:07:52.0968 3564 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
13:07:52.0968 3564 WmdmPmSN - ok
13:07:53.0031 3564 [ 4E68A735673CE17152329428524BA1C3 ] Wmi C:\WINDOWS\System32\advapi32.dll
13:07:53.0031 3564 Wmi - ok
13:07:53.0093 3564 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
13:07:53.0093 3564 WmiAcpi - ok
13:07:53.0156 3564 [ 23F6F03272F7E5679F1F050AED5ACEE6 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
13:07:53.0156 3564 WmiApSrv - ok
13:07:53.0234 3564 [ 3739866D20ABD42F26A7B85F9E2560AF ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
13:07:53.0234 3564 WMPNetworkSvc - ok
13:07:53.0281 3564 [ 4C86D5FAF78194995AF9CC1075F65DD3 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
13:07:53.0296 3564 wscsvc - ok
13:07:53.0359 3564 [ 0091D78C5F8FDE0CDF2B214823DE6E48 ] WSIMD C:\WINDOWS\system32\DRIVERS\wsimd.sys
13:07:53.0359 3564 WSIMD - ok
13:07:53.0390 3564 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
13:07:53.0390 3564 WSTCODEC - ok
13:07:53.0437 3564 [ 02E4055488047729B333F99D93877038 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
13:07:53.0453 3564 wuauserv - ok
13:07:53.0468 3564 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
13:07:53.0484 3564 WudfPf - ok
13:07:53.0484 3564 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
13:07:53.0484 3564 WudfRd - ok
13:07:53.0515 3564 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
13:07:53.0531 3564 WudfSvc - ok
13:07:53.0578 3564 [ F345FF726D92D58ABE5B0AEE08D29DF1 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
13:07:53.0593 3564 WZCSVC - ok
13:07:53.0625 3564 [ EAA4BB9EDB3FB10CF8979FE65E63658F ] xmlprov C:\WINDOWS\System32\xmlprov.dll
13:07:53.0640 3564 xmlprov - ok
13:07:53.0671 3564 ================ Scan global ===============================
13:07:53.0703 3564 [ F36278E42C8C5DF03CE17DAC8231C91C ] C:\WINDOWS\system32\basesrv.dll
13:07:53.0734 3564 [ FAF5165FEB2D0EB76C0B12A6961564A4 ] C:\WINDOWS\system32\winsrv.dll
13:07:53.0765 3564 [ FAF5165FEB2D0EB76C0B12A6961564A4 ] C:\WINDOWS\system32\winsrv.dll
13:07:53.0812 3564 [ 3D107D45CCFDB266E91D84B52CD7F430 ] C:\WINDOWS\system32\services.exe
13:07:53.0828 3564 [Global] - ok
13:07:53.0828 3564 ================ Scan MBR ==================================
13:07:53.0843 3564 [ 413FC2A0C716421B3158746D63736515 ] \Device\Harddisk0\DR0
13:07:54.0046 3564 \Device\Harddisk0\DR0 - ok
13:07:54.0046 3564 ================ Scan VBR ==================================
13:07:54.0062 3564 [ 4B004E11ECAD87E6E3AD8CD466EFC183 ] \Device\Harddisk0\DR0\Partition1
13:07:54.0062 3564 \Device\Harddisk0\DR0\Partition1 - ok
13:07:54.0062 3564 ============================================================
13:07:54.0062 3564 Scan finished
13:07:54.0062 3564 ============================================================
13:07:54.0093 2760 Detected object count: 0
13:07:54.0093 2760 Actual detected object count: 0

Příspěvekod **Orcus** » 29 bře 2014 22:03

TDSS čistý. Co problémy?

lucie7272 · Příspěvekod **lucie7272** » 30 bře 2014 11:56

No dneska jeste nevim, protože jsem zapla pc až ted, ale včera večer potvora jeste asi 3x utekla :-(

Nemužu mit třeba nekde neco spatne nastaveného?Ono to neni pořad ale za ten den tak 5x-7x uteče.

Příspěvekod **memphisto** » 30 bře 2014 16:28

Jiná myš to dělá taky?

Vypni rezidentní štít antiviru a antispywaru
Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud bude po kontrole problém spustit aplikace nebo bude vyskakovat hláška o pokusu použít neplatnou operaci na klíč registru, který je oznaèen pro odstranění, stačí restartovat počítač.

lucie7272 · Příspěvekod **lucie7272** » 30 bře 2014 17:13

Jinou mys jsem nezkoušela, tak nejakou seženu a pak jeste zkusim.Mám jeste jednu prosbu. Blbec jsem si o tom nic nepřečetla a stahla jsem si spyhunter a nainstalovala. No a od té doby mam při startu jeste modrou obrazovku kde je nějaká hláška enigma bla bla,kdyžtak restartuju a napisu ji celou ,ale asi tu budete vedet co mám na mysli :-)

Už jsem program odinstalovala,ale na tu hlasku to nemelo vliv.

ComboFix 14-03-24.01 - Lucka 30.03.2014 16:44:31.1.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.1790.1086 [GMT 2:00]
Spuštěný z: c:\documents and settings\Lucka\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\AVAST Software\Avast\setup\01905cab-5556-470c-91d2-3d8e2767ca83.exe
c:\program files\AVAST Software\Avast\setup\0c5d2162-4cdb-4686-b89d-26ea04c4b62d.exe
c:\program files\AVAST Software\Avast\setup\1221cf2b-de32-4bcf-954c-c8f8def373f7.exe
c:\program files\AVAST Software\Avast\setup\1e3355c7-8ccc-46ff-a3a9-bf294076416e.exe
c:\program files\AVAST Software\Avast\setup\2176e280-a5c3-410b-910e-062a560ab7b2.exe
c:\program files\AVAST Software\Avast\setup\2c6e31f0-5e24-4d61-b74a-6357b6037bf3.exe
c:\program files\AVAST Software\Avast\setup\33f66fb3-2538-4597-b03f-db4164ba1fcf.exe
c:\program files\AVAST Software\Avast\setup\361a7d54-b3f0-47a6-8897-2448471dea43.exe
c:\program files\AVAST Software\Avast\setup\3ec646ee-5caf-48ac-bede-aa1d3e859963.exe
c:\program files\AVAST Software\Avast\setup\4d583e1c-34bb-4bb2-835d-a95db7673292.exe
c:\program files\AVAST Software\Avast\setup\502360e1-e1ac-4e85-9d53-a686fa56c3bb.exe
c:\program files\AVAST Software\Avast\setup\5ad15fec-9632-4fdd-9b50-293a2b2a8cf2.exe
c:\program files\AVAST Software\Avast\setup\5d1e4846-6533-4f05-8462-7833d2cc0611.exe
c:\program files\AVAST Software\Avast\setup\5f74eeee-d550-4e95-8ea8-1fd5db59663a.exe
c:\program files\AVAST Software\Avast\setup\73c97fca-797b-4700-9418-30e6930c92b2.exe
c:\program files\AVAST Software\Avast\setup\799eccd9-8c17-4be1-9b2c-f861d54441c3.exe
c:\program files\AVAST Software\Avast\setup\7aa80254-01e9-47dc-a716-fa907ca1b313.exe
c:\program files\AVAST Software\Avast\setup\7b59e78d-31ad-4084-9ff4-6d609696a65a.exe
c:\program files\AVAST Software\Avast\setup\7ec36307-0a7a-4e4b-9f77-baddf15a214a.exe
c:\program files\AVAST Software\Avast\setup\866bf38b-2d6f-459b-8b54-25fe774fda8a.exe
c:\program files\AVAST Software\Avast\setup\88b57fb5-c980-4059-9fde-c411f76539bb.exe
c:\program files\AVAST Software\Avast\setup\89cb52c7-d847-4999-9f03-f8b811ad0675.exe
c:\program files\AVAST Software\Avast\setup\8ef6a281-af90-4ebf-b9f6-3a94e92ed028.exe
c:\program files\AVAST Software\Avast\setup\95fa1c84-fab9-4678-b9d9-7fa55e221e17.exe
c:\program files\AVAST Software\Avast\setup\9968f0df-6b54-48b3-908a-b350750fda14.exe
c:\program files\AVAST Software\Avast\setup\9acb99cc-7df8-42b1-8057-ae94c4221fbb.exe
c:\windows\system32\_000006_.tmp.dll
c:\windows\system32\_000007_.tmp.dll
c:\windows\system32\_000008_.tmp.dll
c:\windows\system32\_000009_.tmp.dll
c:\windows\system32\_000010_.tmp.dll
c:\windows\system32\_000011_.tmp.dll
c:\windows\system32\_000012_.tmp.dll
c:\windows\system32\_000013_.tmp.dll
c:\windows\system32\_000014_.tmp.dll
c:\windows\system32\_000015_.tmp.dll
c:\windows\system32\_000016_.tmp.dll
c:\windows\system32\_000017_.tmp.dll
c:\windows\system32\Desktop_.ini
c:\windows\system32\TZLog.log
c:\program files\AVAST Software\Avast\setup\aa4cfc7e-4c12-46ab-9693-a5b7254ffca0.exe . . . . nemohl být smazán
c:\program files\AVAST Software\Avast\setup\adb9b62e-4a80-4f3c-bdec-6c4934083acc.exe . . . . nemohl být smazán
c:\program files\AVAST Software\Avast\setup\b6eef924-afd1-4f10-afe9-635ad73495be.exe . . . . nemohl být smazán
c:\program files\AVAST Software\Avast\setup\c8732a9a-2f1b-49d9-bf2f-183a76c7dde0.exe . . . . nemohl být smazán
c:\program files\AVAST Software\Avast\setup\c941aca9-ed11-4fec-8fae-6c3b82e064f9.exe . . . . nemohl být smazán
c:\program files\AVAST Software\Avast\setup\e6ba7a0a-30a5-44ff-aa82-4ee0cdda80e4.exe . . . . nemohl být smazán
c:\program files\AVAST Software\Avast\setup\e6f1e5ed-4e1b-443c-a06d-fbcb775552da.exe . . . . nemohl být smazán
c:\program files\AVAST Software\Avast\setup\emupdate\104a298c-073e-4553-bb36-6a1b3c37b67f.exe . . . . nemohl být smazán
c:\program files\AVAST Software\Avast\setup\emupdate\a5f3441b-1fab-4552-b0cb-3b8863535fe7.exe . . . . nemohl být smazán
c:\program files\AVAST Software\Avast\setup\emupdate\c881adb0-626a-4a82-9cf0-d61a6b9520fc.exe . . . . nemohl být smazán
c:\program files\AVAST Software\Avast\setup\emupdate\d10cdf2e-62db-4a46-8d88-ce66026d343c.exe . . . . nemohl být smazán
c:\program files\AVAST Software\Avast\setup\f7477389-6d98-4092-8a30-0b3bf3146573.exe . . . . nemohl být smazán
.
Nakažená kopie c:\windows\system32\midimap.dll byla nalezena a vyléčena.
Obnovena kopie z - c:\windows\NiwradSoft Shell Pack\Backup\midimap.dll
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-02-28 do 2014-03-30 )))))))))))))))))))))))))))))))
.
.
2014-03-28 18:59 . 2014-03-28 18:59 -------- d-----w- c:\windows\ERUNT
2014-03-28 18:51 . 2014-03-28 18:51 -------- d-----w- c:\documents and settings\Lucka\Data aplikací\Windows Search
2014-03-28 16:42 . 2014-03-28 16:42 -------- d-----w- c:\documents and settings\Lucka\Data aplikací\Malwarebytes
2014-03-28 16:42 . 2014-03-28 16:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2014-03-28 16:42 . 2013-04-04 13:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-03-28 16:37 . 2014-03-28 16:42 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Malwarebytes
2014-03-28 16:23 . 2014-03-28 18:43 -------- d-----w- C:\AdwCleaner
2014-03-28 12:43 . 2014-03-28 12:43 388096 ----a-r- c:\documents and settings\Lucka\Data aplikací\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2014-03-28 12:43 . 2014-03-28 12:43 -------- d-----w- c:\program files\Trend Micro
2014-03-23 19:10 . 2014-03-23 19:10 -------- d-----w- c:\documents and settings\Lucka\Data aplikací\eCyber
2014-03-23 07:32 . 2014-03-23 07:32 -------- d-----w- c:\program files\Samsung
2014-03-21 12:57 . 2014-03-22 17:31 -------- d-----w- c:\program files\All Ten Fingers
2014-03-21 12:56 . 2014-03-21 12:57 339456 ----a-w- c:\windows\UIA200.exe
2014-03-20 11:25 . 2014-03-23 07:33 -------- d-----w- c:\documents and settings\Lucka\Data aplikací\Samsung
2014-03-20 11:25 . 2006-05-03 21:53 174592 ----a-w- c:\windows\system32\framedyn.dll
2014-03-20 11:25 . 2003-02-21 17:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
2014-03-20 11:24 . 2007-07-03 16:00 9256 ----a-w- c:\windows\system32\drivers\sscdwhnt.sys
2014-03-20 11:24 . 2007-07-03 16:00 9256 ----a-w- c:\windows\system32\drivers\sscdwh.sys
2014-03-20 11:24 . 2007-07-03 15:58 106792 ----a-w- c:\windows\system32\drivers\sscdmdm.sys
2014-03-20 11:24 . 2007-07-03 15:57 11944 ----a-w- c:\windows\system32\drivers\sscdmdfl.sys
2014-03-20 11:24 . 2007-07-03 15:56 9256 ----a-w- c:\windows\system32\drivers\sscdcmnt.sys
2014-03-20 11:24 . 2007-07-03 15:56 9256 ----a-w- c:\windows\system32\drivers\sscdcm.sys
2014-03-20 11:24 . 2007-07-03 15:54 80552 ----a-w- c:\windows\system32\drivers\sscdbus.sys
2014-03-20 11:24 . 2014-03-20 11:24 -------- d-----w- c:\windows\system32\Samsung_USB_Drivers
2014-03-20 11:24 . 2006-07-24 15:05 5632 ----a-w- c:\windows\system32\drivers\StarOpen.sys
2014-03-14 13:33 . 2007-03-05 06:32 201216 ----a-w- c:\windows\system32\mediarcpt.dll
2014-03-14 13:33 . 2014-03-20 09:04 -------- d-----w- c:\program files\Recepty doma
2014-03-11 19:23 . 2014-03-11 19:23 -------- d-----w- c:\documents and settings\Lucka\Local Settings\Data aplikací\PCHealth
2014-03-11 19:02 . 2014-02-24 11:35 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2014-03-11 19:02 . 2014-02-24 11:35 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2014-03-11 19:02 . 2014-02-24 11:35 630272 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2014-03-11 19:02 . 2014-02-24 11:35 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2014-03-11 19:02 . 2014-02-24 11:35 522240 -c----w- c:\windows\system32\dllcache\jsdbgui.dll
2014-03-11 19:02 . 2014-02-24 11:35 2006016 -c----w- c:\windows\system32\dllcache\iertutil.dll
2014-03-11 19:02 . 2014-02-24 11:35 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2014-03-11 19:02 . 2014-02-24 11:35 11113472 -c----w- c:\windows\system32\dllcache\ieframe.dll
2014-03-11 19:00 . 2014-02-26 23:28 13312 -c----w- c:\windows\system32\dllcache\xp_eos.exe
2014-03-11 19:00 . 2014-02-26 23:28 13312 ------w- c:\windows\system32\xp_eos.exe
2014-03-11 18:47 . 2014-03-11 18:48 -------- d-----w- c:\windows\system32\URTTemp
2014-03-11 18:40 . 2013-07-17 00:58 46848 -c----w- c:\windows\system32\dllcache\irbus.sys
2014-03-11 18:40 . 2013-07-17 00:58 60160 -c----w- c:\windows\system32\dllcache\usbaudio.sys
2014-03-11 18:40 . 2013-07-17 00:58 123008 -c----w- c:\windows\system32\dllcache\usbvideo.sys
2014-03-11 18:40 . 2013-07-03 02:12 25088 -c----w- c:\windows\system32\dllcache\hidparse.sys
2014-03-11 18:40 . 2013-07-03 01:59 14976 -c----w- c:\windows\system32\dllcache\usbscan.sys
2014-03-11 18:39 . 2013-08-09 00:55 32384 -c----w- c:\windows\system32\dllcache\usbccgp.sys
2014-03-11 18:39 . 2013-08-09 00:55 5376 -c----w- c:\windows\system32\dllcache\usbd.sys
2014-03-11 18:39 . 2013-08-09 00:55 144128 -c----w- c:\windows\system32\dllcache\usbport.sys
2014-03-11 18:39 . 2009-03-18 11:02 30336 -c----w- c:\windows\system32\dllcache\usbehci.sys
2014-03-11 18:37 . 2013-02-27 00:21 223232 -c----w- c:\windows\system32\dllcache\wksprt.exe
2014-03-11 18:37 . 2013-02-27 00:21 1034240 -c----w- c:\windows\system32\dllcache\mstsc.exe
2014-03-11 18:37 . 2013-02-27 05:31 2691072 -c----w- c:\windows\system32\dllcache\mstscax.dll
2014-03-11 18:36 . 2013-02-12 00:32 12928 -c----w- c:\windows\system32\dllcache\usb8023x.sys
2014-03-10 21:23 . 2014-03-10 21:23 -------- d-----w- c:\program files\IVT Corporation
2014-03-10 20:53 . 2014-03-10 20:53 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Bluetooth
2014-03-10 06:32 . 2010-03-15 10:31 165376 ----a-w- c:\windows\system32\unrar.dll
2014-03-10 06:32 . 2014-03-10 06:32 -------- d-----w- c:\program files\K-Lite Codec Pack
2014-03-10 06:31 . 2014-03-10 06:31 -------- d-----w- c:\program files\Free Viewer
2014-03-10 06:16 . 2014-03-10 06:16 -------- d-----w- c:\program files\CIT.cz
2014-03-10 06:16 . 2000-01-04 04:39 212992 ----a-w- c:\program files\Common Files\InstallShield\Engine\6\Intel 32\ILog.dll
2014-03-03 20:27 . 2010-05-13 17:34 14232 ----a-w- c:\windows\system32\sh4native.exe
2014-03-03 19:41 . 2014-03-03 19:41 -------- d-----w- c:\program files\Enigma Software Group
2014-03-03 19:41 . 2014-03-03 19:41 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
2014-03-02 15:56 . 2014-03-06 08:36 -------- d-----w- C:\Shoty
2014-03-02 15:55 . 2014-03-02 15:56 -------- d-----w- c:\program files\ScreenShots
2014-03-01 18:10 . 2014-03-01 18:10 -------- d-----w- c:\program files\Common Files\Adobe
2014-03-01 09:34 . 2014-03-01 11:49 -------- d-----w- c:\documents and settings\Lucka\Data aplikací\Zoner
2014-03-01 09:34 . 2014-03-01 11:42 -------- d-----w- c:\documents and settings\Lucka\Local Settings\Data aplikací\Zoner
2014-03-01 09:33 . 2014-03-01 09:33 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Zoner
2014-03-01 09:33 . 2014-03-01 11:41 -------- d-----w- c:\program files\Zoner
2014-02-28 18:20 . 2014-02-28 18:21 -------- d-----w- c:\documents and settings\Lucka\Data aplikací\FreeVideoConverter
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-12 18:06 . 2014-02-26 17:52 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-12 18:06 . 2014-02-26 17:52 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-03-02 08:18 . 2008-04-14 11:00 219648 ----a-w- c:\windows\system32\uxtheme.dll
2014-02-26 18:04 . 2014-02-26 18:04 57939 ----a-w- C:\Uninstal.exe
2014-02-26 17:15 . 2014-02-26 17:15 67824 ----a-w- c:\windows\system32\drivers\aswmonflt.sys
2014-02-26 17:15 . 2014-02-26 17:15 775952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-02-26 17:15 . 2014-02-26 17:15 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2014-02-26 17:15 . 2014-02-26 17:15 180248 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-02-26 17:15 . 2014-02-26 17:15 54832 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2014-02-26 17:15 . 2014-02-26 17:15 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-02-26 17:15 . 2014-02-26 17:15 410784 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-02-26 17:15 . 2014-02-26 17:15 270240 ----a-w- c:\windows\system32\aswBoot.exe
2014-02-26 17:15 . 2014-02-26 17:15 43152 ----a-w- c:\windows\avastSS.scr
2014-02-26 16:34 . 2014-02-26 16:34 315392 ----a-w- c:\windows\HideWin.exe
2014-02-24 11:35 . 2010-01-14 15:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2014-02-24 11:35 . 2010-01-14 15:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2014-02-24 11:35 . 2010-01-14 14:59 18944 ----a-w- c:\windows\system32\corpol.dll
2014-02-24 10:54 . 2010-01-14 15:00 385024 ----a-w- c:\windows\system32\html.iec
2014-02-13 12:46 . 2014-02-13 12:46 354656 ----a-w- c:\windows\system32\DivXControlPanelApplet.cpl
2014-02-07 06:36 . 2010-01-14 15:02 1879040 ----a-w- c:\windows\system32\win32k.sys
2014-02-05 08:55 . 2010-01-14 15:01 563712 ----a-w- c:\windows\system32\qedit.dll
2014-01-04 03:12 . 2010-01-14 15:02 420864 ----a-w- c:\windows\system32\vbscript.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2008-04-14 11:00 . E7B375DFFB68A16659CA66474A280C47 . 806912 . . [2001.12.4414.700] . . c:\windows\NiwradSoft Shell Pack\Backup\comres.dll
[-] 2008-04-14 11:00 . 9BBABCB691B887769048255FA7047C05 . 1508864 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll
[-] 2008-04-14 11:00 . 9BBABCB691B887769048255FA7047C05 . 1508864 . . [2001.12.4414.700] . . c:\windows\system32\dllcache\comres.dll
.
[7] 2010-01-14 . 4212BABCC4408B052193DABAD9A691AB . 509440 . . [5.1.2600.5788] . . c:\windows\NiwradSoft Shell Pack\Backup\winlogon.exe
[-] 2010-01-14 . 36729DA8037FF58F8FFAA39A58382612 . 548864 . . [5.1.2600.5788] . . c:\windows\system32\winlogon.exe
[-] 2010-01-14 . 36729DA8037FF58F8FFAA39A58382612 . 548864 . . [5.1.2600.5788] . . c:\windows\system32\dllcache\winlogon.exe
.
[7] 2010-08-23 . 8A72A30FDC803DC06755D3B36D966F31 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[7] 2010-01-14 . 066FE6E93EBD781CF4FF9478D1C96C79 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5705_x-ww_36cfed49\comctl32.dll
[-] 2008-04-14 . 330F30CB175655313A93AF27C7366550 . 643072 . . [5.82] . . c:\windows\$NtUninstallKB2296011$\comctl32.dll
[7] 2008-04-14 . 4F993463DC5F3F80D77A3D34D7BFBFED . 617472 . . [5.82] . . c:\windows\NiwradSoft Shell Pack\Backup\comctl32.dll
[-] 2008-04-14 . 330F30CB175655313A93AF27C7366550 . 643072 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2008-04-14 . 330F30CB175655313A93AF27C7366550 . 643072 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[7] 2008-04-14 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
.
[7] 2014-02-24 . 83398F56F4B4946B247763D700A244E8 . 6022144 . . [8.00.6001.23569] . . c:\windows\system32\dllcache\mshtml.dll
[-] 2010-01-14 . 9D314090668BBE26E0BE5BBF9C6068BD . 6105600 . . [8.00.6001.22945] . . c:\windows\ie8updates\KB2925418-IE8\mshtml.dll
[7] 2010-01-14 . FC883BC594F028EF5D77B645AE91C914 . 5944320 . . [8.00.6001.22945] . . c:\windows\NiwradSoft Shell Pack\Backup\mshtml.dll
[-] 2010-01-14 . 9D314090668BBE26E0BE5BBF9C6068BD . 6105600 . . [8.00.6001.22945] . . c:\windows\system32\mshtml.dll
.
[7] 2010-01-14 . A88D1807EF5370F4313C58D137D6F7B4 . 578560 . . [5.1.2600.5577] . . c:\windows\NiwradSoft Shell Pack\Backup\user32.dll
[-] 2010-01-14 . 396A99C7B9CD4BF150F63EAB2ADF58DA . 578560 . . [5.1.2600.5577] . . c:\windows\system32\user32.dll
[-] 2010-01-14 . 396A99C7B9CD4BF150F63EAB2ADF58DA . 578560 . . [5.1.2600.5577] . . c:\windows\system32\dllcache\user32.dll
.
[7] 2014-02-24 . 57A4C70E6652DCCD0ADC94364718B891 . 920064 . . [8.00.6001.23569] . . c:\windows\system32\dllcache\wininet.dll
[-] 2010-01-14 . 19504459C7CDB8DB06B338FC8B5967BD . 983040 . . [8.00.6001.22945] . . c:\windows\ie8updates\KB2925418-IE8\wininet.dll
[7] 2010-01-14 . 4941ADD731725AF468342E42B71F776C . 916480 . . [8.00.6001.22945] . . c:\windows\NiwradSoft Shell Pack\Backup\wininet.dll
[-] 2010-01-14 . 19504459C7CDB8DB06B338FC8B5967BD . 983040 . . [8.00.6001.22945] . . c:\windows\system32\wininet.dll
.
[-] 2010-01-14 . DD0A17917ACBB8CA8A2AB260CBDBFF62 . 1541120 . . [6.00.2900.5634] . . c:\windows\explorer.exe
[7] 2010-01-14 . 8AB626E4E4B289646E11311E66FB0B88 . 1034240 . . [6.00.2900.5634] . . c:\windows\NiwradSoft Shell Pack\Backup\explorer.exe
[-] 2010-01-14 . DD0A17917ACBB8CA8A2AB260CBDBFF62 . 1541120 . . [6.00.2900.5634] . . c:\windows\system32\dllcache\explorer.exe
.
[-] 2008-04-14 . 6915639F41228891A883B2DA59AA7429 . 277504 . . [5.1.2600.5512] . . c:\windows\regedit.exe
[7] 2008-04-14 . FDEB1D02CAE38665CBF114F44E6B997E . 147968 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\regedit.exe
[-] 2008-04-14 . 6915639F41228891A883B2DA59AA7429 . 277504 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\regedit.exe
.
[7] 2013-08-05 . C7B8A9BCD06540591B70B0D459039D83 . 1289216 . . [5.1.2600.6435] . . c:\windows\system32\dllcache\ole32.dll
[-] 2010-01-14 . C7D3150A2C6FEF268E9FDAF91C465347 . 1313280 . . [5.1.2600.5692] . . c:\windows\$NtUninstallKB2876217$\ole32.dll
[-] 2010-01-14 . C7D3150A2C6FEF268E9FDAF91C465347 . 1313280 . . [5.1.2600.5692] . . c:\windows\$NtUninstallKB979687$\ole32.dll
[7] 2010-01-14 . 924A03096E662D7B413CF46706B809AC . 1288192 . . [5.1.2600.5692] . . c:\windows\NiwradSoft Shell Pack\Backup\ole32.dll
[-] 2010-01-14 . C7D3150A2C6FEF268E9FDAF91C465347 . 1313280 . . [5.1.2600.5692] . . c:\windows\system32\ole32.dll
.
[7] 2008-04-14 . A756B8F0F7BAFBA6DFE39F7D169F2519 . 15360 . . [5.1.2600.5512] . . c:\windows\NiwradSoft Shell Pack\Backup\ctfmon.exe
[-] 2008-04-14 . 0415E09C0BCCBF8B5CD5A05889EFB962 . 40448 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[-] 2008-04-14 . 0415E09C0BCCBF8B5CD5A05889EFB962 . 40448 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\ctfmon.exe
.
[-] 2009-10-09 . FF876311F58C86EC3E1A24F585949C25 . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
[7] 2010-01-14 . 5FB6576F86C47C3CD3CE86E6F6D4EFE9 . 345088 . . [5.1.2600.5589] . . c:\windows\NiwradSoft Shell Pack\Backup\hnetcfg.dll
[-] 2010-01-14 . 86758EFFC9BA0CDC9802EBC30369F89D . 369152 . . [5.1.2600.5589] . . c:\windows\system32\hnetcfg.dll
[-] 2010-01-14 . 86758EFFC9BA0CDC9802EBC30369F89D . 369152 . . [5.1.2600.5589] . . c:\windows\system32\dllcache\hnetcfg.dll
.
[7] 2010-01-14 . B60DDDD2D63CE41CB8C487FCFBB6419E . 638816 . . [8.00.6001.18702] . . c:\windows\NiwradSoft Shell Pack\Backup\IEXPLORE.EXE
[-] 2010-01-14 . F68C1BAC147227B86FFB36828FF8BEDF . 510816 . . [8.00.6001.18702] . . c:\windows\system32\dllcache\iexplore.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-02-26 17:15 259464 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2010-01-14 304128]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sh4native Sh4Removal
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Core Temp
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleilCS.exe"=
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [26.2.2014 19:15 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [26.2.2014 19:15 180248]
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [31.7.2008 21:45 20744]
R0 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [20.2.2006 17:01 29056]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [26.2.2014 19:15 775952]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [26.2.2014 19:15 410784]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare 5\ASCService.exe [26.2.2014 20:12 913752]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswmonflt.sys [26.2.2014 19:15 67824]
R2 BsMobileCS;BsMobileCS;c:\program files\IVT Corporation\BlueSoleil\BsMobileCS.exe [27.2.2009 17:40 143467]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [28.3.2014 18:42 701512]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [26.2.2014 22:25 103040]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [7.12.2008 13:44 30088]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2.7.2008 15:58 26248]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [28.3.2014 18:42 22856]
R3 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [27.2.2006 16:00 48472]
R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [26.2.2014 22:29 43816]
S1 DumpDrv;Crash Dump Driver;c:\windows\system32\drivers\dumpdrv.sys [14.1.2010 17:04 9472]
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-15 19:33 1150280 ----a-w- c:\program files\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-03-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-26 18:06]
.
2014-03-30 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2014-02-26 17:15]
.
2014-03-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-03-03 18:21]
.
2014-03-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-03-03 18:21]
.
2014-03-11 c:\windows\Tasks\Měsíční oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-03-11 23:28]
.
2014-03-30 c:\windows\Tasks\Přihlášení k oznamování konce poskytování služeb pro Microsoft Windows XP.job
- c:\windows\system32\xp_eos.exe [2014-03-11 23:28]
.
.
------- Doplňkový sken -------
.
uStart Page = about:blank
mStart Page = about:blank
IE: Send by Bluetooth - c:\program files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
IE: Send to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send via &Message... - c:\program files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
TCP: DhcpNameServer = 192.168.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Notify-RailNotification - (no file)
MSConfigStartUp-chrome - (no file)
AddRemove-Free Video Converter - c:\program files\Free Video Converter\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-03-30 16:57
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.NET CLR Data]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.NET CLR Networking]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.NET Data Provider for Oracle]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.NET Data Provider for SqlServer]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\.NETFramework]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Abiosdsk]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\abp480n5]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ACPI]
"ImagePath"="system32\DRIVERS\ACPI.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ACPIEC]
"ImagePath"="system32\DRIVERS\ACPIEC.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AdobeFlashPlayerUpdateSvc]
"ImagePath"="c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\adpu160m]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AdvancedSystemCareService5]
"ImagePath"="c:\program files\IObit\Advanced SystemCare 5\ASCService.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aec]
"ImagePath"="system32\drivers\aec.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AFD]
"ImagePath"="\SystemRoot\System32\drivers\afd.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Aha154x]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aic78u2]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aic78xx]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Alerter]
"ServiceDll"="%SystemRoot%\system32\alrsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ALG]
"ImagePath"="%SystemRoot%\System32\alg.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AliIde]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\amsint]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AppMgmt]
"ServiceDll"="%SystemRoot%\System32\appmgmts.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AR5416]
"ImagePath"="system32\DRIVERS\athw.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\asc]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\asc3350p]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\asc3550]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ASP.NET]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ASP.NET_1.1.4322]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ASP.NET_2.0.50727]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aspnet_state]
"ImagePath"="%SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswMonFlt]
"ImagePath"="\??\c:\windows\system32\drivers\aswMonFlt.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswRdr]
"ImagePath"="\??\c:\windows\system32\drivers\aswRdr.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswRvrt]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswSnx]
"ImagePath"="\??\c:\windows\system32\drivers\aswSnx.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswSP]
"ImagePath"="\??\c:\windows\system32\drivers\aswSP.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswTdi]
"ImagePath"="\??\c:\windows\system32\drivers\aswTdi.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswVmm]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AsyncMac]
"ImagePath"="system32\DRIVERS\asyncmac.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\atapi]
"ImagePath"="system32\DRIVERS\atapi.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Atdisk]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ati HotKey Poller]
"ImagePath"="%SystemRoot%\system32\Ati2evxx.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ati2mtag]
"ImagePath"="system32\DRIVERS\ati2mtag.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Atierecord]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AtiHDAudioService]
"ImagePath"="system32\drivers\AtihdXP3.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Atmarpc]
"ImagePath"="system32\DRIVERS\atmarpc.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\AudioSrv]
"ServiceDll"="%SystemRoot%\System32\audiosrv.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\audstub]
"ImagePath"="system32\DRIVERS\audstub.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\avast! Antivirus]
"ImagePath"="\"c:\program files\AVAST Software\Avast\AvastSvc.exe\""
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\b57w2k]
"ImagePath"="system32\DRIVERS\b57xp32.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BattC]
"MofImagePath"="System32\Drivers\battc.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Beep]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BITS]
"ServiceDll"="%systemroot%\system32\qmgr.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BlueletAudio]
"ImagePath"="system32\DRIVERS\blueletaudio.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BlueletSCOAudio]
"ImagePath"="system32\DRIVERS\BlueletSCOAudio.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BlueSoleilCS]
"ImagePath"="c:\program files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Browser]
"ServiceDll"="%SystemRoot%\System32\browser.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BsHelpCS]
"ImagePath"="c:\program files\IVT Corporation\BlueSoleil\BsHelpCS.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BsMobileCS]
"ImagePath"="c:\program files\IVT Corporation\BlueSoleil\BsMobileCS.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BT]
"ImagePath"="system32\DRIVERS\btnetdrv.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\btaudio]
"ImagePath"="system32\drivers\btaudio.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Btcsrusb]
"ImagePath"="System32\Drivers\btcusb.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BTDriver]
"ImagePath"="system32\DRIVERS\btport.sys"

lucie7272 · Příspěvekod **lucie7272** » 30 bře 2014 17:13

.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BtHidBus]
"ImagePath"="System32\Drivers\BtHidBus.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BTHidEnum]
"ImagePath"="System32\Drivers\vbtenum.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BTHidMgr]
"ImagePath"="System32\Drivers\BTHidMgr.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BTKRNL]
"ImagePath"="system32\DRIVERS\btkrnl.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\btnetBUs]
"ImagePath"="System32\Drivers\btnetBus.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BTNetFilter]
"ImagePath"="\??\c:\program files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\btwdins]
"ImagePath"="c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BTWDNDIS]
"ImagePath"="system32\DRIVERS\btwdndis.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\btwhid]
"ImagePath"="system32\DRIVERS\btwhid.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BTWUSB]
"ImagePath"="System32\Drivers\btwusb.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\catchme]
"ImagePath"="\??\c:\docume~1\Lucka\LOCALS~1\Temp\catchme.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\cbidf2k]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CCDECODE]
"ImagePath"="system32\DRIVERS\CCDECODE.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\cd20xrnt]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Cdaudio]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Cdfs]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Cdrom]
"ImagePath"="system32\DRIVERS\cdrom.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Changer]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CiSvc]
"ImagePath"="%SystemRoot%\system32\cisvc.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ClipSrv]
"ImagePath"="%SystemRoot%\system32\clipsrv.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\clr_optimization_v2.0.50727_32]
"ImagePath"="c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CmBatt]
"ImagePath"="system32\DRIVERS\CmBatt.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CmdIde]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Compbatt]
"ImagePath"="system32\DRIVERS\compbatt.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\COMSysApp]
"ImagePath"="%SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ContentFilter]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ContentIndex]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Cpqarray]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CryptSvc]
"ServiceDll"="%SystemRoot%\System32\cryptsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dac2w2k]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dac960nt]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\DcomLaunch]
"ServiceDll"="%SystemRoot%\system32\rpcss.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Dhcp]
"ServiceDll"="%SystemRoot%\System32\dhcpcsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Disk]
"ImagePath"="system32\DRIVERS\disk.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dmadmin]
"ImagePath"="%SystemRoot%\System32\dmadmin.exe /com"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dmboot]
"ImagePath"="System32\drivers\dmboot.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dmio]
"ImagePath"="System32\drivers\dmio.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dmload]
"ImagePath"="System32\drivers\dmload.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dmserver]
"ServiceDll"="%SystemRoot%\System32\dmserver.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\DMusic]
"ImagePath"="system32\drivers\DMusic.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Dnscache]
"ServiceDll"="%SystemRoot%\System32\dnsrslvr.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Dot3svc]
"ServiceDll"="%SystemRoot%\System32\dot3svc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\dpti2o]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\drmkaud]
"ImagePath"="system32\drivers\drmkaud.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\DumpDrv]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EapHost]
"ServiceDll"="%SystemRoot%\System32\eapsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ERSvc]
"ServiceDll"="%SystemRoot%\System32\ersvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Eventlog]
"ImagePath"="%SystemRoot%\system32\services.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EventSystem]
"ServiceDll"="c:\windows\system32\es.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\exFat]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Fastfat]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\FastUserSwitchingCompatibility]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Fdc]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Fips]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Flpydisk]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\FltMgr]
"ImagePath"="system32\DRIVERS\fltMgr.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\FontCache3.0.0.0]
"ImagePath"="c:\windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Fs_Rec]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ftdisk]
"ImagePath"="system32\DRIVERS\ftdisk.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Gpc]
"ImagePath"="system32\DRIVERS\msgpc.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\gupdate]
"ImagePath"="\"c:\program files\Google\Update\GoogleUpdate.exe\" /svc"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\gupdatem]
"ImagePath"="\"c:\program files\Google\Update\GoogleUpdate.exe\" /medsvc"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HDAudBus]
"ImagePath"="system32\DRIVERS\HDAudBus.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\helpsvc]
"ServiceDll"="%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HidServ]
"ServiceDll"="%SystemRoot%\System32\hidserv.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\hidusb]
"ImagePath"="system32\DRIVERS\hidusb.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\hkmsvc]
"ServiceDll"="%SystemRoot%\System32\kmsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\hpn]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HSFHWAZL]
"ImagePath"="system32\DRIVERS\HSFHWAZL.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HSF_DPV]
"ImagePath"="system32\DRIVERS\HSF_DPV.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HTTP]
"ImagePath"="System32\Drivers\HTTP.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\HTTPFilter]
"ServiceDll"="%SystemRoot%\System32\w3ssl.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\i2omgmt]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\i2omp]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\i8042prt]
"ImagePath"="system32\DRIVERS\i8042prt.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IDriverT]
"ImagePath"="\"c:\program files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe\""
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\idsvc]
"ImagePath"="\"c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe\""
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Imapi]
"ImagePath"="system32\DRIVERS\imapi.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ImapiService]
"ImagePath"="%systemroot%\system32\imapi.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\inetaccs]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ini910u]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Inport]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IntcAzAudAddService]
"ImagePath"="system32\drivers\RtkHDAud.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IntelIde]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ip6Fw]
"ImagePath"="system32\DRIVERS\Ip6Fw.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IpFilterDriver]
"ImagePath"="system32\DRIVERS\ipfltdrv.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IpInIp]
"ImagePath"="system32\DRIVERS\ipinip.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IpNat]
"ImagePath"="system32\DRIVERS\ipnat.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IPSec]
"ImagePath"="system32\DRIVERS\ipsec.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IRENUM]
"ImagePath"="system32\DRIVERS\irenum.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\iSafeNetFilter]
"ImagePath"="\??\c:\program files\iSafe\iSafeNetFilter.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ISAPISearch]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\isapnp]
"ImagePath"="system32\DRIVERS\isapnp.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\IvtBtBUs]
"ImagePath"="System32\Drivers\IvtBtBus.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Kbdclass]
"ImagePath"="system32\DRIVERS\kbdclass.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\kmixer]
"ImagePath"="system32\drivers\kmixer.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\KSecDD]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\LanmanServer]
"ServiceDll"="%SystemRoot%\System32\srvsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\lanmanworkstation]
"ServiceDll"="%SystemRoot%\System32\wkssvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\lbrtfdc]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ldap]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\LHidFlt2]
"ImagePath"="system32\DRIVERS\LHidFlt2.Sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\LHidUsb]
"ImagePath"="System32\Drivers\LHidUsb.Sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\LicenseService]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\LmHosts]
"ServiceDll"="%SystemRoot%\System32\lmhsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\LMouFlt2]
"ImagePath"="system32\DRIVERS\LMouFlt2.Sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MBAMProtector]
"ImagePath"="\??\c:\windows\system32\drivers\mbam.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MBAMScheduler]
"ImagePath"="\"c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe\""
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MBAMService]
"ImagePath"="\"c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe\""
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mdmxsdk]
"ImagePath"="system32\DRIVERS\mdmxsdk.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Messenger]
"ServiceDll"="%SystemRoot%\System32\msgsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mnmdd]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mnmsrvc]
"ImagePath"="c:\windows\system32\mnmsrvc.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Modem]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Mouclass]
"ImagePath"="system32\DRIVERS\mouclass.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mouhid]
"ImagePath"="system32\DRIVERS\mouhid.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MountMgr]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mraid35x]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MRxDAV]
"ImagePath"="system32\DRIVERS\mrxdav.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MRxSmb]
"ImagePath"="system32\DRIVERS\mrxsmb.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSDTC]
"ImagePath"="c:\windows\system32\msdtc.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSDTC Bridge 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Msfs]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSIServer]
"ImagePath"="%systemroot%\system32\msiexec.exe /V"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSKSSRV]
"ImagePath"="system32\drivers\MSKSSRV.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSPCLOCK]
"ImagePath"="system32\drivers\MSPCLOCK.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSPQM]
"ImagePath"="system32\drivers\MSPQM.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSSCNTRS]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\mssmbios]
"ImagePath"="system32\DRIVERS\mssmbios.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MSTEE]
"ImagePath"="system32\drivers\MSTEE.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Mup]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NABTSFEC]
"ImagePath"="system32\DRIVERS\NABTSFEC.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\napagent]
"ServiceDll"="%SystemRoot%\System32\qagentrt.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NDIS]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NdisIP]
"ImagePath"="system32\DRIVERS\NdisIP.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NdisTapi]
"ImagePath"="system32\DRIVERS\ndistapi.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ndisuio]
"ImagePath"="system32\DRIVERS\ndisuio.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NdisWan]
"ImagePath"="system32\DRIVERS\ndiswan.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NDProxy]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NetBIOS]
"ImagePath"="system32\DRIVERS\netbios.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NetBT]
"ImagePath"="system32\DRIVERS\netbt.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NetDDE]
"ImagePath"="%SystemRoot%\system32\netdde.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NetDDEdsdm]
"ImagePath"="%SystemRoot%\system32\netdde.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Netlogon]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Netman]
"ServiceDll"="%SystemRoot%\System32\netman.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NetTcpPortSharing]
"ImagePath"="\"c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe\""
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Nla]
"ServiceDll"="%SystemRoot%\System32\mswsock.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Npfs]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ntfs]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NtLmSsp]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NtmsSvc]
"ServiceDll"="%SystemRoot%\system32\ntmssvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Null]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NwlnkFlt]
"ImagePath"="system32\DRIVERS\nwlnkflt.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\NwlnkFwd]
"ImagePath"="system32\DRIVERS\nwlnkfwd.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\O2Flash]
"ImagePath"="\"c:\program files\O2Micro Flash Memory Card Driver\o2flash.exe\""
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\O2MDRDR]
"ImagePath"="system32\DRIVERS\o2media.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\O2SDRDR]
"ImagePath"="system32\DRIVERS\o2sd.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Parport]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PartMgr]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ParVdm]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PCI]
"ImagePath"="system32\DRIVERS\pci.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PCIDump]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PCIIde]
"ImagePath"="system32\DRIVERS\pciide.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Pcmcia]
"ImagePath"="system32\DRIVERS\pcmcia.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PDCOMP]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PDFRAME]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PDRELI]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PDRFRAME]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\perc2]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\perc2hib]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PerfDisk]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PerfNet]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PerfOS]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PerfProc]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PlugPlay]
"ImagePath"="%SystemRoot%\system32\services.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PolicyAgent]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PptpMiniport]
"ImagePath"="system32\DRIVERS\raspptp.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Processor]
"ImagePath"="system32\DRIVERS\processr.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ProtectedStorage]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PSched]
"ImagePath"="system32\DRIVERS\psched.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ptilink]
"ImagePath"="system32\DRIVERS\ptilink.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ql1080]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Ql10wnt]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ql12160]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ql1240]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ql1280]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RasAcd]
"ImagePath"="system32\DRIVERS\rasacd.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RasAuto]
"ServiceDll"="%SystemRoot%\System32\rasauto.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Rasl2tp]
"ImagePath"="system32\DRIVERS\rasl2tp.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RasMan]
"ServiceDll"="%SystemRoot%\System32\rasmans.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RasPppoe]
"ImagePath"="system32\DRIVERS\raspppoe.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Raspti]
"ImagePath"="system32\DRIVERS\raspti.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Rdbss]
"ImagePath"="system32\DRIVERS\rdbss.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RDPCDD]
"ImagePath"="System32\DRIVERS\RDPCDD.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RDPDD]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\rdpdr]
"ImagePath"="system32\DRIVERS\rdpdr.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RDPNP]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RDPWD]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RDSessMgr]
"ImagePath"="c:\windows\system32\sessmgr.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\redbook]
"ImagePath"="system32\DRIVERS\redbook.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RemoteAccess]
"ServiceDll"="%SystemRoot%\System32\mprdim.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RemoteRegistry]
"ServiceDll"="%SystemRoot%\system32\regsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ROOTMODEM]
"ImagePath"="System32\Drivers\RootMdm.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RpcLocator]
"ImagePath"="%SystemRoot%\system32\locator.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RpcSs]
"ServiceDll"="%SystemRoot%\System32\rpcss.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\rspndr]
"ImagePath"="system32\DRIVERS\rspndr.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\RSVP]
"ImagePath"="%SystemRoot%\system32\rsvp.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SamSs]
"ImagePath"="%SystemRoot%\system32\lsass.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SCardSvr]
"ImagePath"="%SystemRoot%\System32\SCardSvr.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Schedule]
"ServiceDll"="%SystemRoot%\system32\schedsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sdbus]
"ImagePath"="system32\DRIVERS\sdbus.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Secdrv]
"ImagePath"="system32\DRIVERS\secdrv.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\seclogon]
"ServiceDll"="%SystemRoot%\System32\seclogon.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SENS]
"ServiceDll"="%SystemRoot%\system32\sens.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Serenum]
"ImagePath"="system32\DRIVERS\serenum.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Serial]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ServiceModelEndpoint 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ServiceModelOperation 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ServiceModelService 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sffdisk]
"ImagePath"="system32\DRIVERS\sffdisk.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sffp_sd]
"ImagePath"="system32\DRIVERS\sffp_sd.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Sfloppy]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess]
"ServiceDll"="%SystemRoot%\System32\ipnathlp.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ShellHWDetection]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Simbad]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SLIP]
"ImagePath"="system32\DRIVERS\SLIP.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SMSvcHost 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Sparrow]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\splitter]
"ImagePath"="system32\drivers\splitter.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Spooler]
"ImagePath"="%SystemRoot%\system32\spoolsv.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SR]
"ImagePath"="system32\DRIVERS\sr.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\srservice]
"ServiceDll"="%SystemRoot%\system32\srsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Srv]
"ImagePath"="system32\DRIVERS\srv.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sscdbus]
"ImagePath"="system32\DRIVERS\sscdbus.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sscdmdfl]
"ImagePath"="system32\DRIVERS\sscdmdfl.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sscdmdm]
"ImagePath"="system32\DRIVERS\sscdmdm.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SSDPSRV]
"ServiceDll"="%SystemRoot%\System32\ssdpsrv.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\StarOpen]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\stisvc]
"ServiceDll"="%SystemRoot%\system32\wiaservc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\streamip]
"ImagePath"="system32\DRIVERS\StreamIP.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\swenum]
"ImagePath"="system32\DRIVERS\swenum.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\swmidi]
"ImagePath"="system32\drivers\swmidi.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SwPrv]
"ImagePath"="c:\windows\system32\dllhost.exe /Processid:{04AC7FB8-8CD6-4212-AF68-9D600BEA333D}"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\symc810]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\symc8xx]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sym_hi]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sym_u3]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SynTP]
"ImagePath"="system32\DRIVERS\SynTP.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\sysaudio]
"ImagePath"="system32\drivers\sysaudio.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SysmonLog]
"ImagePath"="%SystemRoot%\system32\smlogsvc.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TapiSrv]
"ServiceDll"="%SystemRoot%\System32\tapisrv.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip]
"ImagePath"="system32\DRIVERS\tcpip.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TDPIPE]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TDTCP]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TermDD]
"ImagePath"="system32\DRIVERS\termdd.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TermService]
"ServiceDll"="%SystemRoot%\System32\termsrv.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Themes]
"ServiceDll"="%SystemRoot%\System32\shsvcs.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TlntSvr]
"ImagePath"="c:\windows\system32\tlntsvr.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TosIde]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TrkWks]
"ServiceDll"="%SystemRoot%\system32\trkwks.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\TSDDD]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Udfs]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\UGatherer]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\UGTHRSVC]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\UIUSys]
"ImagePath"="system32\DRIVERS\UIUSYS.SYS"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ultra]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Update]
"ImagePath"="system32\DRIVERS\update.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\upnphost]
"ServiceDll"="%SystemRoot%\System32\upnphost.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\UPS]
"ImagePath"="%SystemRoot%\System32\ups.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbccgp]
"ImagePath"="system32\DRIVERS\usbccgp.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbehci]
"ImagePath"="system32\DRIVERS\usbehci.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbfilter]
"ImagePath"="system32\DRIVERS\usbfilter.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbhub]
"ImagePath"="system32\DRIVERS\usbhub.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbohci]
"ImagePath"="system32\DRIVERS\usbohci.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\USBSTOR]
"ImagePath"="system32\DRIVERS\USBSTOR.SYS"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\usbvideo]
"ImagePath"="System32\Drivers\usbvideo.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\VComm]
"ImagePath"="system32\DRIVERS\VComm.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\VcommMgr]
"ImagePath"="System32\Drivers\VcommMgr.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\VgaSave]
"ImagePath"="\SystemRoot\System32\drivers\vga.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ViaIde]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\VolSnap]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\VSS]
"ImagePath"="%SystemRoot%\System32\vssvc.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\W32Time]
"ServiceDll"="%systemroot%\system32\w32time.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\W3SVC]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Wanarp]
"ImagePath"="system32\DRIVERS\wanarp.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Wdf01000]
"ImagePath"="System32\Drivers\wdf01000.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WDICA]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\wdmaud]
"ImagePath"="system32\drivers\wdmaud.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WebClient]
"ServiceDll"="%SystemRoot%\System32\webclnt.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\winachsf]
"ImagePath"="system32\DRIVERS\HSF_CNXT.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Windows Workflow Foundation 3.0.0.0]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\winmgmt]
"ServiceDll"="%SystemRoot%\system32\wbem\WMIsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WinRM]
"ServiceDll"="%SystemRoot%\system32\WsmSvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Winsock]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WinSock2]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WinTrust]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WmdmPmSN]
"ServiceDll"="c:\windows\system32\mspmsnsv.dll"
--
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Wmi]
"ServiceDll"="%SystemRoot%\System32\advapi32.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WmiAcpi]
"ImagePath"="system32\DRIVERS\wmiacpi.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WmiApRpl]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WmiApSrv]
"ImagePath"="c:\windows\system32\wbem\wmiapsrv.exe"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WMPNetworkSvc]
"ImagePath"="\"c:\program files\Windows Media Player\WMPNetwk.exe\""
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WS2IFSL]
"ImagePath"="\SystemRoot\System32\drivers\ws2ifsl.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\wscsvc]
"ServiceDll"="%SYSTEMROOT%\system32\wscsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WSearchIdxPi]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WSIMD]
"ImagePath"="system32\DRIVERS\wsimd.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WSTCODEC]
"ImagePath"="system32\DRIVERS\WSTCODEC.SYS"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\wuauserv]
"ServiceDll"="%systemroot%\system32\wuauserv.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WudfPf]
"ImagePath"="system32\DRIVERS\WudfPf.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WudfRd]
"ImagePath"="system32\DRIVERS\wudfrd.sys"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WudfSvc]
"ServiceDll"="%SystemRoot%\System32\WUDFSvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\WZCSVC]
"ServiceDll"="%SystemRoot%\System32\wzcsvc.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\xmlprov]
"ServiceDll"="%SystemRoot%\System32\xmlprov.dll"
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{21A2F881-F21F-4835-BA6C-6292046164A1}]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{46EFD2CF-4993-48F9-90D7-73F8F6FA8782}]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{8488E181-03DF-4480-9311-87D03D43A30C}]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{CDCBBC18-6596-40BF-9961-A46758453E37}]
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{E21A3194-14A2-4FE4-9B22-CA361BE54D2B}]
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(1020)
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
c:\windows\system32\COMRes.dll
c:\windows\system32\cscui.dll
.
- - - - - - - > 'lsass.exe'(1076)
c:\windows\system32\setupapi.dll
c:\windows\system32\psbase.dll
.
- - - - - - - > 'explorer.exe'(1748)
c:\windows\system32\COMRes.dll
c:\windows\system32\msi.dll
c:\windows\System32\cscui.dll
c:\windows\system32\SETUPAPI.dll
c:\windows\system32\NETSHELL.dll
c:\windows\system32\credui.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\BsMobileSDK.dll
c:\windows\system32\BsLangInDepRes.dll
c:\windows\system32\Bs2Res.dll
c:\windows\system32\btncopy.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files\O2Micro Flash Memory Card Driver\o2flash.exe
c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files\IVT Corporation\BlueSoleil\BtTray.exe
c:\program files\IObit\Advanced SystemCare 5\ASCTray.exe
c:\program files\AVAST Software\Avast\AvastUI.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Celkový čas: 2014-03-30 17:00:20 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-03-30 15:00
.
Před spuštěním: Volných bajtů: 289 231 142 912
Po spuštění: Volných bajtů: 289 186 484 224
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - D4AFCF6068DB5999FC43D5B4996154C0
413FC2A0C716421B3158746D63736515

Prosím o kontrolu logu,utíká myš Vyřešeno

Prosím o kontrolu logu,utíká myš

Re: Prosím o kontrolu logu,utíká myš

Re: Prosím o kontrolu logu,utíká myš

Re: Prosím o kontrolu logu,utíká myš

Re: Prosím o kontrolu logu,utíká myš

Re: Prosím o kontrolu logu,utíká myš

Re: Prosím o kontrolu logu,utíká myš

Re: Prosím o kontrolu logu,utíká myš

Re: Prosím o kontrolu logu,utíká myš

Re: Prosím o kontrolu logu,utíká myš

Re: Prosím o kontrolu logu,utíká myš

Re: Prosím o kontrolu logu,utíká myš

Kdo je online