Prosím o kontrolu logu, zdvojené háčky a čárky Vyřešeno

[DiTecka]

Už mi to asi dva dny nedělalo, až najednou zas teˇˇd.

[Reklama]

[DiTecka]

Vyhodilo mi to dva logy...

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Spuštěno v : Normální režim
Uživatel : DiTečka [Práva správce]
Mód : Kontrola -- Datum : 04/02/2014 19:49:26
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 12 ¤¤¤
[RUN][SUSP UNIC] HKCU\[...]\Run : hiba.exe (C:\Users\DiTečka\AppData\Roaming\Eliqbe\hiba.exe [-]) -> NALEZENO
[RUN][SUSP UNIC] HKUS\S-1-5-21-2837769118-3272812729-1211413634-1000\[...]\Run : hiba.exe (C:\Users\DiTečka\AppData\Roaming\Eliqbe\hiba.exe [-]) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] EAT @explorer.exe (BTWPIMIFIsObject) : ContextMenu.cze -> HOOKED (C:\Program Files\WIDCOMM\Bluetooth Software\btwpimif.dll @ 0x06173CB0)
[Address] EAT @explorer.exe (BTWPIMIFSaveObject) : ContextMenu.cze -> HOOKED (C:\Program Files\WIDCOMM\Bluetooth Software\btwpimif.dll @ 0x06173DB0)
[Address] EAT @explorer.exe (BTWPIMIFSaveObjectEx) : ContextMenu.cze -> HOOKED (C:\Program Files\WIDCOMM\Bluetooth Software\btwpimif.dll @ 0x06172040)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9500325AS ATA Device +++++
--- User ---
[MBR] 0d07d72b43e182bc687c3bcc8ad63bab
[BSP] e0823f4dc0bb9d171d421cfb9854e463 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 12000 MB
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 24579450 | Size: 238464 MB
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 512955450 | Size: 226471 MB
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_04022014_194926.txt >>

[DiTecka]

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Spuštěno v : Normální režim
Uživatel : DiTečka [Práva správce]
Mód : Odebrat -- Datum : 04/02/2014 19:49:44
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 12 ¤¤¤
[RUN][SUSP UNIC] HKCU\[...]\Run : hiba.exe (C:\Users\DiTečka\AppData\Roaming\Eliqbe\hiba.exe [-]) -> VYMAZÁNO
[RUN][SUSP UNIC] HKUS\S-1-5-21-2837769118-3272812729-1211413634-1000\[...]\Run : hiba.exe (C:\Users\DiTečka\AppData\Roaming\Eliqbe\hiba.exe [-]) -> [0x2] Systém nemůže nalézt uvedený soubor.
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> VYMAZÁNO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> VYMAZÁNO
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> NAHRAZENO (1)
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NAHRAZENO (0)
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> NAHRAZENO (0)

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NAHRÁNO] ¤¤¤
[Address] EAT @explorer.exe (BTWPIMIFIsObject) : ContextMenu.cze -> HOOKED (C:\Program Files\WIDCOMM\Bluetooth Software\btwpimif.dll @ 0x06173CB0)
[Address] EAT @explorer.exe (BTWPIMIFSaveObject) : ContextMenu.cze -> HOOKED (C:\Program Files\WIDCOMM\Bluetooth Software\btwpimif.dll @ 0x06173DB0)
[Address] EAT @explorer.exe (BTWPIMIFSaveObjectEx) : ContextMenu.cze -> HOOKED (C:\Program Files\WIDCOMM\Bluetooth Software\btwpimif.dll @ 0x06172040)

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST9500325AS ATA Device +++++
--- User ---
[MBR] 0d07d72b43e182bc687c3bcc8ad63bab
[BSP] e0823f4dc0bb9d171d421cfb9854e463 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 12000 MB
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 24579450 | Size: 238464 MB
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 512955450 | Size: 226471 MB
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_04022014_194944.txt >>
RKreport[0]_S_04022014_194926.txt

[DiTecka]

19:56:18.0432 5332 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:56:18.0448 5332 ============================================================
19:56:18.0448 5332 Current date / time: 2014/04/02 19:56:18.0448
19:56:18.0448 5332 SystemInfo:
19:56:18.0448 5332
19:56:18.0448 5332 OS Version: 6.0.6002 ServicePack: 2.0
19:56:18.0448 5332 Product type: Workstation
19:56:18.0448 5332 ComputerName: PC
19:56:18.0448 5332 UserName: DiTečka
19:56:18.0448 5332 Windows directory: C:\Windows
19:56:18.0448 5332 System windows directory: C:\Windows
19:56:18.0448 5332 Processor architecture: Intel x86
19:56:18.0448 5332 Number of processors: 2
19:56:18.0448 5332 Page size: 0x1000
19:56:18.0448 5332 Boot type: Normal boot
19:56:18.0448 5332 ============================================================
19:56:19.0945 5332 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:56:19.0945 5332 ============================================================
19:56:19.0945 5332 \Device\Harddisk0\DR0:
19:56:19.0945 5332 MBR partitions:
19:56:19.0945 5332 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1770000
19:56:19.0945 5332 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1770D7A, BlocksNum 0x1D1C06C0
19:56:19.0977 5332 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1E931479, BlocksNum 0x1BA537C8
19:56:19.0977 5332 ============================================================
19:56:20.0039 5332 C: <-> \Device\Harddisk0\DR0\Partition2
19:56:20.0070 5332 D: <-> \Device\Harddisk0\DR0\Partition3
19:56:20.0164 5332 I: <-> \Device\Harddisk0\DR0\Partition1
19:56:20.0164 5332 ============================================================
19:56:20.0164 5332 Initialize success
19:56:20.0164 5332 ============================================================
19:56:23.0081 4100 ============================================================
19:56:23.0081 4100 Scan started
19:56:23.0081 4100 Mode: Manual;
19:56:23.0081 4100 ============================================================
19:56:24.0251 4100 ================ Scan system memory ========================
19:56:24.0251 4100 System memory - ok
19:56:24.0251 4100 ================ Scan services =============================
19:56:24.0485 4100 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
19:56:24.0485 4100 ACPI - ok
19:56:24.0625 4100 [ 1474F121C3DF1232D3E7239C03691EE6 ] AdobeActiveFileMonitor9.0 C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
19:56:24.0625 4100 AdobeActiveFileMonitor9.0 - ok
19:56:24.0688 4100 [ 9D96B0D5855FD1B98023B3EEC9F06786 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:56:24.0703 4100 AdobeFlashPlayerUpdateSvc - ok
19:56:24.0797 4100 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:56:24.0813 4100 adp94xx - ok
19:56:24.0844 4100 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:56:24.0844 4100 adpahci - ok
19:56:24.0906 4100 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
19:56:24.0906 4100 adpu160m - ok
19:56:24.0922 4100 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:56:24.0922 4100 adpu320 - ok
19:56:25.0000 4100 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:56:25.0000 4100 AeLookupSvc - ok
19:56:25.0078 4100 [ A201207363AA900ABF1A388468688570 ] AFD C:\Windows\system32\drivers\afd.sys
19:56:25.0078 4100 AFD - ok
19:56:25.0140 4100 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:56:25.0140 4100 agp440 - ok
19:56:25.0187 4100 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
19:56:25.0187 4100 aic78xx - ok
19:56:25.0203 4100 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
19:56:25.0203 4100 ALG - ok
19:56:25.0234 4100 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
19:56:25.0234 4100 aliide - ok
19:56:25.0249 4100 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
19:56:25.0249 4100 amdagp - ok
19:56:25.0281 4100 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
19:56:25.0281 4100 amdide - ok
19:56:25.0296 4100 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
19:56:25.0296 4100 AmdK7 - ok
19:56:25.0327 4100 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:56:25.0327 4100 AmdK8 - ok
19:56:25.0390 4100 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
19:56:25.0390 4100 Appinfo - ok
19:56:25.0437 4100 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
19:56:25.0437 4100 arc - ok
19:56:25.0468 4100 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:56:25.0483 4100 arcsas - ok
19:56:25.0561 4100 [ 5A055A4777CBBC8845DD598CB2EEBF69 ] ASLDRService C:\Program Files\ATK Hotkey\ASLDRSrv.exe
19:56:25.0561 4100 ASLDRService - ok
19:56:25.0639 4100 [ 6F1505608202BBD179095A6A150D103F ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
19:56:25.0639 4100 aswMonFlt - ok
19:56:25.0686 4100 [ B269C41DF93EFF71DF0986BD982D1C46 ] aswRdr C:\Windows\system32\drivers\aswRdr.sys
19:56:25.0686 4100 aswRdr - ok
19:56:25.0733 4100 [ F385467DF95D0A73775CB3B076B8B969 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
19:56:25.0733 4100 aswRvrt - ok
19:56:25.0780 4100 [ 0F639D0526820BA7872C963813E0EB8D ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
19:56:25.0795 4100 aswSnx - ok
19:56:25.0842 4100 [ 7BA7543EA7936A7ADA615F6DE7C95494 ] aswSP C:\Windows\system32\drivers\aswSP.sys
19:56:25.0842 4100 aswSP - ok
19:56:25.0889 4100 [ 875D2B1054F2ECD8F575D6CBE78DD7BA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
19:56:25.0889 4100 aswTdi - ok
19:56:25.0936 4100 [ 1B0662514A68C3A42E60D240C5ABEF28 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
19:56:25.0936 4100 aswVmm - ok
19:56:25.0967 4100 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:56:25.0967 4100 AsyncMac - ok
19:56:26.0154 4100 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
19:56:26.0154 4100 atapi - ok
19:56:26.0341 4100 [ 11A2F8D47E6208A6F68711AACDEDBD48 ] athr C:\Windows\system32\DRIVERS\athr.sys
19:56:26.0513 4100 athr - ok
19:56:26.0560 4100 [ B8D7C3CD847E4ACA2ECF9A69FCC52749 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
19:56:26.0575 4100 Ati External Event Utility - ok
19:56:26.0731 4100 [ E1696E95447C87DE1E37E854DB91028C ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:56:26.0778 4100 atikmdag - ok
19:56:26.0841 4100 [ 72BC628AF75C4C3250F2A3BAC260265A ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
19:56:26.0841 4100 atksgt - ok
19:56:26.0919 4100 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:56:26.0919 4100 AudioEndpointBuilder - ok
19:56:26.0934 4100 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
19:56:26.0934 4100 Audiosrv - ok
19:56:27.0059 4100 [ D74884939D53612FD84AC82C59CCFE27 ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
19:56:27.0059 4100 avast! Antivirus - ok
19:56:27.0137 4100 [ 59629EDD214C35A01E2527AC3B8A7FB3 ] Axtmvflt C:\Windows\system32\DRIVERS\Axtmvflt.sys
19:56:27.0137 4100 Axtmvflt - ok
19:56:27.0168 4100 [ 37E23B1756ECA768656097F72C0B458D ] Axtmvmdm C:\Windows\system32\DRIVERS\Axtmvmdm.sys
19:56:27.0168 4100 Axtmvmdm - ok
19:56:27.0262 4100 [ 2C7170BE24EACC0B432EB1832FEE0DDC ] Axtmvprt C:\Windows\system32\Drivers\Axtmvprt.sys
19:56:27.0262 4100 Axtmvprt - ok
19:56:27.0340 4100 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
19:56:27.0340 4100 Beep - ok
19:56:27.0402 4100 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
19:56:27.0418 4100 BFE - ok
19:56:27.0511 4100 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll
19:56:27.0589 4100 BITS - ok
19:56:27.0652 4100 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
19:56:27.0652 4100 blbdrive - ok
19:56:27.0667 4100 [ 74B442B2BE1260B7588C136177CEAC66 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:56:27.0667 4100 bowser - ok
19:56:27.0714 4100 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
19:56:27.0714 4100 BrFiltLo - ok
19:56:27.0777 4100 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
19:56:27.0777 4100 BrFiltUp - ok
19:56:27.0823 4100 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
19:56:27.0839 4100 Browser - ok
19:56:27.0855 4100 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
19:56:27.0855 4100 Brserid - ok
19:56:27.0855 4100 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
19:56:27.0870 4100 BrSerWdm - ok
19:56:27.0886 4100 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
19:56:27.0886 4100 BrUsbMdm - ok
19:56:27.0886 4100 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
19:56:27.0901 4100 BrUsbSer - ok
19:56:27.0948 4100 [ 6D39C954799B63BA866910234CF7D726 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
19:56:27.0964 4100 BthEnum - ok
19:56:28.0011 4100 [ 9A966A8E86D1771911AE34A20D11BFF3 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:56:28.0011 4100 BTHMODEM - ok
19:56:28.0057 4100 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
19:56:28.0057 4100 BthPan - ok
19:56:28.0089 4100 [ 5A3ABAA2F8EECE7AEFB942773766E3DB ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
19:56:28.0104 4100 BTHPORT - ok
19:56:28.0151 4100 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll
19:56:28.0167 4100 BthServ - ok
19:56:28.0245 4100 [ 94E2941280E3756A5E0BCB467865C43A ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
19:56:28.0245 4100 BTHUSB - ok
19:56:28.0291 4100 [ 7E826BE3B3558208D5C9B00034E51BE5 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
19:56:28.0291 4100 btwaudio - ok
19:56:28.0385 4100 [ AF9148C3E844131AC954CB53FF43D971 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
19:56:28.0385 4100 btwavdt - ok
19:56:28.0572 4100 [ 0E3EE2BC0EC56BFE869FCDE3E5806684 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
19:56:28.0588 4100 btwdins - ok
19:56:28.0619 4100 [ AAFD7CB76BA61FBB08E302DA208C974A ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
19:56:28.0619 4100 btwl2cap - ok
19:56:28.0681 4100 [ 480B3D195854B2E55299CDDDDC50BCF9 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
19:56:28.0681 4100 btwrchid - ok
19:56:28.0931 4100 catchme - ok
19:56:28.0978 4100 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:56:28.0993 4100 cdfs - ok
19:56:29.0009 4100 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:56:29.0009 4100 cdrom - ok
19:56:29.0071 4100 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
19:56:29.0071 4100 CertPropSvc - ok
19:56:29.0087 4100 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
19:56:29.0103 4100 circlass - ok
19:56:29.0181 4100 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
19:56:29.0196 4100 CLFS - ok
19:56:29.0383 4100 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:56:29.0383 4100 clr_optimization_v2.0.50727_32 - ok
19:56:29.0555 4100 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:56:29.0555 4100 clr_optimization_v4.0.30319_32 - ok
19:56:29.0617 4100 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:56:29.0617 4100 CmBatt - ok
19:56:29.0680 4100 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:56:29.0680 4100 cmdide - ok
19:56:29.0727 4100 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:56:29.0727 4100 Compbatt - ok
19:56:29.0742 4100 COMSysApp - ok
19:56:29.0758 4100 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:56:29.0758 4100 crcdisk - ok
19:56:29.0789 4100 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
19:56:29.0789 4100 Crusoe - ok
19:56:29.0836 4100 [ FB27772BEAF8E1D28CCD825C09DA939B ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:56:29.0851 4100 CryptSvc - ok
19:56:29.0929 4100 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:56:29.0929 4100 DcomLaunch - ok
19:56:29.0992 4100 [ 218D8AE46C88E82014F5D73D0236D9B2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:56:29.0992 4100 DfsC - ok
19:56:30.0195 4100 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
19:56:30.0226 4100 DFSR - ok
19:56:30.0304 4100 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
19:56:30.0319 4100 Dhcp - ok
19:56:30.0366 4100 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
19:56:30.0366 4100 disk - ok
19:56:30.0413 4100 [ 30A08728740E71947AE1E073B5CE69B4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:56:30.0413 4100 Dnscache - ok
19:56:30.0444 4100 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:56:30.0444 4100 dot3svc - ok
19:56:30.0475 4100 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
19:56:30.0475 4100 DPS - ok
19:56:30.0538 4100 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:56:30.0538 4100 drmkaud - ok
19:56:30.0600 4100 [ 5C7E2097B91D689DED7A6FF90F0F3A25 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:56:30.0616 4100 DXGKrnl - ok
19:56:30.0663 4100 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
19:56:30.0663 4100 E1G60 - ok
19:56:30.0787 4100 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
19:56:30.0803 4100 EapHost - ok
19:56:30.0881 4100 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
19:56:30.0897 4100 Ecache - ok
19:56:31.0021 4100 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:56:31.0021 4100 ehRecvr - ok
19:56:31.0037 4100 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
19:56:31.0053 4100 ehSched - ok
19:56:31.0068 4100 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
19:56:31.0068 4100 ehstart - ok
19:56:31.0099 4100 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:56:31.0099 4100 elxstor - ok
19:56:31.0193 4100 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
19:56:31.0209 4100 EMDMgmt - ok
19:56:31.0645 4100 [ A85679BC541F3530D5B06D0A4FAA1512 ] ergonomic_firebird C:\Program Files\Ergonomic Soft\Ergonomic Setup Center\firebird\bin\fbserver.exe
19:56:31.0661 4100 ergonomic_firebird - ok
19:56:31.0739 4100 [ A81AB23EDDB4693612014D87367D014C ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:56:31.0739 4100 ErrDev - ok
19:56:31.0895 4100 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
19:56:31.0895 4100 EventSystem - ok
19:56:31.0957 4100 [ 898AD7D508F6ADE242D94752E09F4152 ] EverestDriver C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt
19:56:31.0957 4100 EverestDriver - ok
19:56:32.0176 4100 [ 4B36D96340200512C7974307D0F7D8B3 ] ewusbnet C:\Windows\system32\DRIVERS\ewusbnet.sys
19:56:32.0191 4100 ewusbnet - ok
19:56:32.0269 4100 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
19:56:32.0269 4100 exfat - ok
19:56:32.0363 4100 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:56:32.0363 4100 fastfat - ok
19:56:32.0425 4100 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:56:32.0425 4100 fdc - ok
19:56:32.0472 4100 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
19:56:32.0488 4100 fdPHost - ok
19:56:32.0488 4100 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
19:56:32.0488 4100 FDResPub - ok
19:56:32.0535 4100 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:56:32.0535 4100 FileInfo - ok
19:56:32.0550 4100 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:56:32.0566 4100 Filetrace - ok
19:56:32.0737 4100 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:56:32.0737 4100 FLEXnet Licensing Service - ok
19:56:32.0815 4100 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:56:32.0815 4100 flpydisk - ok
19:56:32.0878 4100 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:56:32.0878 4100 FltMgr - ok
19:56:32.0971 4100 [ D96CCB0F24EF05B35DDA3727BAA5807F ] FontCache C:\Windows\system32\FntCache.dll
19:56:33.0018 4100 FontCache - ok
19:56:33.0112 4100 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:56:33.0112 4100 FontCache3.0.0.0 - ok
19:56:33.0190 4100 [ 65EA8B77B5851854F0C55C43FA51A198 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:56:33.0190 4100 Fs_Rec - ok
19:56:33.0221 4100 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:56:33.0221 4100 gagp30kx - ok
19:56:33.0315 4100 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
19:56:33.0346 4100 gpsvc - ok
19:56:33.0455 4100 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
19:56:33.0455 4100 gupdate - ok
19:56:33.0486 4100 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
19:56:33.0502 4100 gupdatem - ok
19:56:33.0595 4100 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
19:56:33.0595 4100 gusvc - ok
19:56:33.0689 4100 [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:56:33.0689 4100 HdAudAddService - ok
19:56:33.0783 4100 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:56:33.0783 4100 HDAudBus - ok
19:56:33.0798 4100 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:56:33.0798 4100 HidBth - ok
19:56:33.0829 4100 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
19:56:33.0829 4100 HidIr - ok
19:56:33.0892 4100 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
19:56:33.0907 4100 hidserv - ok
19:56:33.0939 4100 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:56:33.0939 4100 HidUsb - ok
19:56:33.0954 4100 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:56:33.0954 4100 hkmsvc - ok
19:56:33.0970 4100 [ 7EBEC5EB56B90ED65A8BBD91464E5CFB ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
19:56:33.0970 4100 HpCISSs - ok
19:56:34.0063 4100 [ ABBC72793F1C588B1A7DB0CAC69A4FE8 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:56:34.0063 4100 HTTP - ok
19:56:34.0141 4100 [ 1FC7A63148E4F2BD831DAB0DC732026D ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
19:56:34.0141 4100 hwdatacard - ok
19:56:34.0204 4100 [ A259D3619AA23D4562581067F85E2006 ] hwusbdev C:\Windows\system32\DRIVERS\ewusbdev.sys
19:56:34.0204 4100 hwusbdev - ok
19:56:34.0266 4100 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
19:56:34.0266 4100 i2omp - ok
19:56:34.0329 4100 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:56:34.0329 4100 i8042prt - ok
19:56:34.0391 4100 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
19:56:34.0391 4100 iaStorV - ok
19:56:34.0594 4100 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:56:34.0594 4100 idsvc - ok
19:56:34.0656 4100 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:56:34.0656 4100 iirsp - ok
19:56:34.0765 4100 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
19:56:34.0781 4100 IKEEXT - ok
19:56:35.0015 4100 [ 0DBEF9CD5A2CD71240DD5AFCEE56D073 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
19:56:35.0046 4100 IntcAzAudAddService - ok
19:56:35.0109 4100 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
19:56:35.0109 4100 intelide - ok
19:56:35.0140 4100 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:56:35.0140 4100 intelppm - ok
19:56:35.0187 4100 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:56:35.0202 4100 IPBusEnum - ok
19:56:35.0218 4100 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:56:35.0218 4100 IpFilterDriver - ok
19:56:35.0249 4100 [ 7F83B06A929A981BC001B2EA304D2036 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:56:35.0265 4100 iphlpsvc - ok
19:56:35.0280 4100 IpInIp - ok
19:56:35.0296 4100 [ 4B9C0F4D4A3ACC535F9771039ECD6365 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
19:56:35.0296 4100 IPMIDRV - ok
19:56:35.0327 4100 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
19:56:35.0327 4100 IPNAT - ok
19:56:35.0389 4100 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:56:35.0389 4100 IRENUM - ok
19:56:35.0405 4100 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:56:35.0405 4100 isapnp - ok
19:56:35.0483 4100 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
19:56:35.0483 4100 iScsiPrt - ok
19:56:35.0514 4100 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
19:56:35.0514 4100 iteatapi - ok
19:56:35.0545 4100 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
19:56:35.0545 4100 iteraid - ok
19:56:35.0561 4100 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:56:35.0561 4100 kbdclass - ok
19:56:35.0592 4100 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:56:35.0592 4100 kbdhid - ok
19:56:35.0655 4100 [ DCF733788C7D088D814E5F80EB4B3E0F ] KeyIso C:\Windows\system32\lsass.exe
19:56:35.0655 4100 KeyIso - ok
19:56:35.0701 4100 [ EA7F1D605518486269F45BD80FA00907 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:56:35.0717 4100 KSecDD - ok
19:56:35.0779 4100 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
19:56:35.0811 4100 KtmRm - ok
19:56:35.0889 4100 [ 43446F197C74EF2030F84B3A4F39D570 ] LanmanServer C:\Windows\System32\srvsvc.dll
19:56:35.0889 4100 LanmanServer - ok
19:56:35.0904 4100 [ DEC1A338B86C5D582C25C40836DD76C3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:56:35.0920 4100 LanmanWorkstation - ok
19:56:35.0967 4100 [ 4127E8B6DDB4090E815C1F8852C277D3 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
19:56:35.0982 4100 lirsgt - ok
19:56:36.0029 4100 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:56:36.0029 4100 lltdio - ok
19:56:36.0091 4100 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:56:36.0107 4100 lltdsvc - ok
19:56:36.0123 4100 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:56:36.0138 4100 lmhosts - ok
19:56:36.0201 4100 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:56:36.0201 4100 LSI_FC - ok
19:56:36.0232 4100 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:56:36.0232 4100 LSI_SAS - ok
19:56:36.0247 4100 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:56:36.0247 4100 LSI_SCSI - ok
19:56:36.0325 4100 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
19:56:36.0325 4100 luafv - ok
19:56:36.0372 4100 [ A3E700D78EEC390F1208098CDCA5C6B6 ] MarvinBus C:\Windows\system32\DRIVERS\MarvinBus.sys
19:56:36.0372 4100 MarvinBus - ok
19:56:36.0403 4100 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
19:56:36.0403 4100 MBAMProtector - ok
19:56:36.0481 4100 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
19:56:36.0497 4100 MBAMScheduler - ok
19:56:36.0622 4100 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
19:56:36.0622 4100 MBAMService - ok
19:56:36.0715 4100 [ D77A5C1FEE2F46170F52FC13F9C8F0E9 ] MbnExt C:\Program Files\T-Mobile\T-Mobile Internet Manager\MbnExt.dll
19:56:36.0731 4100 MbnExt - ok
19:56:36.0793 4100 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:56:36.0809 4100 Mcx2Svc - ok
19:56:36.0871 4100 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
19:56:36.0871 4100 megasas - ok
19:56:37.0137 4100 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
19:56:37.0137 4100 MegaSR - ok
19:56:37.0199 4100 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
19:56:37.0215 4100 MMCSS - ok
19:56:37.0230 4100 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
19:56:37.0230 4100 Modem - ok
19:56:37.0261 4100 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:56:37.0261 4100 monitor - ok
19:56:37.0293 4100 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:56:37.0293 4100 mouclass - ok
19:56:37.0324 4100 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:56:37.0324 4100 mouhid - ok
19:56:37.0371 4100 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
19:56:37.0371 4100 MountMgr - ok
19:56:37.0449 4100 [ 96AA8BA23142CC8E2B30F3CAE0C80254 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:56:37.0449 4100 MozillaMaintenance - ok
19:56:37.0464 4100 [ 5DA347912FD3AF24D7BFB3DE519D4BD0 ] mpio C:\Windows\system32\drivers\mpio.sys
19:56:37.0464 4100 mpio - ok
19:56:37.0558 4100 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:56:37.0558 4100 mpsdrv - ok
19:56:37.0620 4100 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
19:56:37.0620 4100 MpsSvc - ok
19:56:37.0667 4100 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
19:56:37.0667 4100 Mraid35x - ok
19:56:37.0683 4100 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:56:37.0683 4100 MRxDAV - ok
19:56:37.0729 4100 [ 317EB668973951BAD512EE8BEBF9ED25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:56:37.0729 4100 mrxsmb - ok
19:56:37.0776 4100 [ 05716F0203B5C774A87384A1FF7B968F ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:56:37.0776 4100 mrxsmb10 - ok
19:56:37.0776 4100 [ C70C50D101B92B45C42BA11EA9FE6CD1 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:56:37.0776 4100 mrxsmb20 - ok
19:56:37.0807 4100 [ 5457DCFA7C0DA43522F4D9D4049C1472 ] msahci C:\Windows\system32\drivers\msahci.sys
19:56:37.0807 4100 msahci - ok
19:56:37.0823 4100 [ 2C563AEF15B8D0014C36C5F27742AC7B ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:56:37.0823 4100 msdsm - ok
19:56:37.0885 4100 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
19:56:37.0885 4100 MSDTC - ok
19:56:37.0932 4100 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:56:37.0932 4100 Msfs - ok
19:56:37.0948 4100 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:56:37.0948 4100 msisadrv - ok
19:56:38.0010 4100 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:56:38.0026 4100 MSiSCSI - ok
19:56:38.0073 4100 msiserver - ok
19:56:38.0104 4100 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:56:38.0104 4100 MSKSSRV - ok
19:56:38.0151 4100 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:56:38.0151 4100 MSPCLOCK - ok
19:56:38.0166 4100 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:56:38.0166 4100 MSPQM - ok
19:56:38.0182 4100 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:56:38.0182 4100 MsRPC - ok
19:56:38.0197 4100 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:56:38.0213 4100 mssmbios - ok
19:56:38.0244 4100 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:56:38.0244 4100 MSTEE - ok
19:56:38.0307 4100 [ 97AFFA9D95FFE20EEE6229BC6BE166CF ] MTsensor C:\Windows\system32\DRIVERS\ATKACPI.sys
19:56:38.0307 4100 MTsensor - ok
19:56:38.0385 4100 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
19:56:38.0400 4100 Mup - ok
19:56:38.0478 4100 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
19:56:38.0494 4100 napagent - ok
19:56:38.0572 4100 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:56:38.0572 4100 NativeWifiP - ok
19:56:38.0619 4100 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:56:38.0634 4100 NDIS - ok
19:56:38.0650 4100 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:56:38.0650 4100 NdisTapi - ok
19:56:38.0665 4100 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:56:38.0665 4100 Ndisuio - ok
19:56:38.0728 4100 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:56:38.0728 4100 NdisWan - ok
19:56:38.0743 4100 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:56:38.0759 4100 NDProxy - ok

[DiTecka]

19:56:38.0775 4100 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:56:38.0775 4100 NetBIOS - ok
19:56:38.0837 4100 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
19:56:38.0837 4100 netbt - ok
19:56:38.0853 4100 [ DCF733788C7D088D814E5F80EB4B3E0F ] Netlogon C:\Windows\system32\lsass.exe
19:56:38.0853 4100 Netlogon - ok
19:56:38.0899 4100 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
19:56:38.0915 4100 Netman - ok
19:56:38.0931 4100 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
19:56:38.0931 4100 netprofm - ok
19:56:38.0993 4100 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:56:38.0993 4100 NetTcpPortSharing - ok
19:56:39.0040 4100 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:56:39.0040 4100 nfrd960 - ok
19:56:39.0055 4100 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:56:39.0055 4100 NlaSvc - ok
19:56:39.0133 4100 [ B1EF4686961986DFFB7FE8F18E6FCB5B ] nlsX86cc C:\Windows\system32\nlssrv32.exe
19:56:39.0149 4100 nlsX86cc - ok
19:56:39.0227 4100 [ F6C40E0A565EE3CE5AEEB325E10054F2 ] nmwcd C:\Windows\system32\drivers\ccdcmb.sys
19:56:39.0243 4100 nmwcd - ok
19:56:39.0289 4100 [ 2A394E9E1FA3565E4B2FEA470FFE4D6B ] nmwcdc C:\Windows\system32\drivers\ccdcmbo.sys
19:56:39.0289 4100 nmwcdc - ok
19:56:39.0352 4100 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:56:39.0352 4100 Npfs - ok
19:56:39.0399 4100 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
19:56:39.0399 4100 nsi - ok
19:56:39.0414 4100 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:56:39.0414 4100 nsiproxy - ok
19:56:39.0492 4100 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:56:39.0508 4100 Ntfs - ok
19:56:39.0523 4100 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
19:56:39.0523 4100 ntrigdigi - ok
19:56:39.0586 4100 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
19:56:39.0586 4100 Null - ok
19:56:39.0601 4100 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:56:39.0601 4100 nvraid - ok
19:56:39.0617 4100 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:56:39.0617 4100 nvstor - ok
19:56:39.0648 4100 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:56:39.0648 4100 nv_agp - ok
19:56:39.0648 4100 NwlnkFlt - ok
19:56:39.0664 4100 NwlnkFwd - ok
19:56:39.0679 4100 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:56:39.0679 4100 ohci1394 - ok
19:56:39.0711 4100 [ F4CB9C1991314B1352DDBD8A968E4471 ] OlyCamComm C:\Windows\system32\DRIVERS\OlyCamComm.sys
19:56:39.0711 4100 OlyCamComm - ok
19:56:39.0773 4100 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
19:56:39.0804 4100 p2pimsvc - ok
19:56:39.0835 4100 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
19:56:39.0835 4100 p2psvc - ok
19:56:39.0898 4100 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
19:56:39.0898 4100 Parport - ok
19:56:39.0913 4100 [ 57389FA59A36D96B3EB09D0CB91E9CDC ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:56:39.0929 4100 partmgr - ok
19:56:39.0945 4100 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
19:56:39.0945 4100 Parvdm - ok
19:56:39.0960 4100 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
19:56:39.0960 4100 PcaSvc - ok
19:56:40.0023 4100 [ F451DCACBAA67F3307305EBD4A39EA07 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
19:56:40.0023 4100 pccsmcfd - ok
19:56:40.0069 4100 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
19:56:40.0069 4100 pci - ok
19:56:40.0085 4100 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys
19:56:40.0085 4100 pciide - ok
19:56:40.0116 4100 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:56:40.0116 4100 pcmcia - ok
19:56:40.0147 4100 [ 5B6C11DE7E839C05248CED8825470FEF ] pcouffin C:\Windows\system32\Drivers\pcouffin.sys
19:56:40.0147 4100 pcouffin - ok
19:56:40.0225 4100 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:56:40.0225 4100 PEAUTH - ok
19:56:40.0319 4100 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
19:56:40.0366 4100 pla - ok
19:56:40.0444 4100 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:56:40.0459 4100 PlugPlay - ok
19:56:40.0475 4100 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
19:56:40.0491 4100 PNRPAutoReg - ok
19:56:40.0506 4100 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
19:56:40.0522 4100 PNRPsvc - ok
19:56:40.0569 4100 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:56:40.0584 4100 PolicyAgent - ok
19:56:40.0631 4100 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:56:40.0631 4100 PptpMiniport - ok
19:56:40.0647 4100 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
19:56:40.0662 4100 Processor - ok
19:56:40.0709 4100 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
19:56:40.0709 4100 ProfSvc - ok
19:56:40.0787 4100 [ DCF733788C7D088D814E5F80EB4B3E0F ] ProtectedStorage C:\Windows\system32\lsass.exe
19:56:40.0787 4100 ProtectedStorage - ok
19:56:40.0803 4100 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
19:56:40.0803 4100 PSched - ok
19:56:40.0865 4100 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
19:56:40.0865 4100 PxHelp20 - ok
19:56:40.0943 4100 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:56:40.0943 4100 ql2300 - ok
19:56:40.0959 4100 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:56:40.0959 4100 ql40xx - ok
19:56:41.0021 4100 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
19:56:41.0037 4100 QWAVE - ok
19:56:41.0037 4100 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:56:41.0052 4100 QWAVEdrv - ok
19:56:41.0115 4100 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:56:41.0115 4100 RasAcd - ok
19:56:41.0146 4100 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
19:56:41.0146 4100 RasAuto - ok
19:56:41.0161 4100 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:56:41.0161 4100 Rasl2tp - ok
19:56:41.0177 4100 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
19:56:41.0193 4100 RasMan - ok
19:56:41.0208 4100 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:56:41.0208 4100 RasPppoe - ok
19:56:41.0271 4100 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:56:41.0271 4100 RasSstp - ok
19:56:41.0286 4100 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:56:41.0286 4100 rdbss - ok
19:56:41.0317 4100 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:56:41.0317 4100 RDPCDD - ok
19:56:41.0349 4100 [ 943B18305EAE3935598A9B4A3D560B4C ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
19:56:41.0349 4100 rdpdr - ok
19:56:41.0395 4100 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:56:41.0395 4100 RDPENCDD - ok
19:56:41.0427 4100 [ 30BFBDFB7F95559EDE971F9DDB9A00BA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:56:41.0427 4100 RDPWD - ok
19:56:41.0489 4100 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:56:41.0489 4100 RemoteAccess - ok
19:56:41.0536 4100 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:56:41.0551 4100 RemoteRegistry - ok
19:56:41.0583 4100 [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
19:56:41.0583 4100 RFCOMM - ok
19:56:41.0614 4100 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
19:56:41.0614 4100 RpcLocator - ok
19:56:41.0629 4100 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
19:56:41.0645 4100 RpcSs - ok
19:56:41.0692 4100 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:56:41.0692 4100 rspndr - ok
19:56:41.0739 4100 [ E38B785802C666782D2880738D01AC10 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIV.sys
19:56:41.0739 4100 RTHDMIAzAudService - ok
19:56:41.0739 4100 [ DCF733788C7D088D814E5F80EB4B3E0F ] SamSs C:\Windows\system32\lsass.exe
19:56:41.0754 4100 SamSs - ok
19:56:41.0770 4100 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:56:41.0770 4100 sbp2port - ok
19:56:41.0817 4100 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:56:41.0817 4100 SCardSvr - ok
19:56:41.0863 4100 [ 20B2751CD4C8F3FD989739CA661B9F30 ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
19:56:41.0863 4100 SCDEmu - ok
19:56:41.0926 4100 [ 323AE0BDFD2EB15B668DDA50CC597329 ] Schedule C:\Windows\system32\schedsvc.dll
19:56:41.0941 4100 Schedule - ok
19:56:41.0957 4100 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:56:41.0973 4100 SCPolicySvc - ok
19:56:41.0988 4100 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:56:41.0988 4100 SDRSVC - ok
19:56:42.0004 4100 secdrv - ok
19:56:42.0035 4100 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
19:56:42.0066 4100 seclogon - ok
19:56:42.0082 4100 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
19:56:42.0082 4100 SENS - ok
19:56:42.0097 4100 Serenum - ok
19:56:42.0144 4100 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
19:56:42.0144 4100 Serial - ok
19:56:42.0160 4100 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:56:42.0160 4100 sermouse - ok
19:56:42.0238 4100 [ C3BB6CF8F9EE199005A2AAE2815AD756 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
19:56:42.0238 4100 ServiceLayer - ok
19:56:42.0316 4100 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
19:56:42.0316 4100 SessionEnv - ok
19:56:42.0363 4100 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:56:42.0363 4100 sffdisk - ok
19:56:42.0378 4100 [ E5EAFE85815BD89095FEF3144A09AB68 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:56:42.0378 4100 sffp_mmc - ok
19:56:42.0394 4100 [ 9F66A46C55D6F1CCABC79BB7AFCCC545 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:56:42.0394 4100 sffp_sd - ok
19:56:42.0409 4100 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:56:42.0409 4100 sfloppy - ok
19:56:42.0487 4100 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:56:42.0503 4100 SharedAccess - ok
19:56:42.0581 4100 [ C818C44C201898399BF999BB6B35D4E3 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:56:42.0597 4100 ShellHWDetection - ok
19:56:42.0643 4100 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
19:56:42.0643 4100 sisagp - ok
19:56:42.0690 4100 [ F7DA61BD62A16510227656C3477E2B52 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSGB6.sys
19:56:42.0690 4100 SiSGbeLH - ok
19:56:42.0706 4100 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
19:56:42.0706 4100 SiSRaid2 - ok
19:56:42.0737 4100 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:56:42.0737 4100 SiSRaid4 - ok
19:56:42.0831 4100 [ 50D9949020E02B847CD48F1243FCB895 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
19:56:42.0831 4100 SkypeUpdate - ok
19:56:42.0955 4100 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
19:56:43.0002 4100 slsvc - ok
19:56:43.0049 4100 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
19:56:43.0049 4100 SLUINotify - ok
19:56:43.0111 4100 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:56:43.0111 4100 Smb - ok
19:56:43.0158 4100 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:56:43.0158 4100 SNMPTRAP - ok
19:56:43.0252 4100 [ 03210C439D0C1224EB36865C8010DAB6 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
19:56:43.0283 4100 SNP2UVC - ok
19:56:43.0330 4100 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
19:56:43.0330 4100 spldr - ok
19:56:43.0392 4100 [ 524BFBEA40E6E404737CCBC754647A2E ] Spooler C:\Windows\System32\spoolsv.exe
19:56:43.0408 4100 Spooler - ok
19:56:43.0470 4100 [ BAA6018A27857B5FF0C03CE756B4A7A2 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:56:43.0470 4100 srv - ok
19:56:43.0486 4100 [ D69B44E3B000C2FF583F10C65489B4FB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:56:43.0486 4100 srv2 - ok
19:56:43.0548 4100 [ 2D10DE9022822772ADAA120B15A9BD03 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:56:43.0548 4100 srvnet - ok
19:56:43.0595 4100 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:56:43.0595 4100 SSDPSRV - ok
19:56:43.0626 4100 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:56:43.0626 4100 SstpSvc - ok
19:56:43.0657 4100 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
19:56:43.0673 4100 stisvc - ok
19:56:43.0751 4100 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:56:43.0751 4100 swenum - ok
19:56:43.0876 4100 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
19:56:43.0876 4100 SwitchBoard - ok
19:56:43.0938 4100 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
19:56:43.0954 4100 swprv - ok
19:56:43.0985 4100 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
19:56:43.0985 4100 Symc8xx - ok
19:56:44.0047 4100 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
19:56:44.0047 4100 Sym_hi - ok
19:56:44.0094 4100 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
19:56:44.0094 4100 Sym_u3 - ok
19:56:44.0157 4100 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
19:56:44.0188 4100 SysMain - ok
19:56:44.0203 4100 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:56:44.0219 4100 TabletInputService - ok
19:56:44.0250 4100 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:56:44.0266 4100 TapiSrv - ok
19:56:44.0297 4100 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
19:56:44.0297 4100 TBS - ok
19:56:44.0359 4100 [ 0E6B0885C3D5E4643ED2D043DE3433D8 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:56:44.0375 4100 Tcpip - ok
19:56:44.0406 4100 [ 0E6B0885C3D5E4643ED2D043DE3433D8 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
19:56:44.0422 4100 Tcpip6 - ok
19:56:44.0484 4100 [ B085A1C98F96BA7882A27B001BECF5AC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:56:44.0484 4100 tcpipreg - ok
19:56:44.0531 4100 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:56:44.0531 4100 TDPIPE - ok
19:56:44.0562 4100 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:56:44.0562 4100 TDTCP - ok
19:56:44.0609 4100 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:56:44.0609 4100 tdx - ok
19:56:44.0812 4100 [ 33966A658FF37E0C65D46E59F37E2380 ] TeamViewer7 C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
19:56:44.0843 4100 TeamViewer7 - ok
19:56:44.0890 4100 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:56:44.0890 4100 TermDD - ok
19:56:44.0937 4100 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
19:56:44.0952 4100 TermService - ok
19:56:44.0983 4100 [ C818C44C201898399BF999BB6B35D4E3 ] Themes C:\Windows\system32\shsvcs.dll
19:56:44.0983 4100 Themes - ok
19:56:44.0999 4100 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
19:56:45.0015 4100 THREADORDER - ok
19:56:45.0077 4100 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
19:56:45.0077 4100 TrkWks - ok
19:56:45.0155 4100 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:56:45.0155 4100 TrustedInstaller - ok
19:56:45.0186 4100 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:56:45.0186 4100 tssecsrv - ok
19:56:45.0249 4100 [ 1F855378A1FB733350F8531BB509179A ] TS_AR5416 C:\Windows\system32\DRIVERS\ts_athw.sys
19:56:45.0264 4100 TS_AR5416 - ok
19:56:45.0311 4100 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
19:56:45.0311 4100 tunmp - ok
19:56:45.0327 4100 [ 119B8184E106BAEDC83FCE5DDF3950DA ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:56:45.0327 4100 tunnel - ok
19:56:45.0358 4100 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:56:45.0358 4100 uagp35 - ok
19:56:45.0389 4100 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:56:45.0389 4100 udfs - ok
19:56:45.0451 4100 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:56:45.0467 4100 UI0Detect - ok
19:56:45.0529 4100 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:56:45.0529 4100 uliagpkx - ok
19:56:45.0545 4100 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
19:56:45.0545 4100 uliahci - ok
19:56:45.0576 4100 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
19:56:45.0576 4100 UlSata - ok
19:56:45.0592 4100 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
19:56:45.0592 4100 ulsata2 - ok
19:56:45.0623 4100 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:56:45.0623 4100 umbus - ok
19:56:45.0685 4100 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
19:56:45.0763 4100 upnphost - ok
19:56:45.0826 4100 [ 47F5F9D837D80FFD5882A14DB9DA0A67 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
19:56:45.0826 4100 upperdev - ok
19:56:45.0966 4100 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:56:45.0966 4100 usbccgp - ok
19:56:46.0029 4100 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:56:46.0029 4100 usbcir - ok
19:56:46.0044 4100 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:56:46.0044 4100 usbehci - ok
19:56:46.0075 4100 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:56:46.0075 4100 usbhub - ok
19:56:46.0091 4100 [ CE697FEE0D479290D89BEC80DFE793B7 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
19:56:46.0091 4100 usbohci - ok
19:56:46.0107 4100 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:56:46.0107 4100 usbprint - ok
19:56:46.0185 4100 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:56:46.0185 4100 usbscan - ok
19:56:46.0231 4100 [ D575246188F63DE0ACCF6EAC5FB59E6A ] usbser C:\Windows\system32\DRIVERS\usbser.sys
19:56:46.0231 4100 usbser - ok
19:56:46.0263 4100 [ E44F0D17BE0908B58DCC99CCB99C6C32 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
19:56:46.0263 4100 UsbserFilt - ok
19:56:46.0309 4100 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:56:46.0309 4100 USBSTOR - ok
19:56:46.0372 4100 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:56:46.0372 4100 usbuhci - ok
19:56:46.0387 4100 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
19:56:46.0387 4100 usbvideo - ok
19:56:46.0434 4100 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
19:56:46.0450 4100 UxSms - ok
19:56:46.0512 4100 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
19:56:46.0512 4100 vds - ok
19:56:46.0543 4100 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:56:46.0543 4100 vga - ok
19:56:46.0559 4100 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
19:56:46.0559 4100 VgaSave - ok
19:56:46.0575 4100 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
19:56:46.0575 4100 viaagp - ok
19:56:46.0590 4100 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
19:56:46.0590 4100 ViaC7 - ok
19:56:46.0606 4100 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
19:56:46.0621 4100 viaide - ok
19:56:46.0621 4100 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:56:46.0637 4100 volmgr - ok
19:56:46.0699 4100 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:56:46.0699 4100 volmgrx - ok
19:56:46.0715 4100 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:56:46.0715 4100 volsnap - ok
19:56:46.0746 4100 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:56:46.0746 4100 vsmraid - ok
19:56:46.0824 4100 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
19:56:46.0840 4100 VSS - ok
19:56:46.0887 4100 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
19:56:46.0918 4100 W32Time - ok
19:56:46.0933 4100 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:56:46.0933 4100 WacomPen - ok
19:56:46.0980 4100 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
19:56:46.0980 4100 Wanarp - ok
19:56:46.0996 4100 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:56:46.0996 4100 Wanarpv6 - ok
19:56:47.0058 4100 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:56:47.0058 4100 wcncsvc - ok
19:56:47.0089 4100 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:56:47.0105 4100 WcsPlugInService - ok
19:56:47.0167 4100 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
19:56:47.0167 4100 Wd - ok
19:56:47.0230 4100 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam.sys
19:56:47.0230 4100 WDC_SAM - ok
19:56:47.0386 4100 [ B5B84712111414DD1B14C2346E9868BE ] WDDriveService C:\Program Files\Western Digital\WD Drive Manager\WDDriveService.exe
19:56:47.0386 4100 WDDriveService - ok
19:56:47.0464 4100 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:56:47.0464 4100 Wdf01000 - ok
19:56:47.0526 4100 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:56:47.0542 4100 WdiServiceHost - ok
19:56:47.0557 4100 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:56:47.0557 4100 WdiSystemHost - ok
19:56:47.0589 4100 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
19:56:47.0589 4100 WebClient - ok
19:56:47.0604 4100 [ 905214925A88311FCE52F66153DE7610 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:56:47.0620 4100 Wecsvc - ok
19:56:47.0635 4100 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:56:47.0651 4100 wercplsupport - ok
19:56:47.0667 4100 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
19:56:47.0667 4100 WerSvc - ok
19:56:47.0823 4100 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
19:56:47.0838 4100 WinDefend - ok
19:56:47.0885 4100 WinHttpAutoProxySvc - ok
19:56:47.0994 4100 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:56:47.0994 4100 Winmgmt - ok
19:56:48.0088 4100 [ 01874D4689C212460FBABF0ECD7CB7F7 ] WinRM C:\Windows\system32\WsmSvc.dll
19:56:48.0135 4100 WinRM - ok
19:56:48.0228 4100 [ 766FDCF7E9AED0D0BEF8A36C27D0EF91 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:56:48.0259 4100 Wlansvc - ok
19:56:48.0306 4100 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:56:48.0322 4100 WmiAcpi - ok
19:56:48.0400 4100 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:56:48.0400 4100 wmiApSrv - ok
19:56:48.0556 4100 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
19:56:48.0571 4100 WMPNetworkSvc - ok
19:56:48.0634 4100 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:56:48.0649 4100 WPCSvc - ok
19:56:48.0712 4100 [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:56:48.0727 4100 WPDBusEnum - ok
19:56:48.0759 4100 [ 0CEC23084B51B8288099EB710224E955 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
19:56:48.0759 4100 WpdUsb - ok
19:56:48.0993 4100 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:56:49.0008 4100 WPFFontCache_v0400 - ok
19:56:49.0024 4100 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:56:49.0024 4100 ws2ifsl - ok
19:56:49.0086 4100 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
19:56:49.0102 4100 wscsvc - ok
19:56:49.0117 4100 WSearch - ok
19:56:49.0227 4100 [ 6298277B73C77FA99106B271A7525163 ] wuauserv C:\Windows\system32\wuaueng.dll
19:56:49.0289 4100 wuauserv - ok
19:56:49.0336 4100 [ 6F9B6C0C93232CFF47D0F72D6DB1D21E ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:56:49.0336 4100 WudfPf - ok
19:56:49.0414 4100 [ F91FF1E51FCA30B3C3981DB7D5924252 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:56:49.0414 4100 WUDFRd - ok
19:56:49.0492 4100 [ 2C0206FF8D2C75AC027D1096FA2FAFDA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:56:49.0492 4100 wudfsvc - ok
19:56:49.0554 4100 [ C2B6CC114CBE2656FD9C2D58CF9AABE1 ] XICTAMDM C:\Windows\system32\DRIVERS\XICTAMDM.sys
19:56:49.0554 4100 XICTAMDM - ok
19:56:49.0585 4100 [ 11C8EC7ECACFFFC05EDE3877FDE2E30A ] XICTANmea C:\Windows\system32\DRIVERS\XICTANmea.sys
19:56:49.0585 4100 XICTANmea - ok
19:56:49.0648 4100 [ 94E8F9062038FAFBD5A0583C36E8E655 ] XICTAVSP C:\Windows\system32\DRIVERS\XICTAVSP.sys
19:56:49.0648 4100 XICTAVSP - ok
19:56:49.0695 4100 ================ Scan global ===============================
19:56:49.0773 4100 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
19:56:49.0819 4100 [ 40864DA48A14EBC68A0D6BFD08BA21EB ] C:\Windows\system32\winsrv.dll
19:56:49.0835 4100 [ 40864DA48A14EBC68A0D6BFD08BA21EB ] C:\Windows\system32\winsrv.dll
19:56:49.0897 4100 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
19:56:49.0897 4100 [Global] - ok
19:56:49.0897 4100 ================ Scan MBR ==================================
19:56:49.0929 4100 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
19:56:50.0459 4100 \Device\Harddisk0\DR0 - ok
19:56:50.0459 4100 ================ Scan VBR ==================================
19:56:50.0568 4100 [ 7FC8BF7A23EEBFB1290CE1AA69F6263B ] \Device\Harddisk0\DR0\Partition1
19:56:50.0584 4100 \Device\Harddisk0\DR0\Partition1 - ok
19:56:50.0584 4100 [ 1DFEFC0A45166B12E4BA5B92D61EF062 ] \Device\Harddisk0\DR0\Partition2
19:56:50.0584 4100 \Device\Harddisk0\DR0\Partition2 - ok
19:56:50.0615 4100 [ CAB02284349D4415FD5072FF6E85E267 ] \Device\Harddisk0\DR0\Partition3
19:56:50.0615 4100 \Device\Harddisk0\DR0\Partition3 - ok
19:56:50.0615 4100 ============================================================
19:56:50.0615 4100 Scan finished
19:56:50.0615 4100 ============================================================
19:56:50.0631 1452 Detected object count: 0
19:56:50.0631 1452 Actual detected object count: 0
19:57:04.0546 3752 Deinitialize success

[DiTecka]

Znovu jsem to projela.... dala jsem smazat a háčky už zase píšu normálně...

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
http://www.malwarebytes.org

Verze: v2014.04.02.03

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.18975
DiTečka :: PC [administrátor]

Ochrana: Zakázána

2.4.2014 20:19:19
MBAM-log-2014-04-02 (20-30-52).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 230795
Uplynulý čas: 11 minut, 13 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|hiba.exe (Spyware.Zbot.VXGen) -> Data: C:\Users\DiTečka\AppData\Roaming\Eliqbe\hiba.exe -> Nebyla provedena žádná instrukce.

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 2
C:\Users\DiTečka\AppData\Roaming\Eliqbe\hiba.exe (Spyware.Zbot.VXGen) -> Nebyla provedena žádná instrukce.
C:\Users\DiTečka\AppData\Local\Temp\tmpe9f88679.exe (Spyware.Zbot.VXGen) -> Nebyla provedena žádná instrukce.

(konec)

[jaro3]

. spusť znovu MbAM a dej Scan
- po proběhnutí programu se ti objeví hláška tak klikni na OK a pak na tlačítko Ukaž výsledky
- ujisti se že máš zatrhnuté všechny vypsané nálezy a klikni na tlačítko Odstranit označené
- když skončí odstraňování tak se ti zobrazí log, tak ho sem dej.
- pak zvol v programu OK a pak program ukonči přes Exit
Můžeš sem pak vložit nový log z MbAM.

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

[DiTecka]

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org

Verze: v2014.04.03.02

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.18975
DiTečka :: PC [administrátor]

Ochrana: Zakázána

3.4.2014 10:20:41
mbam-log-2014-04-03 (10-20-41).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 230901
Uplynulý čas: 10 minut, 40 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

[DiTecka]

ComboFix 14-04-03.01 - DiTečka 03.04.2014 11:44:32.5.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3070.2103 [GMT 2:00]
Spuštěný z: c:\users\DiTečka\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\PFRO.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-03-03 do 2014-04-03 )))))))))))))))))))))))))))))))
.
.
2014-04-03 09:57 . 2014-04-03 09:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-04-03 07:27 . 2014-04-03 07:27 43152 ----a-w- c:\windows\avastSS.scr
2014-04-02 12:21 . 2014-04-02 18:52 -------- d-----w- c:\users\DiTečka\AppData\Roaming\Eliqbe
2014-04-02 12:15 . 2014-04-02 12:22 -------- d-----w- c:\users\DiTečka\AppData\Roaming\Edixv
2014-04-01 18:43 . 2014-04-01 18:43 -------- d-----w- c:\users\DiTečka\AppData\Local\ATI
2014-04-01 18:42 . 2014-04-01 18:42 -------- d-----w- c:\users\DiTečka\AppData\Local\Adobe
2014-04-01 18:37 . 2014-04-02 18:20 -------- d-----w- c:\users\DiTečka\AppData\Local\CrashDumps
2014-03-30 11:05 . 2014-04-03 09:27 5464 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2014-03-29 12:02 . 2014-03-29 12:02 -------- d-----w- c:\windows\ERUNT
2014-03-28 15:41 . 2014-03-29 12:36 -------- d-----w- c:\users\DiTečka\AppData\Roaming\Kevog
2014-03-28 15:37 . 2014-04-02 10:11 -------- d-----w- C:\AdwCleaner
2014-03-28 13:43 . 2014-03-28 13:43 388096 ----a-r- c:\users\DiTečka\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2014-03-28 13:43 . 2014-03-28 13:43 -------- d-----w- c:\program files\Trend Micro
2014-03-26 17:26 . 2014-03-28 14:26 -------- d-----w- c:\users\DiTečka\AppData\Roaming\Ydobg
2014-03-22 10:42 . 2014-03-22 10:42 -------- d-----w- c:\users\DiTečka\AppData\Local\Skype
2014-03-22 10:41 . 2014-03-22 10:41 -------- d-----w- c:\program files\Common Files\Skype
2014-03-14 12:09 . 2014-03-14 12:09 -------- d-----w- c:\program files\CELOT-Wireless
2014-03-14 12:09 . 2010-07-17 08:33 168024 ----a-w- c:\windows\system32\drivers\XICTAVSP.sys
2014-03-14 12:09 . 2010-07-17 08:33 168024 ----a-w- c:\windows\system32\drivers\XICTANmea.sys
2014-03-14 12:09 . 2010-07-17 08:33 168024 ----a-w- c:\windows\system32\drivers\XICTAMDM.sys
2014-03-14 12:09 . 2010-05-20 06:21 319456 ----a-w- c:\windows\system32\DIFxAPI.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-03 07:27 . 2014-01-05 19:38 180760 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-04-03 07:27 . 2014-01-05 19:38 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-04-03 07:27 . 2011-06-07 04:52 776976 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-04-03 07:27 . 2010-11-28 00:02 411552 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-04-03 07:27 . 2010-11-28 00:02 54832 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2014-04-03 07:27 . 2010-11-28 00:02 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2014-04-03 07:27 . 2010-11-28 00:02 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-04-03 07:27 . 2010-11-27 23:59 271264 ----a-w- c:\windows\system32\aswBoot.exe
2014-03-28 13:43 . 2014-03-28 13:43 388096 ----a-r- c:\users\DiTečka\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2014-03-28 13:43 . 2014-03-28 13:43 388096 ----a-r- c:\users\DiTečka\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2014-03-12 14:27 . 2012-09-01 10:05 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-03-12 14:27 . 2011-06-23 07:40 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2010-06-02 04:22 . 2010-06-02 04:22 89944 ----a-w- c:\program files\DSETUP.dll
2010-06-02 04:22 . 2010-06-02 04:22 537432 ----a-w- c:\program files\DXSETUP.exe
2010-06-02 04:22 . 2010-06-02 04:22 1801048 ----a-w- c:\program files\dsetup32.dll
2008-07-02 02:28 . 2008-07-02 02:28 61440 ----a-w- c:\program files\Common Files\CPInstallAction.dll
2012-08-13 18:39 . 2011-05-30 20:17 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-04-03 07:27 260976 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2012-06-26 1516632]
"T-Mobile CManager"="c:\program files\T-Mobile\T-Mobile Internet Manager\Manager.exe" [2013-10-31 2166552]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2014-02-10 20922016]
"Zoner Photo Studio Autoupdate"="c:\program files\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE" [2012-12-04 773728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControlUser"="c:\program files\ATK Hotkey\HcontrolUser.exe" [2008-01-11 98304]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMedia.exe" [2008-06-24 159744]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-12-13 11487848]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"Nástroj WD Drive Unlocker"="c:\program files\Western Digital\WD Security\WDDriveAutoUnlock.exe" [2012-09-06 1688008]
"CNAP2 Launcher"="c:\windows\system32\spool\DRIVERS\W32X86\3\CNAP2LAK.EXE" [2010-10-14 226784]
"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2014-04-03 3854640]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-10-2 795936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Users^DiTečka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk]
path=c:\users\DiTečka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
backup=c:\windows\pss\OpenOffice.org 3.2.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2012-04-04 04:09 446392 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FileServe Manager Task]
2011-09-02 16:11 954648 ----a-w- c:\program files\FileServe Manager\FSStarter.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
2012-01-10 17:36 1083264 ----a-w- c:\program files\Nokia\Nokia Suite\NokiaSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-04-11 13:18 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2014-02-10 16:46 20922016 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VueMinder]
2012-03-04 20:55 7970816 ----a-w- c:\program files\VueSoft\VueMinder\VueMinder.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebcamMaxAutoRun]
2011-07-17 04:56 1038848 ----a-w- c:\program files\WebcamMax\wcmmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
2012-12-04 16:20 773728 ----a-w- c:\program files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
.
S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-30 169408]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
bthsvcs REG_MULTI_SZ BthServ
MbnExt REG_MULTI_SZ MbnExt
.
Obsah adresáře 'Naplánované úlohy'
.
2014-04-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-01 14:27]
.
2014-04-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-27 23:35]
.
2014-04-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-27 23:35]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: Download with FileServe Manager - c:\program files\FileServe Manager\GetUrl.htm
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Převést cíl vazby do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files\ICQ7.7\ICQ.exe
FF - ProfilePath - c:\users\DiTečka\AppData\Roaming\Mozilla\Firefox\Profiles\csnhkzpq.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.lide.cz
FF - prefs.js: network.proxy.type - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-04-03 11:58
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\Services\EverestDriver]
"ImagePath"="\??\c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Celkový čas: 2014-04-03 12:01:47
ComboFix-quarantined-files.txt 2014-04-03 10:01
ComboFix2.txt 2014-03-31 09:21
.
Před spuštěním: 4 594 737 152
Po spuštění: 4 454 289 408
.
- - End Of File - - 78EB6EBA844F48B9D5CD8431E280C816
5C616939100B85E558DA92B899A0FC36

[Orcus]

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok).
Zkopíruj do něj následující celý text označený červeně:

ClearJavaCache::
KillAll::

File::
c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-01 14:27]
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Driver::
SkypeUpdate

FF::
FF - ProfilePath - c:\users\DiTečka\AppData\Roaming\Mozilla\Firefox\Profiles\csnhkzpq.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.lide.cz
FF - prefs.js: network.proxy.type - 0

RegLock::
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.



Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.


Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe
a když se oba soubory překryjí, skript upusť.


- Automaticky se spustí ComboFix, oprava může trvat i déle než 10 minut. ! Nech ComboFix dokončit svou práci !
- Vlož sem log, který vyběhne v závěru čistícího procesu

Upozornění : Může se stát, že po aplikaci skriptu a restartu počítače Windows nenaběhnou, pak znovu restartuj počítač, mačkej F8 a pak zvol poslední známou funkční konfiguraci.

[DiTecka]

ComboFix 14-04-03.01 - DiTečka 04.04.2014 10:03:02.6.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1250.420.1029.18.3070.1736 [GMT 2:00]
Spuštěný z: c:\users\DiTečka\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\DiTečka\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-01 14:27]"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
ADS - Windows: deleted 0 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_SkypeUpdate
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-03-04 do 2014-04-04 )))))))))))))))))))))))))))))))
.
.
2014-04-04 08:14 . 2014-04-04 08:16 -------- d-----w- c:\users\DiTečka\AppData\Local\temp
2014-04-04 08:14 . 2014-04-04 08:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-04-03 07:27 . 2014-04-03 07:27 43152 ----a-w- c:\windows\avastSS.scr
2014-04-02 12:21 . 2014-04-02 18:52 -------- d-----w- c:\users\DiTečka\AppData\Roaming\Eliqbe
2014-04-02 12:15 . 2014-04-02 12:22 -------- d-----w- c:\users\DiTečka\AppData\Roaming\Edixv
2014-04-01 18:43 . 2014-04-01 18:43 -------- d-----w- c:\users\DiTečka\AppData\Local\ATI
2014-04-01 18:42 . 2014-04-01 18:42 -------- d-----w- c:\users\DiTečka\AppData\Local\Adobe
2014-04-01 18:37 . 2014-04-02 18:20 -------- d-----w- c:\users\DiTečka\AppData\Local\CrashDumps
2014-03-30 11:05 . 2014-04-03 09:27 5464 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2014-03-29 12:02 . 2014-03-29 12:02 -------- d-----w- c:\windows\ERUNT
2014-03-28 15:41 . 2014-03-29 12:36 -------- d-----w- c:\users\DiTečka\AppData\Roaming\Kevog
2014-03-28 15:37 . 2014-04-02 10:11 -------- d-----w- C:\AdwCleaner
2014-03-28 13:43 . 2014-03-28 13:43 388096 ----a-r- c:\users\DiTečka\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2014-03-28 13:43 . 2014-03-28 13:43 -------- d-----w- c:\program files\Trend Micro
2014-03-26 17:26 . 2014-03-28 14:26 -------- d-----w- c:\users\DiTečka\AppData\Roaming\Ydobg
2014-03-22 10:42 . 2014-03-22 10:42 -------- d-----w- c:\users\DiTečka\AppData\Local\Skype
2014-03-22 10:41 . 2014-03-22 10:41 -------- d-----w- c:\program files\Common Files\Skype
2014-03-14 12:09 . 2014-03-14 12:09 -------- d-----w- c:\program files\CELOT-Wireless
2014-03-14 12:09 . 2010-07-17 08:33 168024 ----a-w- c:\windows\system32\drivers\XICTAVSP.sys
2014-03-14 12:09 . 2010-07-17 08:33 168024 ----a-w- c:\windows\system32\drivers\XICTANmea.sys
2014-03-14 12:09 . 2010-07-17 08:33 168024 ----a-w- c:\windows\system32\drivers\XICTAMDM.sys
2014-03-14 12:09 . 2010-05-20 06:21 319456 ----a-w- c:\windows\system32\DIFxAPI.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-03 07:27 . 2014-01-05 19:38 180760 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-04-03 07:27 . 2014-01-05 19:38 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-04-03 07:27 . 2011-06-07 04:52 776976 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-04-03 07:27 . 2010-11-28 00:02 411552 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-04-03 07:27 . 2010-11-28 00:02 54832 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2014-04-03 07:27 . 2010-11-28 00:02 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2014-04-03 07:27 . 2010-11-28 00:02 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-04-03 07:27 . 2010-11-27 23:59 271264 ----a-w- c:\windows\system32\aswBoot.exe
2014-03-28 13:43 . 2014-03-28 13:43 388096 ----a-r- c:\users\DiTečka\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2014-03-28 13:43 . 2014-03-28 13:43 388096 ----a-r- c:\users\DiTečka\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2014-03-12 14:27 . 2012-09-01 10:05 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-03-12 14:27 . 2011-06-23 07:40 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2010-06-02 04:22 . 2010-06-02 04:22 89944 ----a-w- c:\program files\DSETUP.dll
2010-06-02 04:22 . 2010-06-02 04:22 537432 ----a-w- c:\program files\DXSETUP.exe
2010-06-02 04:22 . 2010-06-02 04:22 1801048 ----a-w- c:\program files\dsetup32.dll
2008-07-02 02:28 . 2008-07-02 02:28 61440 ----a-w- c:\program files\Common Files\CPInstallAction.dll
2012-08-13 18:39 . 2011-05-30 20:17 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-04-03 07:27 260976 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2012-06-26 1516632]
"T-Mobile CManager"="c:\program files\T-Mobile\T-Mobile Internet Manager\Manager.exe" [2013-10-31 2166552]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2014-02-10 20922016]
"Zoner Photo Studio Autoupdate"="c:\program files\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE" [2012-12-04 773728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControlUser"="c:\program files\ATK Hotkey\HcontrolUser.exe" [2008-01-11 98304]
"ATKMEDIA"="c:\program files\ASUS\ATK Media\DMedia.exe" [2008-06-24 159744]
"SwitchBoard"="c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-12-13 11487848]
"UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"Nástroj WD Drive Unlocker"="c:\program files\Western Digital\WD Security\WDDriveAutoUnlock.exe" [2012-09-06 1688008]
"CNAP2 Launcher"="c:\windows\system32\spool\DRIVERS\W32X86\3\CNAP2LAK.EXE" [2010-10-14 226784]
"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2014-04-03 3854640]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-10-2 795936]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^Users^DiTečka^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk]
path=c:\users\DiTečka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk
backup=c:\windows\pss\OpenOffice.org 3.2.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2012-04-04 04:09 446392 ------w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FileServe Manager Task]
2011-09-02 16:11 954648 ----a-w- c:\program files\FileServe Manager\FSStarter.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaSuite.exe]
2012-01-10 17:36 1083264 ----a-w- c:\program files\Nokia\Nokia Suite\NokiaSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-04-11 13:18 1233920 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2014-02-10 16:46 20922016 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VueMinder]
2012-03-04 20:55 7970816 ----a-w- c:\program files\VueSoft\VueMinder\VueMinder.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebcamMaxAutoRun]
2011-07-17 04:56 1038848 ----a-w- c:\program files\WebcamMax\wcmmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
2012-12-04 16:20 773728 ----a-w- c:\program files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
.
S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-30 169408]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
bthsvcs REG_MULTI_SZ BthServ
MbnExt REG_MULTI_SZ MbnExt
.
Obsah adresáře 'Naplánované úlohy'
.
2014-04-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-01 14:27]
.
2014-04-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-27 23:35]
.
2014-04-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-11-27 23:35]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
IE: Download with FileServe Manager - c:\program files\FileServe Manager\GetUrl.htm
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Převést cíl vazby do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Připojit cíl vazby k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files\ICQ7.7\ICQ.exe
FF - ProfilePath - c:\users\DiTečka\AppData\Roaming\Mozilla\Firefox\Profiles\csnhkzpq.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.lide.cz
FF - prefs.js: network.proxy.type - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-04-04 10:18
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\Services\EverestDriver]
"ImagePath"="\??\c:\program files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'Explorer.exe'(5204)
c:\program files\RocketDock\RocketDock.dll
c:\program files\WIDCOMM\Bluetooth Software\btmmhook.dll
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\ATK Hotkey\ASLDRSrv.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files\Google\Update\1.3.23.9\GoogleCrashHandler.exe
c:\program files\ATK Hotkey\Hcontrol.exe
c:\program files\ATK Hotkey\MsgTranAgt.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\program files\Ergonomic Soft\Ergonomic Setup Center\firebird\bin\fbserver.exe
c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\windows\system32\conime.exe
c:\windows\system32\nlssrv32.exe
c:\program files\TeamViewer\Version7\TeamViewer_Service.exe
c:\program files\ATK Hotkey\ATKOSD.exe
c:\program files\Western Digital\WD Drive Manager\WDDriveService.exe
c:\program files\ATK Hotkey\WDC.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\windows\ehome\ehmsas.exe
c:\windows\system32\spool\DRIVERS\W32X86\3\CNAP2RPK.EXE
c:\windows\system32\spool\DRIVERS\W32X86\3\CNABFSWK.EXE
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
c:\program files\Alwil Software\Avast5\AvastEmUpdate.exe
.
**************************************************************************
.
Celkový čas: 2014-04-04 10:24:35 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-04-04 08:24
ComboFix2.txt 2014-04-03 10:01
ComboFix3.txt 2014-03-31 09:21
.
Před spuštěním: 4 599 390 208
Po spuštění: 4 215 103 488
.
- - End Of File - - ACFD953955C6D23B5709741CBACAB4DA
5C616939100B85E558DA92B899A0FC36

[jaro3]

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

c:\users\DiTečka\AppData\Roaming\Ydobg znáš ten program?